Dinis Cruz Blog

Here is a bunch of interresting stuff (for future reference)

• Web Application Security Professionals Survey (Dec. 2006)
• .NET Framework 2.0 Security Hole
• Feature Article: A Security Hole in ClickOnce Deployment
• Backdooring MP3 Files
• Inside CRT: Debug Heap Management
• Transcript of Richard Stallman at the 5th international GPLv3 conference; 21st November 2006
• AxMan ActiveX Fuzzer
• Fuzzing browsers for fun
• 5 challenges of web application scanning
• Challenges faced by automated web application security assessment tools
• Adding Self-healing capabilities to the Common Language Runtime and Manipulating Managed Execution Runtimes to Support SelfHealing Systems
• Packet Capture and Analyzer
• http://passivemode.net/
• Are You an Evangelist Too?
• Multiple CRLF Injection / HTTP Response Splitting Vulnerabilities In Google AdWords
• Electronic Commerce: Who Carries the Risk of Fraud?
• Deploying Microsoft .NET Framework Version 3.0 and Assessing the Business Need Behind .NET Framework 3.0
• Managed CodeGen and DebuggerVisualizer for DynamicMethod (Show me the IL) and Debugging Dynamically Generated Code (Reflection.Emit) and DebuggableAttribute and dynamic assemblies and Using Lightweight CodeGen from Partial Trust and RestrictedMemberAccess
• MS Security VP Mike Nash Replies
• Windows Native Debugging Internals

Jeremiah Javascript website login checker

http://jeremiahgrossman.blogspot.com/2006/12/i-know-if-youre-logged-in-anywhere.html

It’s working!!!!

Dinis Cruz