begood Posted May 5, 2010 Report Posted May 5, 2010 Google has released a free online tutorial that gives developers the chance to play the role of malicious hacker by exploiting real security bugs in a mock web application.The codelab is premised on a "small, cheesy web application" dubbed Jarlsberg that is chock-full of bugs that can be exploited to take down webservers, perform remote code-execution attacks, and spring information-disclosure leaks. It can be downloaded and run on a local machine to teach developers firsthand the perils of insecure coding.Google's "Web Application Exploits and Defenses" codelab can be used in a black-box setting, in which hackers aren't privy to the source code of the application they're attacking, or a white-box setting, in which they are. Jarlsberg is written in Python, although hackers, of course, need not be versed in the language in order to make mincemeat of the application.http://rstcenter.com/forum/22352-jarlsberg-want-beat-hackers-their-own-game.rsthttps://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=36142 Quote
wildchild Posted May 5, 2010 Report Posted May 5, 2010 citez pe Gavroche din Les Miserables:"Jucarele pentru copii":D Quote
