Microsoft Patch Tuesday, October 2012 – Legend of Zelda Edition
October 09, 2012 | Admin
Hope you enjoyed last months light patch Tuesday with only two bulletins as ...
Microsoft Advanced Notification for October 2012 – Lync, SQL, Headache
October 05, 2012 | Admin
Microsoft has released its Advanced Notification for October 2012. After last ...
The Grey Line Between Feature and Vulnerability, iOS edition
October 02, 2012 | Mike Park
I do a lot of Mobile Application Penetration testing for some of our largest ...
James Bond's Dry Erase Marker: The Hotel PenTest Pen
October 01, 2012 | Admin
You may have seen the talk and demonstration by Cody Brocious that allows him ...
Smart Phone + Mail Server = Location Tracking
September 28, 2012 | Admin
My last two posts have touched on the privacy perspective in relation tomobile ...
Good things happen when Forensics and Malware Analysis work together.
September 28, 2012 | Grayson Lenik
The SpiderLabs Incident Response team worked a case earlier this year where ...
Trustwave SpiderLabs in Africa
September 28, 2012 | Admin
Africa. The land of origin; the original unknown.
Update from Trustwave SpiderLabs EMEA
September 28, 2012 | Admin
Europe, Middle East and Africa consists of around 120 countries depending on ...
Update from Trustwave SpiderLabs EMEA
September 28, 2012 | Admin
Europe, Middle East and Africa consists of around 120 countries depending on ...
Adding Anti-CSRF Support to Burp Suite Intruder
September 28, 2012 | Ulisses Alburquerque
In the web application penetration testing industry, Burp Suite is considered a ...
FinSpy Mobile - Configuration and Insight
September 27, 2012 | Josh Grunzweig
A couple of weeks ago, Citizen Lab announced the discovery of the mobile ...
Oops, I pwned your router - Part Two
September 26, 2012 | Admin
In the last blog post, "Opps I pwned your router Part One", I talked about some ...
Getting in with the Proxmark 3 and ProxBrute
September 26, 2012 | Admin
As a member of the Physical Security team here at SpiderLabs, some of my job ...
Guidance for firms using the NetAccess N-1000
September 26, 2012 | Jonathan Werrett
SpiderLabs' Incident Response team has recently seen credit card fraud ...
JSON Hijacking Demystified
September 24, 2012 | Rohini Sulatycki
JavaScript Object Notation (JSON) is a language and platform independent format ...
Wherever you come from, you can meet BeEF
September 24, 2012 | Admin
This year I've been very busy in terms of conferences, and ...
CVSS for Penetration Test Results (Part II: Attack Sequences)
September 24, 2012 | Tim Maletic
CVSS needs to be extended to accommodate combinations of vulnerabilities. The ...
The First Few Months of Penetration Testing: What they don't teach you in School
September 24, 2012 | Alex Fernandez-Gatti
I entered into school with the hope and dream of someday entering into the ...
Analysing X-Cart Compromises
September 24, 2012 | Marc Bown
Recently I've found myself performing a lot of forensic examinations of X-Cart ...
Oracle DBMS_Scheduler Fun on Windows!
September 20, 2012 | Admin
So, last time I showed how to get a Unix reverse shell up and running just by ...
The New Zero-Day in Internet Exploder (Oops… Explorer)
September 20, 2012 | Rami Kogan
The ride on the rollercoaster called the web security world never stops and ...
Web Application Defense: Bayesian Attack Analysis
September 20, 2012 | Admin
Regular Expressions for Input Validation If your web application defensive ...
Exploiting Users By Non-technical Means; or, “S Users Do”
September 18, 2012 | Barry O’Connell
Numerous technical articles emerge each day about the latest vulnerabilities, ...
Chat server fuzzing, Part 1. The Beginning
September 14, 2012 | Art Dahnert
This article (along with subsequent articles) will cover the journey I've taken ...
No, the Internet Does Not ‘Just Work’
September 12, 2012 | Space Rogue
The recent GoDaddy DNS outage illustrates that the Internet does not just work ...
Microsoft Patch Tuesday September 2012 – Update those Certs!
September 11, 2012 | Admin
As we mentioned last week there are only two patches this month! Not to mention ...
Vulnerability Spidey Sense - Demystifying PenTesting Intuition
September 10, 2012 | Chris Vinecombe
In Louisville, Kentucky next month at Derbycon, Daniel Crowley and I will be ...
PenTesting: From Low Risk Issues to Sensitive Data Compromising
September 07, 2012 | Bruno Oliveira
Yes, I imagine you are probably tired to see blog posts about "real-world" ...