Last 50 'Reviews' Tagged Posts

Google's intentions are good, but implementation leave MORE users vulnerable to hacking than before

In 2010 I wrote an article about a flaw Google discovered, and published working exploit code when no fix or mitigation existed. This allowed attackers to immediately start using the flaw to hack Google's own users (in this case, the world). Since then Google has announced a new program 'Project Zero' which...

Application Security Vendors Need Help With Reporting

I've been reading web application vulnerability reports from tools and services for 6-7 years and found that 99% of these reports are geared towards security engineers or system administrators. Many of the reports I see focus on The type of flaw and what it its impact is The URL affected Links to...

Web Application Scanners Comparison

anantasec posted a scanner comparison to the web security mailing list today. "In the past weeks, I've performed an evaluation/comparison of three popular web vulnerability scanners.This evaluation was ordered by a penetration testing company that will remain anonymous. The vendors were not contacted during or after the evaluation. The applications (web scanners)...

Automated security testing & its limitations

"The team I work in uses both automated scanners, along with a few humans testing (minimum of 2)… A good tester should know the weaknesses of the automated testers.. The problem with automated testers, is, simply put, they are not human. That is they will not have intuition that a given function...

Reviews: Security scans with OpenVAS

" As important as security is, remaining current with every development is hard, and evaluating possible vulnerabilities across a network can be quite a chore. You need a way to both automate tests and make sure you're running the most appropriate and up-to-date tests. Open Vulnerability Assessment System (OpenVAS) is a network...

Automatic Patch-Based Exploit Generation

"The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P'. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can...

Cracking passwords the Web application way: A rundown of web based haxoring tools

This article reviews various tools that can be used to brute force web forms and web based auth. "This mish-mash of security is the basis of Web login vulnerabilities and why passwords are often easily cracked. Be it form-based, HTTP Basic, or NT LAN Manager (NTLM) (the three main types of authentication...

Article: Analyzing the Effectiveness and Coverage of Web Application Security Scanners

Larry Suto has written a paper reviewing Webinspect, Appscan, and NTO Spider. From the article "The study centered around testing the effectiveness of the top three web application scanners in the following 4 areas. 1. Links crawled 2. Coverage of the applications tested using Fortify Tracer 3. Number of verified vulnerability findings...

Rolling Review Wrap-up: Web Application Scanners

The final review of Web application security scanners has been released by darkreading. "As we wrap up our four-month Rolling Review series, we do want to award some partial credit. While only IBM's WatchFire AppScan automatically handled our Ajax applications, Acunetix Web Vulnerability Scanner, Cenzic Hailstorm and Hewlett-Packard WebInspect (post-update) were capable...

Rolling Review: N-Stalker Web App Scanner

"The range of products calling themselves "security scanners" is so broad that the designation is flirting with irrelevance. You have your vulnerability assessment software, which uses large databases of known vulnerabilities. Then there are penetration-testing applications that focus on fewer vulnerabilities but include the ability to exploit flaws instead of just identify...

Rolling Reviews: Cenzic Hailstorm Enterprise Application Risk Controller

First the review of SPI Dynamics Webinspect was posted and now Networkcomputing has posted the review for Cenzic's Hailstorm ARC product. "We continue our ongoing review of Web application scanners with a look at Cenzic Hailstorm. While it performed relatively well, Cenzic's ARC Web Interface could use some gussying up. Cenzic's Hailstorm...

Rolling Reviews: SPI Dynamics WebInspect

For a long long time I have intentionally not posted news about commercial products or services however know that many of you who frequent this site are interested in those sorts of things. Part of the reason why I haven't posted news on commercial products is that I used to work for...

Top 15 free SQL Injection Scanners

"SQL Injection is perhaps the most common web-application hacking technique which attempts to pass SQL commands through a web application for execution by the back-end database. The vulnerability is presented when user input is incorrectly sanitized and thereby executed. Checking for SQL Injection vulnerabilities involves auditing your web applications and the best...

Automated Scanners vs. Low-Hanging Fruit

Jeremiah Grossman (Whitehat Security) has typed up an entry on automated vulnerability scanning verses humans. If you're in the position to perform an assessment it's worth the read. Article Link: http://jeremiahgrossman.blogspot.com/2007/02/automated-scanners-vs-low-hanging-fruit.html

Vulnerability Scanners Review

Someone has written up a review of 11 security scanners specifically. ISS Internet Security Systems SSS Shadow Security Scanner Retina eEye Nessus GFI Languard Network Security Scanner Qualys www.qualys.com Nstealth Security Scanner www.nstalker.com Nikto Whisker Infiltrator infiltration-systems.com Nscan "I was looking at 3 main areas while evaluating the scanners. 1. Comprehensiveness of...

Review: CEH Via Self Study

Donald C. Donzal writes "I remember the first time I heard about the Certified Ethical Hacker certification. It was around the time that I was studying for my CISSP, and I was quite intrigued simply by the name of the certification. Upon first visiting the EC-Council website to find out more about...