User contributions

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

• 15:34, 30 September 2008 (diff | hist) . . (+494)‎ . . N Session Strength Analysis With Stompy ‎ (New page: '''Description''' Stompy performs NIST FIPS statistical tests on session generation and checks for correlations between arbitrary bits. A truly random token never exhibits correlation bet...) (current)
• 15:33, 30 September 2008 (diff | hist) . . (+826)‎ . . N Owning the box Via Web Application Flaw ‎ (New page: '''Description''' See how an attacker can use our recent discovery of File-Upload vulnerability in Gmail-Lite to 0wn the entire box. This is to teach developers how a flaw in web applicat...) (current)
• 15:31, 30 September 2008 (diff | hist) . . (+404)‎ . . N Trusting The Vulnerability Scanner: Danger of False Negative Sign ‎ (New page: '''Description''' This movie is to educate developers who put their entire trust on security/vulnerability scanners. False Negative means "Scanner says it doesn't find any X vulnerability...) (current)
• 15:30, 30 September 2008 (diff | hist) . . (+613)‎ . . N OWASP WebGoat Web Hacking Simulation Series ‎ (New page: '''Description''' A Series of Full-Featured Web Hacking WalkThrough Simulations played in OWASP WebGoat v5.1 environment. General - Code Quality - Concurrency - Unvalidated Parameters - A...) (current)
• 15:29, 30 September 2008 (diff | hist) . . (+459)‎ . . N Attacking Spammers with PhpMySpamFighter ‎ (New page: '''Description''' Spammers use email collectors programs to grap our site visitors' emails. See our phpMySpamFighter Dos-attacks their programs. We hope there will be less spammers if thi...) (current)
• 15:28, 30 September 2008 (diff | hist) . . (+324)‎ . . N Evading Firefox XSS-Warning Addon Filter ‎ (New page: '''Description''' Just one example of how attackers can easily bypass today's security controls. We shouldn't too much reply on security products which have their own weaknesses. Size: 16...) (current)
• 15:27, 30 September 2008 (diff | hist) . . (+724)‎ . . N Performing Directory Brute-Force Attack ‎ (New page: '''Description''' There are dozens of tools that let us brute-forcing directories names for sensitive information digging. In this movie, we illustrated Directory Brute-Forcing with the t...) (current)
• 15:25, 30 September 2008 (diff | hist) . . (+232)‎ . . N Exploiting Logic Flaw ‎ (New page: '''Description''' This demonstration shows you on how a flaw in coding reveals sensitive information! Size: 2.75 MB '''Download:''' http://yehg.net/lab/pr0js/files.php/exploiting-logic...) (current)
• 15:25, 30 September 2008 (diff | hist) . . (+556)‎ . . N Desirable Input Validation Baseline Check ‎ (New page: '''Description''' This demonstration shows you on how you should implement baseline acceptable input filtering on visitors' inputs. Filtering inputs are the most important because 100% in...) (current)
• 15:23, 30 September 2008 (diff | hist) . . (+20)‎ . . Finding XSS with Automated Tool ‎ (current)
• 15:22, 30 September 2008 (diff | hist) . . (+328)‎ . . N How Bad Guys Steal your Login Info Smartly ‎ (New page: '''Description''' This demonstration shows you how bad guys or malicious web sites steal your login accounts info of your daily visited sites by exploiting via web browser's autoComplete ...) (current)
• 15:19, 30 September 2008 (diff | hist) . . (+35)‎ . . Finding XSS with Automated Tool ‎
• 15:16, 30 September 2008 (diff | hist) . . (+396)‎ . . N Finding XSS with Automated Tool ‎ (New page: This training shows you how to automate finding xss holes with fuzzers in quick and easy manner. '''Download:''' http://yehg.net/lab/pr0js/files.php/scanning_xss.zip '''Interactive Ve...)
• 14:53, 30 September 2008 (diff | hist) . . (+5)‎ . . Category:Non-OWASP Papers ‎ (→‎Papers) (current)
• 14:39, 30 September 2008 (diff | hist) . . (+2,055)‎ . . Category:Non-OWASP Papers ‎
• 14:19, 30 September 2008 (diff | hist) . . (+19)‎ . . Category:Non-OWASP Papers ‎
• 13:58, 30 September 2008 (diff | hist) . . (+93)‎ . . N Category:Non-OWASP Papers ‎ (New page: This page is dedicated to sites that provide web app sec papers which do not belong to OWASP.)
• 13:29, 30 September 2008 (diff | hist) . . (+1,003)‎ . . N PHP My Spam Fighter ‎ (New page: ==Description== It makes/fills email extractors/spammers' programs with thousands of fake email addresses endlessly dynamically generated by phpMySpamFighter. So even if your site visito...) (current)
• 12:41, 30 September 2008 (diff | hist) . . (+411)‎ . . N Google Hacker ‎ (New page: ==Description== A lightweight Windows HTA Application useful as your regular google hacking tool on Windows platform.A comprehensive search form bundled with sensitive keywords. It's capa...) (current)
• 15:41, 29 September 2008 (diff | hist) . . (0)‎ . . GreaseMonkey Web Security Toolkit ‎ (→‎Current Scripts) (current)
• 15:40, 29 September 2008 (diff | hist) . . (+60)‎ . . GreaseMonkey Web Security Toolkit ‎
• 15:38, 29 September 2008 (diff | hist) . . (+116)‎ . . GreaseMonkey Web Security Toolkit ‎
• 15:36, 29 September 2008 (diff | hist) . . (-6)‎ . . Ultimate Hackerfox Addons ‎ (current)
• 15:36, 29 September 2008 (diff | hist) . . (-6)‎ . . Php-DDOS-Shield ‎ (current)
• 15:36, 29 September 2008 (diff | hist) . . (-6)‎ . . NiktoFE ‎
• 15:34, 29 September 2008 (diff | hist) . . (-12)‎ . . Nikto ‎
• 15:20, 29 September 2008 (diff | hist) . . (+171)‎ . . Category:Non-OWASP Open Tool ‎ (current)
• 15:17, 29 September 2008 (diff | hist) . . (+17)‎ . . Category:Non-OWASP Trainings ‎ (current)
• 15:16, 29 September 2008 (diff | hist) . . (+602)‎ . . N PHP Login Info Checker ‎ (New page: ==Description== In your web applications wherever user/admin registration is required, use this checker script to strictly enforce admins/users to select stronger passwords. It tests cra...) (current)
• 15:04, 29 September 2008 (diff | hist) . . (+495)‎ . . N JHijack ‎ (New page: '''Description''' A simple Java Fuzzer mainly used for numeric session hijacking and parameter enumeration. '''Demonstrations''' Session Hijacking http://yehg.net/lab/pr0js/files...)
• 14:40, 29 September 2008 (diff | hist) . . (-19)‎ . . Category:Non-OWASP Open Tool ‎
• 14:33, 29 September 2008 (diff | hist) . . (+107)‎ . . N Category:Non-OWASP Trainings ‎ (New page: '''Description''' The page is dedicated to web application security trainings that do not belong to OWASP.)
• 14:24, 29 September 2008 (diff | hist) . . (+544)‎ . . N PHP BruteForce Attack Detector ‎ (New page: '''Description''' (Former name: Php Attack Detection Engine) to detect your web servers being scanned by brute force tools such as WFuzz, OWASP DirBuster and vulnerability scanners such a...) (current)
• 15:49, 28 September 2008 (diff | hist) . . (+2,865)‎ . . N GreaseMonkey Web Security Toolkit ‎ (New page: '''Description''' A collection of Greasemonkey scripts written by Aung Khant from http://yehg.net that aim to provide security for you and your site. We love to write Greasemonkey scripts...)
• 15:41, 28 September 2008 (diff | hist) . . (+395)‎ . . N Php-DDOS-Shield ‎ (New page: '''Description''' Php-Distributed Denial-of-Server Preventor. Nothing can stop DDOS? Don't be amazed. This is a tricky script to prevent idiot distributed bots which discontinue their flo...)
• 15:36, 28 September 2008 (diff | hist) . . (+629)‎ . . N Ultimate Hackerfox Addons ‎ (New page: '''Description''' A collection of Firefox addons which are used in web application security testings. We zip-bundle hacking addons with runnable invokers (run.exe in Windows, run.pl in Li...)
• 15:13, 28 September 2008 (diff | hist) . . (+445)‎ . . N NiktoFE ‎ (New page: '''Description''' Nikto FrontEnd (Nikto UI) is what just wraps GUI to the all-time famous nikto.pl by Sullo (CIRT Inc). It was JGUI-mized by Aung Khant. It usually takes several minutes(e...)
• 15:42, 27 September 2008 (diff | hist) . . (+3,712)‎ . . Nikto ‎
• 17:29, 10 September 2008 (diff | hist) . . (+451)‎ . . Brute force attack ‎ (→‎Related Threat Agents)
• 15:38, 5 August 2008 (diff | hist) . . (+1,118)‎ . . Phoenix/Tools ‎ (→‎PHP static analysis and file inclusion scanning)
• 15:22, 5 August 2008 (diff | hist) . . (0)‎ . . Phoenix/Tools ‎ (→‎HTTP general testing / fingerprinting)
• 15:21, 5 August 2008 (diff | hist) . . (-23)‎ . . Phoenix/Tools ‎ (→‎Browser Defenses)
• 15:16, 5 August 2008 (diff | hist) . . (0)‎ . . Category:OWASP WebGoat Project ‎ (→‎Movie Solutions)
• 14:58, 5 August 2008 (diff | hist) . . (+20)‎ . . Category:OWASP WebScarab Project ‎ (→‎Training Movies)
• 14:54, 2 August 2008 (diff | hist) . . (+143)‎ . . Category:OWASP WebScarab Project ‎ (→‎Features)
• 15:25, 1 August 2008 (diff | hist) . . (+7)‎ . . Phoenix/Tools ‎ (→‎HTTP general testing / fingerprinting)
• 15:14, 1 August 2008 (diff | hist) . . (+98)‎ . . Phoenix/Tools ‎ (→‎Browser-based security fuzzing / checking)
• 15:46, 29 June 2008 (diff | hist) . . (+1)‎ . . m Category:OWASP Testing Project ‎ (→‎Related)
• 15:45, 29 June 2008 (diff | hist) . . (+134)‎ . . m Category:OWASP Testing Project ‎ (→‎Old Testing Guide Download)
• 14:55, 29 June 2008 (diff | hist) . . (+1)‎ . . Category:OWASP WebGoat Project ‎ (→‎Movie Solutions)

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)