Free issue of hackin9

posted Dec 23rd 2008 6:00am by Eliot Phillips
filed under: downloads hacks, news, security hacks

hackin9

Until midnight tonight, you can download a free copy of the 1/2008 issue of security magazine hackin9. It’s 84pages, 10.5MB, and requires you to provide an email address they don’t verify.

[via TaoSecurity]

Crawling + SQL injection with Scrawlr

posted Jun 24th 2008 9:15pm by Eliot Phillips
filed under: security hacks

Scrawlr is the latest tool to come out of HP’s Web Security Research Group. It was built in response to the massive number of SQL injection attacks happening on the web this year. Most of these vulnerable sites are found through googling, so Scrawlr works the same way. Point it at your web server and it will crawl all of the pages and evaluate the URL parameters to see if they’re vulnerable to verbose injection. It reports the SQL server and table names if it comes across anything.

It only supports 1500 pages right now and can’t do authentication or blind injection. It’s still a free tool and a great way to identify if your site is vulnerable to automated tools finding you website via search engines.

[via Acidus]




Free web development tools

posted Jun 21st 2008 12:40am by Eliot Phillips
filed under: misc hacks


OStatic has a collected some great free tools for web developers. We talked about Quanta in an earlier post, but this article reaches beyond just HTML editors. LaunchSplash can be used to generate splash pages while you build. IBM, responsible for the Eclipse IDE, has built Project Zero to encourage web app development; even the IDE is web based. OpenX is an open ad server. Piwik is a free web analytics package. There are also quite a few open source CMS’s and sites collecting open source designs.

Hack a Day serves up fresh hacks each day, every day from around the web and a special How-To hack each week.

Send us your hacks