Showing 4 results for: May 2012 ×Penetration Testing ×

Connecting the Dots w/ PenTest Manager

We are evolving how the penetration testing industry reports vulnerabilities. Traditional PDF reports just don't work anymore, we need a way to easily query vulnerability data, track, export/import, and integrate into existing business processes. Beyond the obvious data usability issues,...

Too XXE For My Shirt

Until tonight, I'd never gotten a chance to try an xml external entity (XXE) attack. Earlier, I was updating XMLmao and XSSmh with the same interface improvements and custom blacklist features already present in SQLol. The idea, eventually, is to...