Last security news

 

Mon, 8 Feb 2010: Tool Update

Now the tool tell you if the domains's DNS server allows a zone transfer (DNS snooping).
The database will be updated this week. Take a look.

 

Fri, 8 Jan 2010: Tool ONLINE

The security tool is again available to you.

 

Mon, 4 Jan 2010: Tool Offline

The tool isn´t working. I will try to repair it in the next days.

 

Sun, 13 Dec 2009: Methodology updated

The Penetration test Methodology has been updated.
Take a look.

 

Mon, 16 Nov 2009: Security Tool Updated

Some CMS Systems have been added

Hijacked accounts in Twitter because a vuln in SSL

A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the secure sockets layer protocol.

The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through encrypted data streams. When the flaw surfaced last week, many researchers dismissed it as an esoteric curiosity with little practical effect.

For one thing, the critics said, the protocol bug was hard to exploit. And for another, they said, even when it could be targeted, it achieved extremely limited results. The skepticism was understandable: While attackers could inject a small amount of text at the beginning of an authenticated SSL session, they were unable to read encrypted data that flowed between the two parties

Mon, 09 Nov 2009: Tool Updated

The tool is being updated to check out for more CMS Systems.

 

Sat, 17 Oct 2009: New module added to the Security Tool

The new module will be to identify Web Applications running on the target server.
Right now it's in Beta testing and just return if the target is running Typo3 as CMS
Check it out HERE

 

12 October 2009: Tool

The tool was updated.
Now it returns the webserver header of the target.
Check it out HERE

 

4 October 2009: Tool

The tool now returns the Nameservers of the target domain.
Let's try the new functions ;).

 

17 September 2009: Tool

The Security Tool has been updated, but i will stay working on it until it gives proper information.
Hope you can try it with your favourite domain to see (for a while) which domains are shared with yours.

 

11, 12 September 2009: Validators

Updated and checked with W3C validators

 

10 September 2009: Ajax

The tool got updated with Ajax.
Please check it out and comment me all you wanted to see there.
Be g00d!

 

09 September 2009: Design

Just little changes in the design of the website.

 

08 September 2009: Google AdSense

0daysecurity.com just got supported by Google AdSense Program.
I thank them to help this noble cause ;)
Be g00d!

 

07 September 2009: Added more info in Penetration Test Section

I have got some new info from Internet about Penetration testings.
I will organize it and add new more info in the next days.

 

06 September 2009: New 0daysecurity.com design

After all the time i have been holding this web, i have decided to change the design.
This is going to be the first step in this Website's history.
I will change everyday something in order to do it better. I hope you like it.

Valid XHTML 1.0 Transitional ˇCSS Valid!