January 13, 2008 – 8:04 pm
A new array syntax has been proposed (for quite some time) for defining arrays in PHP. Currently, we use array() construct to create an array. Some examples could be:
$myArray = array(1, 2, 3, 4, 5);
$yourArray = array(1 => “one”, 2 => “two”, “three”);
$herArray = array(1, 2, 3, array(4 => “four”, “five”));
The proposal is to use [...]
January 9, 2008 – 3:45 pm
Yahoo! launched it browser based media player written in javascript. All you have to do is link the javascript code (located at http://mediaplayer.yahoo.com/js) in a web page having links to audio file(s) .
Although it takes a while for the “player” to load completely, yet I am pretty okay with it (for now). Moreover, it’s in [...]
January 5, 2008 – 5:49 pm
It brings me immense pleasure to inform you that w3af (web application attack and audit framework) has been named the Best Application Scanner in BEST IT Security and Auditing Softwares 2007 list prepared by Security Database.
I had mentioned in a few previous articles that I see immense potential in w3af. I must, however, [...]
December 22, 2007 – 7:27 pm
1. Life & Code
(The title of this section is taken from Johnny’s blog of the same name, Life and Code. Although my implementation of the phrase isn’t in terms with Johnny’s, yet I could resist using it. )
Life: Three days ago I found that there are some strange entries in my local Apache web [...]
December 20, 2007 – 3:14 pm
Update: Kishor reports a flaw in the implementation of “private” videos feature on Orkut. Although I am at office and I haven’t checked it yet myself, I believe I can trust him, based on his posts at Slackers. Nice one Kishor.
1. YAWN [Yet Another Worm, Nanny]
Orkut (Google’s MySpace and Facebook for Indian, Pakistan [...]
Posted in cyberlaw, defacement, education, google, guide, irony, life, news, review, security, webappsec, xss
|
November 2, 2007 – 6:19 pm
DEMO
This post was due since the Bank of India hack incident, and was fueled by PDP’s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo).
Citing Wikipedia, [...]
October 12, 2007 – 5:54 pm
Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it.
Yesterday, I presented my first Webinar (Seminar on [...]
Posted in csrf, defacement, google, hack, hackers, humour, life, review, script, security, webappsec, xss
|
September 13, 2007 – 11:59 am
I know, I know… the title sounds like a cheap promotion ad.
As I mentioned in my previous entry that Giorgio has addressed our (mine and Gareth’s) request to block iframes using NoScript. I must, however, admit that I did not expect it to be this fast. NoScript 1.1.7.1 (SilverNight) is here. The changelog [...]
September 10, 2007 – 3:22 pm
Update: Aah. It’s not that there couldn’t have been any better news :P, but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks.
Oh and Yes! Ma1 Rocks too …;)
I have been pretty busy since the last few weeks (and this trend [...]
August 21, 2007 – 5:38 pm
I am not sure if anyone is aware of it or not, so kindly spare me if it’s not NEW in the sense I wish to convey. (Or may b, you didn’t discover it the way I did)
For no particular reason, I visited the windows update page today (using IE7) and got this message:
As [...]
BlogoSquare