Among many advanced penetration testing tools provided, Acunetix Web Vulnerability Scanner (WVS) offers you the HTTP Sniffer tool. With the HTTP Sniffer you can capture, trap, analyze and even modify any HTTP traffic that the sniffer is listening to, e.g. port 8080. The Acunetix HTTP…
Mac Malware Underscores Why You Can’t Ignore Web Security Threats
Looks like the Mac is finally getting what’s been coming: Mac Malware. And lots of it just recently with the Flashback infection that apparently impacted up to 700,000 Macs. We’ve all heard it from the Mac bigots: One of the main reasons I use a…
Web Application Firewall (WAF) and the false sense of security
A Web Application Firewall (WAF) is an excellent last line of defense. Based on what I see in my testing they’re great at blocking both automated scans and granular exploits like Cross-Site Scripting and SQL injection. I recommend WAFs to clients all the time. But…there’s…
Not All Web Vulnerabilities Are What They Appear to Be
When performing web security assessments, it’s easy for us to feel confident in what we see. Take Cross-Site Scripting (XSS) for instance. Your scanner finds this web vulnerability. You validate that it does indeed exist. What more is there to do? Well, it depends on…
The Value of Web Exploitation
Is the exploitation of web vulnerabilities worth the trouble? Does it create unnecessary risks that should be avoided? Why exploit flaws anyway? This is not a black and white circumstance. Every situation is unique. But here’s what I know. The exploitation of web security flaws…
IT Geek Speak and What Management Really Needs to Hear
Gerald Ford once said “Nothing in life is more important than the ability to communicate effectively.” What a profound statement that not only applies to our personal lives but also how far we go in our IT careers. There’s hardly anything that can cause IT…
What Is An .htaccess File?
An .htaccess file is a configuration file which provides the ability to specify configuration settings for a specific directory in a website. The .htaccess file can include one or more configuration settings which apply only for the directory in which the .htaccess file has been…
Protect Your WordPress Website from a Pharma Hack
One of the worst feelings I’ve ever experienced was when I received an email from one of my customers telling me that my website had been hacked. It got worse, as I couldn’t see any changes in my content, the design or the source code!…
Acunetix Parses Version Control Systems
A lot of developers are using version control systems such as SVN (Apache Subversion) and GIT in order to track changes in their source code. These types of server tools are essential for the organizations which have multi-developer projects. Most of these version control systems…