Monday, December 19, 2011

Parsing HTML

Parsing HTML is not easy.

What did I learn today?

Do not try to parse HTML with regex aka PCRE.


I decided to use PHP, so I started here: PHP Manual DOMDocument

Then found out about: DOMXPath

It should be mentioned now that I have little experience with PHP, mostly C++. With that said, it was very difficult for me to come up with a solution. I was trying to parse a specific web page for specific topics within the source code.

PHP Tutorial

Posted by at 4:19 PM 0 comments

Thursday, December 15, 2011

SecManiac's Artillery

SecManiac's Artillery


Check it out.
Posted by at 1:57 PM 1 comments

Friday, December 9, 2011

SQL Invader

Dan Kuykendall and the folks over at NTObjectives have just released a pretty cool GUI tool for testers to quickly and easily exploit SQL injection vulnerabilities. It is currently only available for Windows.

Check out SQL Invader from NTO
Posted by at 8:04 AM 1 comments

Tuesday, December 6, 2011

Social Engineering Tools & H4Ck3R t00ls

Saw this in a presentation, here are some sites you should put high on your list when doing social engineering reconnaissance:

  • Jigsaw
  • LinkedIn
  • Spokeo
  • Facebook
And these are some less known tools I've found fun and possibly quite dangerous, good to familiarize yourself with both for defense and offense:

  • Cree.py
  • EXIFTool
  • TinEye
  • Icerocket
  • Tweep2
  • Glassdoor
  • Careerbliss
  • Fbpwn
  • Maltego
  • Pwnplug
  • HoneyBOT
Posted by at 10:59 AM 1 comments
Subscribe to: Posts (Atom)