Tools

Cookie Monster - cookie analysis, done the python way.
TScrack - terminal services + weak password = cracked.
Penetration Tester's Toolkit - because you're worth it.
SQL Fuzz List - it's all about the backend.
XSS Fuzz List - your cookies taste good.

Tag Cloud

Other Posts

All your wireless probes are belong to my FON+
I've been so busy with work (on the road recently), life and my part-time PhD sucking everything out of me…
OWASP Top Ten 2010
I'm a couple of days late with this on my blog... If it feels a bit quiet here you should…
FON+ ...in a world of pain
Turns out my FON+ not only has the latest firmware but also had redboot bound to 0.0.0.0 so I…
UK Garage, bringing back the old school
I grew up with UK Garage, a genre of music that was quite massive throughout the late 90's.  It kind…
Skipfish - Automated Web Security Scanner
Michal Zalewski has come up with some more goodness, this time an automated web security scanner, launched via Google.I am…
Overflowing Buffers in Windows, Jackpot Styleee
So back in the day, about 4 years ago, when I was about 21 or so, I created a little…
Introducing Ncrack, a Network Brute Forcer on Crack
"Ncrack is an open source tool for network authentication cracking. It was designed for high-speed parallel cracking using a dynamic…
Hash Me Up (Mac OS X Styleee)
On a good day you'll catch me on my MacBook Pro like any other Apple fanboy.  However, I was on…
Kneber Botnet - The End is Nigh! Not Quite!
Just a quick one this morning...  A botnet has been discovered that has apparently hijacked more than 75,000 boxes across…
Web 2.0 + People = New Challenges
This article originally appeared on Verizon Business' ThinkForward blog.  It is written by me with a different audience in mind…