Secure Web Development
161 views | +0 today
Follow
 
Rescooped by David Pollum from H4x0r5 Playground
onto Secure Web Development
Scoop.it!

InfoSec Institute Resources – Pentesting Distributions and Installer Kits for your Raspberry Pi

InfoSec Institute Resources – Pentesting Distributions and Installer Kits for your Raspberry Pi | Secure Web Development | Scoop.it
RT @ProjectxInfosec: #Pentesting Distributions and Installer Kits for your Raspberry Pi
http://t.co/Q8w5HmN9wa

#linux #opensource #hacking #linux #raspberrypi

Via F. Thunus, Jason Toy, 0xerror
David Pollum's insight:

Raspberry Pi's are useful for many applications including testing websites security.

more...
Jason Toy's curator insight, June 22, 2013 12:25 AM

Everything about this is freaking cool. Just the fun stuff to do when you get that feeling that you HAVE to tinker with something, anything!

Secure Web Development
A set of principles and practices that lead to secure web systems
Curated by David Pollum
Your new post is loading...
Your new post is loading...
Rescooped by David Pollum from H4x0r5 Playground
Scoop.it!

KitPloit - PenTest Tools for your Security Arsenal!

KitPloit - PenTest Tools for your Security Arsenal! | Secure Web Development | Scoop.it
KitPloit - PenTest Tools for your Security Arsenal! | Hacking and PenTest Tools for your Security Arsenal!

Via 0xerror
David Pollum's insight:

A Collection of useful tools for web security...

more...
No comment yet.
Rescooped by David Pollum from H4x0r5 Playground
Scoop.it!

Metasploit Cheat Sheet (UPDATED) [PDF]


Via 0xerror
David Pollum's insight:

Useful Cheatsheet

 

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

OWASP Xenotix XSS Exploit Framework - OWASP

OWASP Xenotix XSS Exploit Framework - OWASP | Secure Web Development | Scoop.it
David Pollum's insight:

Useful Cross Site Scripting Detection framework.

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Scanning Alexa Top 100,000 for JavaScript libraries with known vulerabilities

Scanning Alexa Top 100,000 for JavaScript libraries with known vulerabilities | Secure Web Development | Scoop.it
RT @webtonull: 61% of Alexa Top 100,000 web sites are using JavaScript libraries with known vulnerabilities
http://t.co/g5S5JH2OdG #OWASP #…
David Pollum's insight:

Interesting report. Useful if you want to make sure your site is secure.

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

SQL Injection - OWASP

SQL Injection - OWASP | Secure Web Development | Scoop.it
... SQL Injection Vulnerabilities. See the OWASP Guide article on how to Avoid SQL Injection Vulnerabilities. See the OWASP SQL Injection Prevention Cheat Sheet. See the OWASP Query Parameterization Cheat Sheet.
David Pollum's insight:
One of the most common techniques for compromising websites.
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Apple's 'Gotofail' Security Mess Extends To Mail, Twitter, iMessage, Facetime ... - Forbes

Apple's 'Gotofail' Security Mess Extends To Mail, Twitter, iMessage, Facetime ... - Forbes | Secure Web Development | Scoop.it
ZDNet
Apple's 'Gotofail' Security Mess Extends To Mail, Twitter, iMessage, Facetime ...
Forbes
First, Apple revealed a critical bug in its implementation of encryption in iOS, requiring an emergency patch.
David Pollum's insight:
Just another look at how serious the Apple SSL vulnerability is!
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

7 critical security tips for modern web development

7 critical security tips for modern web development | Secure Web Development | Scoop.it
While I know we can't address every security mistake developers make, we can highlight the most important principles. What basic security guidelines should every modern web developer follow? How can you protect your ...
David Pollum's insight:
These are basic tips that you should follow for web development
more...
No comment yet.
Rescooped by David Pollum from H4x0r5 Playground
Scoop.it!

arkOS | Your data, your rules A project to help users self-host their websites, email, files and more. Decentralize your web and reclaim your privacy rights while keeping the conveniences you need.


Via 0xerror
David Pollum's insight:

I like the idea of a home cloud as I've always considered data on servers you don't own to be insecure.

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Snowden maintains the NSA has direct access to company servers ...

Snowden maintains the NSA has direct access to company servers ... | Secure Web Development | Scoop.it
“In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some ...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

This Super-Secure Messaging System Is The NSA's Worst ... - Co.Labs

This Super-Secure Messaging System Is The NSA's Worst ... - Co.Labs | Secure Web Development | Scoop.it
To turn around the trend for government surveillance of digital comms Peter Sundean original Pirate Bay cofounderhas built a dualencryption messaging...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

CORRECTION: ownCloud Releases Latest Secure, Easy-to-Integrate On ... - GlobeNewswire (press release)

CORRECTION: ownCloud Releases Latest Secure, Easy-to-Integrate On ...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

10 Useful Mobile javascript Frameworks For Web Development

10 Useful Mobile javascript Frameworks For Web Development | Secure Web Development | Scoop.it
Top picks of Mobile javascript Frameworks which are to be considered by you while making your next website or web app.
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Microsoft Details How It Complies With Government Requests For User Data - WebProNews

Microsoft Details How It Complies With Government Requests For User Data - WebProNews | Secure Web Development | Scoop.it
Livemint Microsoft Details How It Complies With Government Requests For User Data WebProNews Smith says Microsoft will continue to follow the above principles in its interactions with government, but will also continue to argue that it has a right...
more...
No comment yet.
Rescooped by David Pollum from Web tools and technologies
Scoop.it!

RegExr: Learn, Build, & Test RegEx

Regular expression tester with syntax highlighting, contextual help, video tutorial, reference, and searchable community patterns.

Via Frédéric Fadel
David Pollum's insight:

Useful tool!

 

more...
No comment yet.
Rescooped by David Pollum from H4x0r5 Playground
Scoop.it!

Vegan: Chrome extension to defeat BeEF

Vegan: Chrome extension to defeat BeEF | Secure Web Development | Scoop.it
In this post, Cylance SPEAR security researcher Brian Wallace details a Chrome Extension, Vegan, which is designed to block the Browser Exploitation Framework (BeEF) from infecting browsers.

Via 0xerror
David Pollum's insight:

Interesting extension

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Password managers: Time to secure yourself one - The Oregonian

Password managers: Time to secure yourself one - The Oregonian | Secure Web Development | Scoop.it
Password managers: Time to secure yourself one
The Oregonian
But she concedes her system "is not totally secure." There are holes we won't mention. And she's about had it.
David Pollum's insight:

Something that really helps users create and use more secure passwords given the problems with remembering too many passwords.

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Bitcoin Remains Unsecure - Johns Hopkins Professor

Bitcoin Remains Unsecure - Johns Hopkins Professor | Secure Web Development | Scoop.it
(Kitco News) - Bitcoin has stunned the world with its rapid growth but there are still issues as the market remains unsecured.
David Pollum's insight:
Although this article is light on details, It illustrates that Bitcoin might not be as secure as we think
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Appsec Dc 2012 - Owasp Broken Web Applications 1.0 Release ...

Appsec Dc 2012 - Owasp Broken Web Applications 1.0 Release ... | Secure Web Development | Scoop.it
Description: he OWASP Broken Web Applications (OWASP BWA) Project produces a free and open source virtual machine (VM) containing more than twenty web applications with a variety of security vulnerabilities.
David Pollum's insight:
Something useful for training to spot web vulnerabilities
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

CORE Security Adds Web Services Testing for Mobile Applications, Updated ... - Broadway World

CORE Security Adds Web Services Testing for Mobile Applications, Updated ... - Broadway World | Secure Web Development | Scoop.it
CORE Security Adds Web Services Testing for Mobile Applications, Updated ...
David Pollum's insight:
Potentially useful software to automate the security testing of web services.
more...
No comment yet.
Rescooped by David Pollum from H4x0r5 Playground
Scoop.it!

Vulnerability Scanning with Metasploit: Part II - InfoSec Institute

Vulnerability Scanning with Metasploit: Part II - InfoSec Institute | Secure Web Development | Scoop.it
In the previous article, we learned how to perform a network vulnerability assessment by using the OpenVAS plug-in. In this continuation, we will see how to perform a web application vulnerability assessment by using the wmap plug-in.

Via 0xerror
David Pollum's insight:

Good intro to vulnerability scanning with metasploit

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Serious vulnerability found in SSL/TLS on OS X Mavericks and iOS, easily exploitable [Update] - Neowin

Serious vulnerability found in SSL/TLS on OS X Mavericks and iOS, easily exploitable [Update] - Neowin | Secure Web Development | Scoop.it
Significant flaw revealed in Apple iOS, and potentially also affecting Apple OSX Mavericks
David Pollum's insight:

This flaw reveals the importance of good coding practices and the risks of taking shortcuts when writing code.

more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Secure Ideas will not be presenting at DEF CON this year

Secure Ideas will not be presenting at DEF CON this year. James Jardine and I were accepted to present at DEF CON 21 in Las Vegas this year on attacking SharePoint. For 21 years DEF CON has been a very respected ...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Microsoft refutes claims of NSA Prism link - up - ITProPortal

Microsoft refutes claims of NSA Prism link - up - ITProPortal | Secure Web Development | Scoop.it
ITProPortal Microsoft refutes claims of NSA Prism link - up ITProPortal "We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

Social Messaging System Promises Ultra-Secure Privacy - The Epoch Times

Social Messaging System Promises Ultra-Secure Privacy - The Epoch Times | Secure Web Development | Scoop.it
The Epoch Times Social Messaging System Promises Ultra-Secure Privacy The Epoch Times Part of that letter reads: “Many of its users rely on Skype for secure communications—whether they are activists operating in countries governed by authoritarian...
more...
No comment yet.
Scooped by David Pollum
Scoop.it!

BitTorrent Sync released: The secure, cloud-avoiding sync tool you ...

BitTorrent Sync released: The secure, cloud-avoiding sync tool you ... | Secure Web Development | Scoop.it
Perhaps the company's most important innovation since its co-founder Bram Cohen released the BitTorrent protocol in 2001, BitTorrent Sync is ...
more...
No comment yet.