December 17th, 2010 | by NJ Ouchn
The OWASP AntiSamy project is a few things. Technically, it is an API for ensuring user-supplied HTML/CSS is in compliance within an application's rules. Another way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., that get persisted on the server. The term "malicious code" in regards to web applications usually mean "JavaScript." Cascading Stylesheets are only considered malicious when they invoke the JavaScript engine
December 17th, 2010 | by NJ Ouchn
IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them
December 17th, 2010 | by NJ Ouchn
The Metasploit Framework is a development platform for creating security tools and exploits.
December 15th, 2010 | by NJ Ouchn
Here are the big areas that affect us: 1. All locations and flows of cardholder data need to be identified/documented [&hellip
December 15th, 2010 | by NJ Ouchn
Razorback is a framework for an intelligence driven security solution. It consists of a Dispatcher at the core of the system, surrounded by Nuggets of varying types.
December 15th, 2010 | by NJ Ouchn
Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software
February 12th, 2007 | by NJ Ouchn
Internet is an amazing virtual world where you can “virtually” do anything : gambling, playing, watching movies, shopping, working, “VoIPying†[&hellip