Webappsec->General
How to Do Application Logging Right
August 16, 2010 Added by:Anton Chuvakin
Organizations have finally gotten network device logging and server logging under control. However, security incident investigators trying to respond to the next wave of attacks have been thrust into the horrific world of application logging....
Comments (2)
Bullet Proof Hosting: Strengths and Weaknesses
August 11, 2010 Added by:Nathaniel Markowitz
BP hosting, like other cyber-criminal activities, has proven highly adept at predicting and reacting to potential threats to their operations. This is demonstrated by the rapidity with which malicious domains repopulate despite being taken down or having their preferred ISPs shut down...
Comments (0)
Strategies for Choosing the Right Pen Test
August 08, 2010 Added by:Ron Lepofsky
Pen tests may seem like a security test panacea. However they have been known to go terribly wrong and become vastly expensive. Here’s what you need to know to make sure you get the results you want at the price you expect...
Comments (1)
Feedback on SANS Top 7 Essential Log Reports
August 06, 2010 Added by:Anton Chuvakin
Thanks for overwhelming community response. The list has grown and is on the verge of becoming unwieldy, so I am about to close the comment period, write up the doc - any smokin’ hot log reports to add? Anything I should take OFF the list for not being top and essential?
Comments (0)
Windows Server 2008 R2 SP 1 Beta Note and Download
August 03, 2010 Added by:Jay Ferron
Businesses are increasingly looking to leverage the efficiency and cost savings that can come from a virtualized desktop infrastructure. With the addition of Microsoft RemoteFX in Windows Server 2008 R2 SP1, a new set of remote user experience capabilities is introduced...
Comments (0)
Brute-Forcing Compatibility
July 31, 2010 Added by:Rob Fuller
A bunch of sites on the web give you different pages depending on the browser you use to view it. Well, sometimes this leads to bad coding practices, so I had an idea to take Burp's Intruder and "Brute Force" any compatibility coding that a site may have...
Comments (0)
PlugBot: Research Project for Pen Testing
July 28, 2010 Added by:Jeremiah Talamantes
PlugBot is a hardware bot designed to be used during physical penetration tests. It's a tiny computer the size of a power adapter that is capable of scanning the local network and reporting scan results to a central location...
Comments (0)
On Legislating Global Internet Freedom
July 27, 2010 Added by:Richard Stiennon
We must keep a wary eye on this 111th Congress that has over 40 measures under consideration that bear on highly technical issues. Global Internet Freedom will be best served by governments of all types avoiding any meddling in the still young Internet...
Comments (0)
CyberScope – Offensive Cyber Weaponry System
July 24, 2010 Added by:Dan Dieterle
Rsignia develops and creates cyber security solutions that detect, capture and monitor modern threats. It has the ability to detect incoming threats, and then block, disable, or counterattack, all at real time speed...
Comments (5)
Internet Threat Monitoring Environments
July 22, 2010 Added by:Brent Huston
HITME is a set of deployed HoneyPoints that gather real time attacker data from around the Internet including attack sources, frequency, targeting information, vulnerability patterns, exploits, malware and other crucial event data for the technical team to analyze...
Comments (0)
How To Test for DNS Compatibility
July 16, 2010 Added by:Simon Heron
L.ROOT-SERVERS.NET was the first to switch to a signed copy of the root zone and can be used for testing. This version has been configured deliberately so that it cannot be validated. Its purpose is to allow operators to test whether they can receive signed responses cleanly...
Comments (0)
Name Servers and DNS Infrastructure
July 15, 2010 Added by:Nathaniel Markowitz
The NS naming structure provides an important insight into how criminal operations attempt to avoid down-time and service interruption. Due to the dubious nature of their activities, such organizations create a redundant infrastructure in order to support their activities...
Comments (0)
Splunk 4 Users Review
July 12, 2010 Added by:Brent Huston
Splunk is a log collection engine at heart, but it’s really more than that. Think of it as search engine for your IT infrastructure. It will actually collect and index anything you can throw at it, and this is what made me want to explore it...
Comments (1)
Man In The Middle Attack Explained
July 11, 2010 Added by:Bozidar Spirovski
First, a quick definition, a man in the middle (MitM) attack is an attack where the communication which is exchanged between two users is surreptitiously monitored and possibly modified by a third, unauthorized, party...
Comments (0)
A Review of DarkJumper v5.7
July 10, 2010 Added by:Brent Huston
Allowing our servers to execute code from an unknown source is one of the most popular attack vectors today from SQL injection, to XSS and XSRF, to RFI. The Internet continues to be a digital equivalent to the wild, wild west, where outlaws abound...
Comments (1)
Fingerprinting web applications
July 03, 2010 Added by:Lee Mangold
Fingerprinting servers for OS details has been a common practice in the hacker community for years. However, little attention has been given to the fingerprinting of the specific applications. I'm not talking about determining what server or OS you run, I want to know specifically what CMS, portal package or even what API you use!
Comments (3)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform