NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > WWW-Mobile-Code> 2006-q4

Most recent messages
127 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Mon Oct 02 2006 - 00:14:37 CDT
Ending: Sun Dec 31 2006 - 22:21:44 CST

FW: XML File Inclusion and Path Traversal Attacks (was RE: XML Port Scanning) Mark Mcdonald (Fri Sep 29 2006 - 01:04:30 CDT)
RE: Open Source Application Vulnerability Assessment Tools Arian J. Evans (Sun Oct 01 2006 - 16:39:48 CDT)
- RE: Open Source Application Vulnerability Assessment Tools Arian J. Evans (Mon Oct 02 2006 - 18:33:07 CDT)
RE: XML File Inclusion and Path Traversal Attacks (was RE: XML Port Scanning) Nish Bhalla (Fri Sep 29 2006 - 07:23:57 CDT)
JavaScript External Scanner (JSEScanner) David Kierznowski (Fri Sep 29 2006 - 03:54:05 CDT)
Call for panelists: "The role of frameworks (e.g., .Net, Java, Enterprise Library, Struts, JaCorb) in 'forcing' developers to create and deploy 'secure' applications" panel in the next OWASP Conference Dinis Cruz (Mon Oct 02 2006 - 21:48:44 CDT)
Full Disc Encryption use and implementation strategy Discussion Forum Saqib Ali (Mon Oct 02 2006 - 21:52:36 CDT)
PacSec 2006 announcement, EUSecWest 2007 Call For Papers (Mar 1-2, deadline Oct 20th) Dragos Ruiu (Tue Oct 03 2006 - 01:34:44 CDT)
Platform specific error codes. Zapotek (Tue Oct 03 2006 - 12:25:52 CDT)
- Re: Platform specific error codes. Eoin (Wed Oct 04 2006 - 05:33:57 CDT)
- Re: Platform specific error codes. Zapotek (Wed Oct 04 2006 - 05:57:45 CDT)
Netscape 8 inherits firefox, explorer vulnerabilities Emanuel Marufo (Tue Oct 03 2006 - 14:33:09 CDT)
- RE: Netscape 8 inherits firefox, explorer vulnerabilities Benjamin Tomhave (Wed Oct 04 2006 - 06:17:08 CDT)
Sharepoint and .Net Vlad (Tue Oct 03 2006 - 15:11:38 CDT)
Google code search Stephen de Vries (Thu Oct 05 2006 - 01:08:09 CDT)
- Re: Google code search Zapotek (Thu Oct 05 2006 - 01:46:09 CDT)
- Re: Google code search Ryan Barnett (Thu Oct 05 2006 - 07:55:51 CDT)
JavaScript Web Ping Tool David Kierznowski (Thu Oct 05 2006 - 06:25:27 CDT)
SQL In the Request bryan allott (Thu Oct 05 2006 - 10:28:37 CDT)
- RE: SQL In the Request Arian J. Evans (Fri Oct 06 2006 - 14:13:30 CDT)
RE: [WEB SECURITY] Re: SQL In the Request Ory Segal (Thu Oct 05 2006 - 11:37:37 CDT)
- RE: [WEB SECURITY] Re: SQL In the Request Erez Metula (Thu Oct 05 2006 - 12:00:46 CDT)
- RE: [WEB SECURITY] Re: SQL In the Request Nish Bhalla (Thu Oct 05 2006 - 12:26:16 CDT)
- RE: [WEB SECURITY] Re: SQL In the Request Jeff Robertson (Fri Oct 06 2006 - 07:21:56 CDT)
- RE: [WEB SECURITY] Re: SQL In the Request Rowland (Fri Oct 06 2006 - 09:04:03 CDT)
- RE: [WEB SECURITY] Re: SQL In the Request Jeff Robertson (Fri Oct 06 2006 - 07:10:33 CDT)
Re: [WEB SECURITY] Re: SQL In the Request bugtraqcgisecurity.net (Thu Oct 05 2006 - 15:00:29 CDT)
- Re: [WEB SECURITY] Re: SQL In the Request bryan allott (Fri Oct 06 2006 - 01:25:15 CDT)
- Re: [WEB SECURITY] Re: SQL In the Request bryan allott (Fri Oct 06 2006 - 03:42:08 CDT)
- Re: [WEB SECURITY] Re: SQL In the Request bryan allott (Fri Oct 06 2006 - 07:18:38 CDT)
- Re: [WEB SECURITY] Re: SQL In the Request Rick Zhong (Mon Oct 09 2006 - 22:05:55 CDT)
More Fun with CSS History Theft bugtraqcgisecurity.net (Fri Oct 06 2006 - 09:24:27 CDT)
OWASP Testing Guide v2: let's start! (Call for participation) Matteo Meucci (Sun Oct 08 2006 - 18:19:17 CDT)
Magic Quotes DokFLeed (Fri Oct 06 2006 - 06:00:04 CDT)
- Re: Magic Quotes DokFLeed (Tue Oct 10 2006 - 03:39:50 CDT)
- Re: Magic Quotes Tomek Perlak (Tue Oct 10 2006 - 05:19:50 CDT)
- RE: Magic Quotes Matt Fisher (Wed Oct 11 2006 - 10:16:58 CDT)
- Re: Magic Quotes Steve Slater (Tue Oct 10 2006 - 18:11:30 CDT)
- Re: Magic Quotes DokFLeed (Wed Oct 11 2006 - 20:14:20 CDT)
- Re: Magic Quotes Brad Lhotsky (Mon Oct 16 2006 - 16:29:12 CDT)
- Re: Magic Quotes DokFLeed (Tue Oct 17 2006 - 04:22:15 CDT)
- Re: Magic Quotes Brad Lhotsky (Tue Oct 17 2006 - 10:01:27 CDT)
- Re: Magic Quotes DokFLeed (Tue Oct 17 2006 - 12:57:44 CDT)
HITBSecConf2006 CTF Source code and daemons Praburaajan (Sun Oct 08 2006 - 19:00:45 CDT)
Black Hat CFP, Registration, and Announcements for October Jeff Moss (Thu Oct 12 2006 - 20:05:28 CDT)
Netflix.com XSRF vuln Dave Ferguson (Mon Oct 16 2006 - 08:51:41 CDT)
Teros or Citrix Application Firewall bill.fettersstateauto.com (Wed Oct 18 2006 - 13:28:27 CDT)
XSS - how to run script Tal Argoni (Thu Oct 19 2006 - 19:42:52 CDT)
- Re: XSS - how to run script A. R. (Thu Oct 19 2006 - 15:23:04 CDT)
- RE: XSS - how to run script Joshua Perrymon (Thu Oct 19 2006 - 18:09:46 CDT)
OWASP Report Generator (v0.75 corrupt on SourceForge?) James Strassburg (Fri Oct 20 2006 - 13:43:44 CDT)
2-factor auth for all Saqib Ali (Mon Oct 23 2006 - 23:14:57 CDT)
- Re: 2-factor auth for all Saqib Ali (Tue Oct 24 2006 - 09:43:00 CDT)
- Re: 2-factor auth for all Saqib Ali (Tue Oct 24 2006 - 09:51:44 CDT)
- Re: 2-factor auth for all Nick Owen (Tue Oct 24 2006 - 10:55:37 CDT)
- RE: 2-factor auth for all Benjamin Tomhave (Tue Oct 24 2006 - 08:14:47 CDT)
- Re: 2-factor auth for all David Kierznowski (Tue Oct 24 2006 - 03:31:42 CDT)
- RE: 2-factor auth for all Nick Owen (Tue Oct 24 2006 - 06:39:56 CDT)
Search Engine for Security and eSecurity Community Saqib Ali (Tue Oct 24 2006 - 11:56:03 CDT)
- Re: Search Engine for Security and eSecurity Community Stefano Di Paola (Fri Oct 27 2006 - 10:18:28 CDT)
- Re: Search Engine for Security and eSecurity Community Saqib Ali (Fri Oct 27 2006 - 11:59:23 CDT)
- Re: Search Engine for Security and eSecurity Community Rory McCune (Sat Oct 28 2006 - 11:11:09 CDT)
Why doesn't Amazon enforce a password policy? James Strassburg (Tue Oct 24 2006 - 12:34:13 CDT)
- Re: Why doesn't Amazon enforce a password policy? Peter Conrad (Fri Oct 27 2006 - 03:52:58 CDT)
- Re: Why doesn't Amazon enforce a password policy? Tom Whiting (Fri Oct 27 2006 - 07:32:01 CDT)
- Re: Why doesn't Amazon enforce a password policy? Jeff Robertson (Fri Oct 27 2006 - 07:41:39 CDT)
- RE: Why doesn't Amazon enforce a password policy? James Strassburg (Fri Oct 27 2006 - 09:18:43 CDT)
- Re: Why doesn't Amazon enforce a password policy? Jeff Robertson (Fri Oct 27 2006 - 10:42:15 CDT)
- RE: Why doesn't Amazon enforce a password policy? Brooks, Shane (Fri Oct 27 2006 - 12:40:17 CDT)
- Re: Why doesn't Amazon enforce a password policy? Jamie Riden (Sat Oct 28 2006 - 00:11:44 CDT)
- RE: Why doesn't Amazon enforce a password policy? Jason Gregson (Mon Oct 30 2006 - 06:34:26 CST)
- Re: Why doesn't Amazon enforce a password policy? Gunnar Rene Øie (Wed Nov 01 2006 - 06:10:13 CST)
- Re: Why doesn't Amazon enforce a password policy? Gunnar Rene Øie (Wed Nov 01 2006 - 06:16:55 CST)
Fuzzer Sources Mike Gibson (Wed Oct 25 2006 - 08:54:27 CDT)
- Re: Fuzzer Sources crazy frog crazy frog (Fri Oct 27 2006 - 22:20:23 CDT)
Cannibals are what they eat David Glosser (Wed Nov 01 2006 - 05:37:42 CST)
Educational write-up by Amit Klein: "A Refreshing Look at Redirection" Amit Klein (Thu Nov 02 2006 - 13:43:54 CST)
EUSecWest/London CFP extended to Nov. 7 Dragos Ruiu (Thu Nov 02 2006 - 18:31:59 CST)
How to find the login name of a user accessing my website Anurag Agarwal (Fri Nov 03 2006 - 20:13:40 CST)
- Re: How to find the login name of a user accessing my website Dhruv Soi (Sun Nov 05 2006 - 08:57:14 CST)
- Re: How to find the login name of a user accessing my website ed (Sun Nov 05 2006 - 13:08:20 CST)
- RE: How to find the login name of a user accessing my website Maxime Ducharme (Mon Nov 06 2006 - 09:43:39 CST)
XSS Shell v0.3.9 Ferruh Mavituna (Fri Nov 03 2006 - 16:29:17 CST)
New version of Reform encoding library Michael Eddington (Mon Nov 06 2006 - 15:16:48 CST)
.NET Web Service Validation Michael Eddington (Mon Nov 06 2006 - 15:51:05 CST)
Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006 Manh Tho (Tue Nov 07 2006 - 14:17:58 CST)
RE: [Full-disclosure] SQL Injection with cursors? Maxime Ducharme (Wed Nov 08 2006 - 13:21:43 CST)
RSS Injection in Sage part 2 David Kierznowski (Wed Nov 08 2006 - 18:18:57 CST)
Files upload security considerations Alexander Berezhnoy (Thu Nov 09 2006 - 03:12:52 CST)
- Re: Files upload security considerations ed (Thu Nov 09 2006 - 08:11:52 CST)
- Re: Files upload security considerations Cleiton Martins (Thu Nov 09 2006 - 09:18:57 CST)
- Re: Files upload security considerations c0redumpackers.org.uk (Thu Nov 09 2006 - 10:34:13 CST)
- Re: Files upload security considerations c0redumpackers.org.uk (Thu Nov 09 2006 - 15:38:56 CST)
- Re: Files upload security considerations Peter Butler (Thu Nov 09 2006 - 19:06:43 CST)
- Re: Files upload security considerations Hemil (Fri Nov 10 2006 - 07:45:55 CST)
- Re: Files upload security considerations ed (Sat Nov 11 2006 - 10:36:42 CST)
Ajax Security presentation from OWASP meeting Andrew van der Stock (Thu Nov 09 2006 - 18:52:19 CST)
SIFT Web Services Security Testing Framework Paul Theriault (Sun Nov 12 2006 - 21:38:12 CST)
Challenges faced by automated web application security assessment tools bugtraqcgisecurity.net (Mon Nov 13 2006 - 11:01:25 CST)
Re: [WEB SECURITY] Java Swing Application Security Jeff Robertson (Wed Nov 15 2006 - 06:44:02 CST)
Re: Enumerate Web Virtual Site pagvac (Sat Nov 18 2006 - 17:57:42 CST)
RE: [WEB SECURITY] Sesion hijacking impossible with SSL client authentication? Boaz Shunami (Tue Nov 21 2006 - 10:12:32 CST)
Re: [WEB SECURITY] Sesion hijacking impossible with SSL client authentication? ed (Sun Nov 26 2006 - 15:56:29 CST)
Fwd: SF new column announcement: A Hard Lesson in Privacy Andrew van der Stock (Mon Nov 27 2006 - 17:33:11 CST)
Is URL encoding required. Sharma, Amit (Mon Nov 27 2006 - 19:04:22 CST)
Administrivia Andrew van der Stock (Mon Dec 04 2006 - 05:24:06 CST)
WASC-Announcement: MX Injection - Capturing and Exploiting Hidden Mail Servers By Vicente Aguilera Diaz robertwebappsec.org (Mon Dec 11 2006 - 09:58:21 CST)
platform/language crib sheets Robin Wood (Mon Dec 11 2006 - 10:28:31 CST)
WASC Articles Project - Call for Participants robertwebappsec.org (Mon Dec 11 2006 - 10:57:44 CST)
forbid non-secure proxy access trespiko (Tue Dec 12 2006 - 21:31:56 CST)
- Re: forbid non-secure proxy access my.info.listsgmail.com (Thu Dec 14 2006 - 22:05:43 CST)
CanSecWest 2007 (April 18-20) Call For Papers (Deadline January 7th) Dragos Ruiu (Wed Dec 13 2006 - 18:00:52 CST)
Application Security Predictions for 2007 bugtraqcgisecurity.net (Thu Dec 14 2006 - 11:06:59 CST)
What problem have this Rijndael(.NET&PHP) code? ±è¿µÀÏ (Thu Dec 14 2006 - 18:35:26 CST)
- Re: What problem have this Rijndael(.NET&PHP) code? Peter Conrad (Fri Dec 15 2006 - 09:08:10 CST)
- Re: What problem have this Rijndael(.NET&PHP) code? Scott C. Sanchez (Fri Dec 15 2006 - 09:08:50 CST)
- Re: What problem have this Rijndael(.NET&PHP) code? Jamie Riden (Fri Dec 15 2006 - 13:42:04 CST)
Web Backdoor Compilation David Kierznowski (Mon Dec 18 2006 - 11:28:03 CST)
Re: [WEB SECURITY] Session hijacking via XSS vuln requring POST impossible? RSnake (Mon Dec 18 2006 - 13:56:26 CST)
HITBSecConf2007 - Dubai - Call for Papers now open! Praburaajan (Mon Dec 18 2006 - 21:00:57 CST)
Ruining Security with java.util.Random Jan P. Monsch (Sat Dec 16 2006 - 18:19:27 CST)
- Re: Ruining Security with java.util.Random Amit Klein (Tue Dec 19 2006 - 00:21:08 CST)
Preliminary Call For Papers: OWASP 2007 Europe Frank Piessens (Fri Dec 22 2006 - 05:50:56 CST)
ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure") Amit Klein (Mon Dec 25 2006 - 12:46:44 CST)
- Re: ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure") Martin Johns (Tue Dec 26 2006 - 14:45:41 CST)
XSS caused by Greasemonkey userscript Martin Johns (Fri Dec 29 2006 - 08:11:50 CST)
Fierce domain scan released RSnake (Sun Dec 31 2006 - 19:42:25 CST)

Last message date: Sun Dec 31 2006 - 22:21:44 CST
Archived on: Sun Dec 31 2006 - 22:21:45 CST

127 messages sorted by: [ author ] [ date ] [ subject ]