Create an Account
username: password:
 
  MemeStreams Logo

If you've seen one, you've seen them all

search

Thrynn
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Thrynn's topics
Arts
  Music
   Music Styles
    Blues
    Classical
    Classic Rock
    Electronic Music
    Folk
    Heavy Metal
    Indie Rock
    Industrial
    Jazz
    Punk
  Cartoons
Business
Games
  Video Games
   PC Video Games
   Console Video Games
   Multiplayer Online Games
Health and Wellness
Home and Garden
Miscellaneous
  Humor
  MemeStreams
Current Events
Recreation
Local Information
  Atlanta
Science
Society
  Economics
  Civil Liberties
   Internet Civil Liberties
   Surveillance
  Military
  Philosophy
  Relationships
  Religion
Sports
Technology
  Computers
   (Computer Security)
    Cryptography
   Cyber-Culture
   Computer Networking
   Computing Platforms
    FreeBSD
    Linux
    Microsoft Windows
    OpenBSD
    Sun
   Software Development
    Open Source Development
    Perl Programming
    PHP Programming
   Web Design
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Current Topic: Computer Security

Billy Hoffman: 'Would you like a destoyed Internet with your JavaScript?'
Topic: Computer Security 1:29 pm EDT, Mar 26, 2007

A security researcher at ShmooCon on Saturday demonstrated, but did not release, a tool that turns the PCs of unknowing Web surfers into hacker help.

As expected, SPI Dynamics researcher Billy Hoffman demonstrated a Web application vulnerability scanner written in JavaScript. The tool, called Jikto, can make an unsuspecting Web user's PC silently crawl and audit public Web sites, and send the results to a third party, Hoffman said.

"The whole point was to show how scary cross-site scripting has become."

"Once one person has talked about the ability to do it, it doesn't take that long for somebody else to come up with it," said one ShmooCon attendee who asked to remain anonymous. "It will come out."

There are already 50k hits for a Google search on "Jitko". A few comments from around the web: Jeremiah Grossman, of Whitehat Security, and "Pascal". Anurag Agarwal offered a Reflection on Billy Hoffman, along with a photo:

This week on Reflection we have a very young guy from the webappsec field.

Billy’s knowledge on Ajax is tremendous ... his ability to think differently has helped him achieve so much in such a short time.

I got a chance to meet with him in the WASC meetup at RSA. He is a very lively character. Let me put it this way, if billy is a part of a conversation, you won’t get bored even if you just stand there and listen.

Billy got an amazing amount of press out of this one. Google is up to 74,000!

Billy Hoffman: 'Would you like a destoyed Internet with your JavaScript?'


freshmeat.net: Search results - Modbus
Topic: Computer Security 11:38 pm EDT, Oct  5, 2005

Freshmeat MODBUS projects

freshmeat.net: Search results - Modbus


freshmeat.net: Search results - scada
Topic: Computer Security 11:37 pm EDT, Oct  5, 2005

Freshmeat SCADA projects

freshmeat.net: Search results - scada


Linux in Control
Topic: Computer Security 11:36 pm EDT, Oct  5, 2005

Some Linux SCADA/PLC Links

Linux in Control


Modbus-IDA
Topic: Computer Security 11:34 pm EDT, Oct  5, 2005

Modbus - SCADA protocol information

Modbus-IDA


The Center for SCADA Security
Topic: Computer Security 11:33 pm EDT, Oct  5, 2005

Sandia's SCADA information

The Center for SCADA Security


Security for Critical Infrastructure SCADA Systems
Topic: Computer Security 11:33 pm EDT, Oct  5, 2005

SANS paper on SCADA

Security for Critical Infrastructure SCADA Systems


knock - a port-knocking implementation
Topic: Computer Security 4:31 am EDT, Apr 15, 2004

knockd is a port-knock server. It listens to all traffic on an ethernet interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.

knock - a port-knocking implementation


Security Blog
Topic: Computer Security 12:06 am EST, Mar 21, 2004

Interesting sec blog.. good links

Security Blog


CampusWide Information Mirror (Socialfreedom)
Topic: Computer Security 12:58 am EDT, Apr 15, 2003

From Read_Me.txt in dir:
] These files mirror, brought to you courtesy of V1ru5,
] TheVoidAKABoB, and SystemFailure, seem to go well
] with the presentation that Acidus was to give at
] Interz0ne.

Lots of information on the Blackboard CampusWide system.

CampusWide Information Mirror (Socialfreedom)


<< 1 - 2 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0