DefaceTool is an open-source Java Server Faces(JSF)testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and application scope attacks against Apache MyFaces 1.2.8 applications. The tool has been architected to be extensible and can be modified to support other versions of Apache MyFaces and Sun Mojarra.

Check https://www.trustwave.com/spiderLabs-tools.php

Explore More

Domain Stealing or How to Hijack a Domain

Please note this is an old technique again, just for learning purposes, learn how the old techniques worked and why they worked, then try and discover new ways to do

Read More

Several avast sites were defaces

Last month, eight sites at once well-known anti-virus solutions avast!  Were defaces: http://www.avast.co.za/ (mirror; date: 2010-01-22 15:06:28) http://awast.org/ (mirror; date: 2010-02-18 18:57:27) http://www.avast.de/ (mirror; date: 2010-02-18 18:58:01) http://shop.avast.de/ (mirror; date:

Read More

Critical SQL Injection in GK Power System (Myanmar)

PlanetCreator reported another Critical SQL injection (vulnerability) on GK Power System (Myanmar) URL : http://www.gkmyanmar.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the

Read More