Here is my proof-of-concept exploit for the Cisco Security Agent Management st_upload Remote Code Execution Vulnerability (ZDI-11-088) I reported to ZDI a little while back. CVE ID: CVE-2011-0364
w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. w3af is a great (and getting better) framework that READ MORE
If you haven’t played with NotchUp.com yet, you should take a look. It seems like a very promising site. I mean come on, who wouldn’t want to get paid to interview for a job? If you think it’s all small READ MORE
WassUp is a new WordPress plugin to track your visitors in real time. It has a very readable and fancy admin console to keep tracks of your blogâ€™s users visits. It has a “current visitors online” view and a more READ MORE
RSnake has started a ‘Diminutive XSS Worm Replication Contest’ and in doing so has sparked a really interesting thread on sla.ckers.org. Definitely worth the read and to keep an eye on.