Acunetix WVS Version 7 build 20101216 released

An updated build of Acunetix WVS Version 7 was released, featuring further DOM XSS checks improvements and addresses a number of bug fixes. New features: DOM XSS will now report the filename in which the attack was executed DOM XSS checks on document.open, window.open, window.navigate and more Bug fixes: Fixed: Aborting analysis while executing events […]

Read More →

Google Changes Malware Warnings

As expected, Google has changed their process when they detect malware or ‘malicious’ content on websites.  As reported today on CNET: ‘Google search results warn of compromised sites’ Google is now adding new links into the search results: ‘Starting today, Google search users should start seeing a new hyperlink warning that says “This site may […]

Read More →

DOM based Cross-site Scripting vulnerabilities

While a traditional cross-site scripting vulnerability occurs on the server-side code, document object model based cross-site scripting is a type of vulnerability which affects the script code in the client’s browser. DOM or the document object model is a way scripts can access the structure of a page in which they reside, and is used […]

Read More →

Acunetix WVS v7 build 20101206 automatically checks for DOM XSS

The new build of Acunetix Web Vulnerability scanner Version 7 checks for DOM based XSS vulnerabilities.  Unlike the traditional cross-site scripting vulnerability, document object model based cross-site scripting (DOM XSS) vulnerability is a type of vulnerability which affects the script code in the client’s browser.  To read and learn more about DOM based Cross-site scripting […]

Read More →

Statistics from a phisher’s list

Yesterday night I was following some security related forums and some person posted a phishing kit for a popular bank from Romania.  A phishing kit is a collection of scripts to help a script kiddie launch a phishing exploit and steal data such as credit card information, passwords.  While looking through the contents of this […]

Read More →

Acunetix WVS Version 7 build 20101123 released

An updated build of Acunetix WVS Version 7 was released. Improvement: More updates to the Client Script Analyser (CSA) engine for better Web 2.0 support Bug Fixes: Fix: Added port in host header for https in manual browsing Fixed: Crawler not serving pages to Client Script Analyzer engine on request if pages were already queued […]

Read More →