Community Blog
Update: N-Stalker Scanner 2009 build 200 is available
March 8, 2009
N-Stalker has made available for automatic update its latest build of N-Stalker Web Application Security Scanner 2009 (build 200). Version includes enhancements and fixes, including: [Feature] Full URL rewriting support (under configuration section – see user’s manual); [Bug] Fixed crash while processing nested JS (backwards node references); [Bug] Minor adjustments How to Upgrade: Automatically (Commercial […]
XSRF vulnerability in GMail service – Round Two
March 4, 2009
We were getting deeper on possibilities about latest XSRF at GMAIL which allow us to brute force in a kind of stealth mode the user’s password using some hidden tag as img, embeded, iframe, java script and other ways . The advisory showed as a “Proof of Concept” a sequence of password brute forcing using […]
N-Stalker URL rewrite feature now available
March 3, 2009
It is becoming an usual feature to use URL rewriting feature to keep application secured and to increase its usability. This situation ended up creating a problem to automate Web Application security assessment tests as most of the time we are unable to obtain parameters and reach out for the application logic itself. Usually rewrite […]
« Older Entries Newer Entries »
