Archives
-
LinkedIn SSL Cookie Vulnerability
Rishi Narang, a security researcher and consultant, has discovered multiple vulnerabilities in LinkedIn (www.linkedin.com) which can enable an attacker to modify an account “without password”. Read information of this session management nightmare at www.wtfuzz.com or contact him at twitter (@rnarang) for further details.
Tags: cookie, exploit, GST, hack, leo_auth_token, LIM, linkedin, narang, network, networking, POC, professional, research, rishi, rishi.narang, rishinarang, rnarang, security, session, ssl, twitter, vulnerability -
PWN0 Scripts
PWN0 (http://pwn0.com) the hackers playground is a VPN where (almost) anything goes. You just need to sign up, connect to the VPN and start hacking. This is what the website says! I loved the domain name and felt to give it a shot. Here is how the home page looks like, Pretty intriguing! Isn’t it? [...]
Apr 25th, 2011 | Filed under Hacking -
Penetration Testing
All the CXO, security enthusiasts know this term – Pentest (Penetration Testing). What is pentesting and how has it evolved all these years? Is it catching up with the hackers of this century, or now this trend is just side tracked? Pentest as per Wikipedia, is a method of evaluating the security of a computer [...]
-
Firefox IPFuzz
Note: I am developing a Firefox extension/add-on and this post will be updated soon with add-on details and help. Sorry for inconvenience.
Jan 5th, 2011 | Filed under Hacking -
Security?
Is security something that can be calculated or measured? Is security an existing measure or a superstition/belief. Can security be seen, heard, told or can it just be felt? Billions of dollars are spent on security – physical, virtual, political, geographical etc. and most of the times, security has proved to be competent enough to [...]