- Solar FTP Server 2.1 Buffer Overflow
- Wing FTP Server 3.7.2 Cross-site Request Forgery
- QuickShare File Server 1.2 Directory Traversal/Arbitrary Upload
- Mongoose 2.11 Denial Of Service
- httpdASM 0.92 Directory Traversal
- More »
CulvertDB - C# Object Database
CulvertDB is a lightweight embedded object oriented database with concurrency control written in C#. By utilizing .NET serialization, CulvertDB can persist complex types without the need to manage external DB software or schemas.
HTTP Directory Traversal Scanner
As the name says HTTP Directory Traversal Scanner detects directory traversal vulnerabilities in HTTP server applications.
Fiddler XSRF Inspector
Fiddler XSRF Inspector is a plugin for Fiddler 2 that extracts cross-site request forgery attacks from HTTP requests.
Hooks the inputs of an HTML page and relays the keystrokes using iframes. Capable of replacing the target page with another from the same domain. Includes samples and HTTP servers written in C# and python configured to generate keystroke reports.
By utilizing LINQ to SQL classes (made by either the designer or SqlMetal), WCFMetal generates configurable, extensible WCF based data access web services. The services created provide Load, Save, and Delete functionality to client applications.
- More »
ConsultingInterested in gaining a better understanding of the security of your web application? With the rise in number of black hat hackers along with their ever growing arsenal of attacks such an understanding increases in value daily. Fixing security holes before they are maliciously exploited by attackers has become more critical than ever in retaining client trust and data integrity along with avoiding expensive damage control. I offer extensive, professional web application penetration testing consulting at competitive rates. My methodologies are proven successful in the discovery of several types of vulnerabilities, and those that have been incorporated into my vulnerability scanners have been popular within the security community.
Below are some of the vulnerabilities that may be uncovered by a web application vulnerability assessment:
- Information Disclosure
- Cross-site Request Forgery
- Reflected Cross-site Scripting
- Persistent Cross-site Scripting
- SQL Injection
- Authentication Bypass
- Local File Inclusion
- Arbitrary Command Execution
- Arbitrary Code Execution
- Arbitrary Upload
- Arbitrary File I/O
Beyond the standard types of vulnerabilities the web application will be checked for security holes specific to the domain of the application.