Events Related:

Resources:

  • Tips On Choosing Which Vulnerabilities to Test – icsalabs.com
    Based on our experience, below are five of the most important tips when it comes to choosing vulnerabilities.
  • Wiping & Protecting Data from SSD/Flash Drives – rootshell.be
    As you probably already know, deleting a file using the standard system call is not enough from a security point of view.
  • Smart Application Security Score Card – coffeeandsecurity.com
    There are several instances where application stakeholders struggle hard to identify necessary security SDLC activities for their applications and products.
  • Browser Vulnerability Timeline – browserstats.appspot.com
    The timeline shows the percentage of users who have at least one unpatched critical-severity vulnerability (or at least one unpatched high-severity vulnerability) on an average day.
  • Browserscope – browserscope.org
    The goals are to foster innovation by tracking browser functionality and to be a resource for web developers.

Tools:

  • Karma – digininja.org
    Karma is a set of patches to access point software to get it to respond to probe requests not just for itself but for any ESSID requested.
  • Ragweed – github.com/tduehr/ragweed
    Ragweed is a set of scriptable debugging tools written mostly in native ruby.
  • CERT Basic Fuzzing Framework – cert.org
    Today we are releasing a simplified version of automated dumb fuzzing, called the Basic Fuzzing Framework (BFF).

Techniques:

Other News: