Recently I published information on how specially crafted HTML (remote and local), Flash and QuickTime (.mov) files can be used by malicious users to target and exploit internal and external networks. Than my friend and c

可以根据你的选择生成18个国家的身份，包括姓名、父母、住址、电话、邮箱、生日、信用卡号等。想当详细。
我也弄来一个：
Hui Mai
4755 Boggess Street
Seymour, TX 76380

Email Address: Hui.Mai@mailinator.com

Phone: 940-207-3853
Mother's maiden name: Ch'en
Birthday: July 18, 1958

V

这里有很多的路由默认密码。需要的时候可以查下。

Link
http://www.phenoelit.de/dpl/dpl.html

This article discusses how effective various encryption schemes are and some of the tools used to discover WAP's.

Part1 link
http://www.windowsecurity.com/articles/WiFi-security-lack-Part1.html
Part2 link
http://www.windowsecurity.com/articles/W

This document presents a new attack technique against web applications that communicate with mail servers, generally webmail applications. Some of these applications are vulnerable to this new threat, which I called MX Injection due to the possibility of injecting commands from mail protocols (IMAP, SMTP). This document details the techniques and possibilities of MX Injection, as well as some counter measures to protect against this new attack type. This document is oriented toward web develop

Attacks always get better, never worse. That’s what probably what I’ll remember most about 2006. What a year it’s been in web hacking!

Here’s his list:

Web Browser Intranet Hacking / Port Scanning - (with JavaScript and with HTML-only and the improved model).

Internet Explorer 7 “mhtml:” Redirection Information Disclosure.

Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning.

Web Browser History Stealing -

The following examples DO NOT use any well-known or unpatched web browser vulnerabilities. The code uses clever and sophisticated JavaScript, Cascading Style-Sheet (CSS), and Java Applet programming. Technology that is common to all popular web browsers.

http://www.whitehatsec.com/home/resources/presentations/files/javascript_malware.pdf

Select which scan type do you want : Quick Scan, Full Nmap Scan, Custom Scan
http://nmap-online.com/
http://nmap-online.com/tos.php

In this post I am going to outline some of the techniques available for maliciously infecting Image (Picture) files with JavaScript code.

http://www.gnucitizen.org/blog/backdooring-images

XSS attacks are nothing new, but an evil mind can find ways to use these flows to bypass border firewalls and highly expensive intrusion prevention systems in order to attack your organization from inside.

This post outlines an example of how to use QuickTime Movie files to trick the user into executing malicious JavaScript code. The technique presented here does not relay on a vulnerability bur rather on an insecure feature present in QuickTime player from version 3, up to the l