Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 4 declined, 0 accepted (4 total, 0.00% accepted)

+ - Security Assessments of Modern Applications Made Accessible by Arachni v1.0

Submitted by Zapotek
Zapotek (1032314) writes "With web application security breaches being all the rage, the situation was further worsened by the lack of open systems, that can accurately assess the security of modern web applications. Today's requirements for HTML5, DOM, JavaScript and AJAX technologies meant that automated security assessments of modern applications could only be performed via closed-source and prohibitively priced products, as their free and open-source counterparts were severely lacking in support for such advanced features. However, with the breakthrough release of Arachni Framework v1.0, there is now a free and open-source system that not only has adequate support for the necessary features, but surpasses even the most established commercial products at common industry security benchmarks.
(Full disclosure: I am Tasos Laskos, the founder and lead developer.)"

+ - Arachni v1.0, the F/OSS webappsec scanner with integrated browser environments

Submitted by Zapotek
Zapotek (1032314) writes "In the world of web application security scanners, the disparity in crawl coverage and vulnerability detection has always been rather significant between commercial offering from big names such as IBM and Hewlett-Packard and F/OSS projects; this was in no small amount due to the fact that F/OSS systems have been severely lacking in support for modern technologies, such as HTML5/JavaScript/AJAX/DOM. The Arachni Framework v1.0 has now crossed that line and is the first F/OSS system to support such complex features, allowing it to surpass even the most established commercial offerings in vulnerability coverage, detection and accuracy. In an effort to make a quality security scanner available to all, we would like to invite penetration testers and administrators to try it, provide us with their valuable feedback and generally get the word out. Thank you in advance, Tasos Laskos — founder and lead developer."
Security

+ - The true reasons behind the LHC site defacement, o->

Submitted by
Zapotek
Zapotek writes "Many news sites have misinterpreted the message of the defacement of CERN's LHC website left by Greek crackers.

Thankfully, a colleague and friend of mine, George Chlapoutakis (also known as DarkSYN) got his hands on a genuine screenshot of the defacement containing the full message in the Greek language and proceeded to write an accurate translation.
The story sums up as follows:

The purpose of GST (or Greek Security Team's) intrusion was neither to disrupt the experiment, nor to humiliate the CERN admins.
Their statement was against their adversaries in the Greek underground scene and the only reason they chose this site was due to it's extraordinary traffic.

"

Link to Original Source

Physician: One upon whom we set our hopes when ill and our dogs when well. -- Ambrose Bierce

Working...