Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Hunting for web application vulnerabilities

An anonymous reader writes: As some of you may, or may not be aware web application security is a major concern for many organisations as a vulnerable web application can, and will almost certainly be abused, leading to the possible compromise in the confidentiality, integrity, or availability of assets. Recently, a new version of the Arachni Web Application Security Scanner Framework was released. This brings with it a huge list of features that were previously unavailable from any other free or open source web application security software. In short, the major feature addition and the item that makes it stand out in the crowd of automated security scanners (even some commercial ones) is its unmatched support for modern technologies such as HTML5, DOM, JavaScript, and AJAX, thanks to the implementation of a full headless web browser. For any experienced penetration testers, fresh hackers wanting to learn, or even those just wanting to improve the security of their own organisations web applications, it’s definitely worth checking out.

Submission + - Security Assessments of Modern Applications Made Accessible by Arachni v1.0

Zapotek writes: With web application security breaches being all the rage, the situation was further worsened by the lack of open systems, that can accurately assess the security of modern web applications. Today's requirements for HTML5, DOM, JavaScript and AJAX technologies meant that automated security assessments of modern applications could only be performed via closed-source and prohibitively priced products, as their free and open-source counterparts were severely lacking in support for such advanced features. However, with the breakthrough release of Arachni Framework v1.0, there is now a free and open-source system that not only has adequate support for the necessary features, but surpasses even the most established commercial products at common industry security benchmarks.
(Full disclosure: I am Tasos Laskos, the founder and lead developer.)

Submission + - Arachni v1.0, the F/OSS webappsec scanner with integrated browser environments

Zapotek writes: In the world of web application security scanners, the disparity in crawl coverage and vulnerability detection has always been rather significant between commercial offering from big names such as IBM and Hewlett-Packard and F/OSS projects; this was in no small amount due to the fact that F/OSS systems have been severely lacking in support for modern technologies, such as HTML5/JavaScript/AJAX/DOM. The Arachni Framework v1.0 has now crossed that line and is the first F/OSS system to support such complex features, allowing it to surpass even the most established commercial offerings in vulnerability coverage, detection and accuracy. In an effort to make a quality security scanner available to all, we would like to invite penetration testers and administrators to try it, provide us with their valuable feedback and generally get the word out. Thank you in advance, Tasos Laskos — founder and lead developer.

Submission + - How indie developers stop pirates (

chronodev writes: An Indie game creator — Garry Newman (Garry's Mod) found a creative way of dealing with pirates. He put in an error in his game that triggered when running a pirated version of the game. He then asked in his tweeted if anyone was "unable to shade polygon polynomials". Soon responses flowed in, unveiling those users who pirated the game.

Slashdot Top Deals

I think there's a world market for about five computers. -- attr. Thomas J. Watson (Chairman of the Board, IBM), 1943