Blogspot - yaisb.blogspot.com - Yet Another Infosec Blog
General Information:
Latest News:
CSRF Dorks 21 May 2007 | 06:38 pm
You've all seen Johnny Long's google hacking database Its an excellent example of a full disclosure platform that helps raise awareness about vulnerabilities in the wild. I just launched the first ve...
l33t haxxors 26 Apr 2007 | 02:23 pm
I dont usually post on nontechnical subjects, but I'm making an exception: l33t haxxors - Episode 1 l33t haxxors - Episode 2 l33t haxxors - Episode 3 Excellent comic relief for a tough day. Enjoy :)
The Ellusive Negative Quantity Vulnerability 25 Apr 2007 | 10:16 am
I guess I'm just going to pick up where I left off a few months back. Rather than backtracking over all the stuff thats happened between then and now, I'll just keep on posting as things come up. So ...
RE: TAG or How I Got My Start. 25 Apr 2007 | 05:46 am
Hi! Its been a LONG time since my last update but I'm making a resolution to start posting again. I got an email from Didier the other day prompting me to update my blog with a story on how I got my s...
Defeating Dean Edwards' Javascript Packer 25 Oct 2006 | 03:34 pm
Today a friend passed me some obfuscated javascript and asked if I would help him decode it. I had a quick look at it and saw the following code fragment: eval(function(p,a,c,k,e,d){ ... This made m...
Chasing Wild Geese? ...Keep Chasing. 16 Sep 2006 | 05:27 am
I'm BACK! Sorry for the hiatus, I was preparing for and starting school. Now that things have gotten into a bit of a groove, I can get back on the HACK. The title for todays post is sort of tongue-in-...
Authentication bypass. 8 Aug 2006 | 07:16 am
This is an example of a far too common problem. Developers have a tendency to assume that client applications will always act how they were designed to act. This is fine if you're depending on them fo...
New Bookmarklets 4 Aug 2006 | 09:43 am
I developed a few new web app pentesting bookmarklets this afternoon. If anyone has any requests, or bookmarklets of their own to share, please leave me a comment. Here are the new ones: Password2te...
Weekend Pentest 17 Jul 2006 | 11:17 am
A friend asked me to have a look at some php he was working on yesturday and I found a few interesting little security weaknesses I'd like to discuss. First of all, maybe someone could help me out he...
Packed Executables 13 Jul 2006 | 12:11 pm
I have to apologize again for the lack of recent updates. I've been spending a lot of time looking for work and havn't had a lot of time to spend on this blog. Over the last little while I've been get...