[email protected]:~$

  • Sergio Proxy

    So after a ridiculously long period of procrastination, I finally got around to updating Sergio Proxy to make it remotely usable. I was never very happy with how the initial code turned out, but given that it was hacked out in a couple days just to test some ideas, I...

  • JavaScript Port Scanners

    In case you were living in a cave the last few days or aren’t subscribed to any of the security mailing lists out there, you probably already have seen these links but I’m putting them up here anyway. First, SPI Dynamics released their version of what Jeremiah is working on...

  • Is XSS Good For SEO?

    There’s an interesting post over at Venture Skills blog talking about if XSS is actually good for SEO purposes. While I don’t have any conclusive evidence that he is wrong or right (at least nothing that makes me satisfied by saying that is a correct or incorrect assessment), I will...

  • Google Redirects Help Phishers Again

    The site is down now, but I got yet another phishing email using Google redirection to hide the real address that the user is being forwarded to. Sorry for the super long line (had to break it up): http://www.google.com/… (redacted) Google has been notoriously bad about fixing these issues, even...

  • Google Files On the Internet

    Ronald had a really good post about how Google’s files were open to the world. A few people messaged me and said they were surprised I didn’t jump on it the second it was mentioned. Yah, I know, I probably should have, but get this, I actually felt sorry for...