hacking

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention

Today I am presenting my work for past some days in form of a white paper. This white paper basically outlines the automated finger printing methods, techniques and ideas for prevention automated methods to work on your site. BTW those who are having wappalyzer on there browsers just enjoy visiting my Joomla Powered Website. 😀 …

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention Read More »

Database protection Techniques : a different prespective

Tips for Db Security Disclaimer : This post keeps in mind the web frontends and web applications based attacks on DB Servers in mind. Any Userid used for web application connectivity should be clipped to specific ip addresses that could be localhost in case of same server usage for Db and App server. If two …

Database protection Techniques : a different prespective Read More »

protection wordpress username enumeration

After my last post exploiting username enumeration i have looked deep and found a simple workaround to patch your blog for this vulnerability till wordpress has something to add to it. I am right now using a wordpress plugin : Redirections https://wordpress.org/extend/plugins/redirection/ Inside the plugin page which comes under : tools -> redirections Add a …

protection wordpress username enumeration Read More »

WordPress User Enumeration PoC Shell Script

We have recently seen WordPress User name enumeration Vulnerability disclosure here http://seclists.org/fulldisclosure/2011/May/493 Versions Effected are : 2.6, 3.1, 3.1.1, 3.1.3 Here i am enclosing a simple PoC which could be run on Bash Shell. (Note : PoC on python is already available for those who are curious) [github userid=”anantshri” repoid=”script-collection” path=”wp-user-enum.sh” language=”bash”] Code could be …

WordPress User Enumeration PoC Shell Script Read More »

Scroll to Top