Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says.

Filed under: b3st pract1c3s, privacy | No Comments »

Today I was toying with Apache and made a .htaccess for all of you; that prevents most used XSS and SQL injection vectors in the request uri. It looks at the request uri and sends the malicious user to a log file which sends an e-mail to the webmaster with all his information and what [...]

Filed under: b3st pract1c3s, codemonkey, exploit, security | No Comments »

Whitehat SEO, while not at a standstill, is certainly feeling a pinch from Google lately. Penalties are being handed out to sites much like a fratboy would cups of beer to the only attractive girl at the party. And yet many still refuse to learn anything remotely blackhat. I understand that they don’t want to [...]

Filed under: b3st pract1c3s | No Comments »

If you invited me to try and crack your password (you know the one that you use over and over for like every web page you visit) how many guesses would it take before I got it? Let’s see… here is my top 10 list. I can obtain most of this information much easier [...]

Filed under: b3st pract1c3s, security | No Comments »

Click here.
For the unknowing… phpmyadmin is a web-based mysql admin tool. The google query is structured to find installs of phpmyadmin that aren’t password protected. This gives anyone full access to read and modify the database. Also, if the pages were password-protected, Google’s spider wouldn’t have been able to get in to index them in [...]

Filed under: b3st pract1c3s, hax, ugh | No Comments »