News: MS Patch Submission Response Spurs Anti Collective

From Updated Security researchers irked by how Microsoft responded to Google engineer Tavis Ormany’s public disclosure of a zero-day Windows XP Help Center security bug have banded together to form a group called the Microsoft Spurned Researcher Collective*. The group is forming a “union” in the belief that together they will be better placed... » read more

Tools: Fport Process to Port Mapper

Fport is a very handy tool to determine which ports are mapped to which process. You can download it here From Foundstone (creators of tool): “fport reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the ‘netstat -an’ command, but it... » read more

Howto: Web Application Exploits and Defenses

Want to learn how to hack a website? This tutorial -> explains how to attack and defend against: Cross-Site Scripting (XSS) Client-State Manipulation Cross-Site Request Forgery (XSRF) Cross Site Script Inclusion (XSSI) Denial of Service Code Execution Configuration Vulnerabilities AJAX vulnerabilities Other Vulnerabilities (Buffer Overflow, Integer Overflow. SQL Injection)