|
Error based SQL Injection
hot!
|
|
Hits: 51 |
|
Date added: 01/01/2008 |
|
How to use the database's errors as footholds to step further SQL attacks. |
|
|
|
|
|
|
SEH Overwrites Simplified
|
|
Hits: 16 |
|
Date added: 12/18/2007 |
|
This paper goes through the SEH Overwrites on two different Windows platforms using the aid of
diagrams of the stack. Of course information related to this will also be documented. A basic
knowledge of C, stack operation and exploiting stack based buffer overflows is assumed and
needed to understand the contents of this paper. |
|
|
|
|
|
InfoSecurity 2008 Threat Analysis
|
|
Hits: 21 |
|
Date added: 12/14/2007 |
|
An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking. |
|
|
|
|
|
Applying XSS to Phishing Attacks
|
|
Hits: 22 |
|
Date added: 12/11/2007 |
|
|
|
|
|
|
|
|
Common Security Problems in the Code of Dynamic We
|
|
Hits: 9 |
|
Date added: 12/06/2007 |
|
Common Security Problems in the Code of Dynamic Web Applications
The majority of occurring software security holes in web applications may be sorted into just two categories: Failure to deal with metacharacters, and authorization problems due to giving too much trust in input. This article gives several examples from both categories, and then adds some from other categories as well. |
|
|
|
