Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Global Application Security Wiki
Posted by: wimvincken
Date: June 15, 2009 09:51PM

I found a new site, specialized in Global Application Security. They claim that the site is an encyclopedia for Web Application Security.

It's running already for a week and I must say I'm impressed. I believe that they have thousands of pages about the subject and much more. They have also good info about cracking, Cross-site scripting, Intrusion Detection, security products and much more.

I love their keyloggers pages (including products and what you can do about it) and password cracking software tools.

You can find the site here: http://wiki.globalappsecurity.net.

The navigation is a bit complicated, but when you understand how their cross-reference and categories work, it is a very valuable tool when you are interested in security and related.

Wim

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 16, 2009 06:48AM

Five minutes of probing showed that site is vulnerable against most webapp attack techniques I've encountered or heard of during the last 5-7 years. I really wanted to stop being too sarcastic here so I oppress any further comments...

[url=http://wiki.globalappsecurity.net/tiki-browse_categories.php?parentId=6%22><marquee style%3D%22font-size:140px%22>]kthxbai (<- more SEO magic!)[/url]



Edited 1 time(s). Last edit at 06/16/2009 06:52AM by .mario.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: thrill
Date: June 16, 2009 09:28AM

@.mario

That site is more for 'management' types, not for those that actually know what they're doing. ;)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: rvdh
Date: June 16, 2009 02:51PM

lol.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: sirdarckcat
Date: June 18, 2009 09:56AM

Quote

So tempted to post sarcasm on sla.ckers must resist...must resist...
Quote

I really wanted to stop being too sarcastic here so I oppress any further comments...
I'm so happy I'm not alone.. haha this thread/wiki pokes with my inner troll..

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: nicola
Date: June 18, 2009 09:05PM

rotfl guys :P

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 19, 2009 03:48AM



More than a thousand words :)

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: rvdh
Date: June 19, 2009 06:42PM

nice1 now I can complete my collection.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: wimvincken
Date: June 22, 2009 10:15PM

.mario Wrote:
-------------------------------------------------------
> Five minutes of probing showed that site is
> vulnerable against most webapp attack techniques
> I've encountered or heard of during the last 5-7
> years. I really wanted to stop being too sarcastic
> here so I oppress any further comments...
>
> kthxbai (<- more SEO magic!)

That little 'thing' you demonstrated is not "a webapp attack technique"
It is simple a very stupid and ignorant thing to make your OWN life hard by defacing your OWN browser and then you claim that the website is not safe?

The site is run by the TikiWiki (http://info.tikiwiki.org) engine, not some little home-made website. And the thing about TikiWiki engines is that they are secure.
So, being sarcastic ... and SUPPRESSING any of my further comments, I really dislike people who don't know where they are talking about.

And yes, the site is not something where you can collect your latest hack or crack. But you can find info there about Web Application Firewalls and security in general.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: sirdarckcat
Date: June 23, 2009 12:53AM

> That little 'thing' you demonstrated is not "a webapp attack technique"
epic..

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 23, 2009 05:16AM

Quote

And the thing about TikiWiki engines is that they are secure.

Shit - I forgot..

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: sirdarckcat
Date: June 23, 2009 06:01AM

http://wiki.globalappsecurity.net/a+b%22%2Bconfirm(%22epic%20fail%22)%2b%22

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 23, 2009 07:13AM

http://wiki.globalappsecurity.net/tiki-browse_categories.php?parentId=6%22%3E%3Ca%20style=%22font-size:200px;color:red;%22%20href=%22data:text/html;charset=utf-8;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B%22%3EI%20am%20Jack.%20Jack%20Click.%3C/a%3E%3Cplaintext%3E



Edited 1 time(s). Last edit at 06/23/2009 09:40AM by .mario.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 23, 2009 09:48AM

I think we should all stop bashing now and learn from this guy:


Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: thrill
Date: June 23, 2009 09:57AM

I don't need to learn from him because I know everything.

And while he thinks he knows everything, it's obvious that the only person that knows everything is me.

All joking aside though, it really amazes me that this guy would come to these forums to taunt his wiki and then assume that no one here actually knows anything. When I saw his response one word came into mind.. "oops"

Guess he took a knife to rob a gun store.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: sirdarckcat
Date: June 23, 2009 10:30AM

Quote

I found a new site, specialized in Global Application Security. They claim that the site is an encyclopedia for Web Application Security.
You found? or you made?
Quote

Posted by: wimvincken
		<meta name="author" content="Wim Vincken" />
dude!! what a coincidence, you have the same name as the author!! what a weird world!!

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: thrill
Date: June 23, 2009 11:36AM

I just love the fact that:

A) It's conveniently down for maintenance.
B) It's not really down for maintenance because you can still go directly to the index page and navigate without a problem.

Obscurity. n. [abs coo ree tee]

Securing your web applications since 1993.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: wimvincken
Date: June 23, 2009 11:59AM

Well, that was easy to repel.

The only "hacker" who tried was repelled by the security engine.
Mr. ILoveYou tried to register and add some comments on the home page. TikiWiki noticed and kicked him out, and removed the comments as well.

This site is only a site with general information and nothing more.
But if you guys think differently, then try it again. How more attempts, how more advertisement for the site

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: thrill
Date: June 23, 2009 12:26PM

It is obvious that you didn't take the time to read some of the forums on this site before posting your own advertisement. If you had, you would have never made a commet of:

Quote

Well, that was easy to repel.

The best minds in webapp security post to this board (myself not included, I'm just the comic relief) and you should have a little respect and humility, especially since you claim to know about webapp security.

As for your comment of the 'only hacker'.. that is extremely naive of you to think any serious person, especially the guys on this board, would bother in trying to create a user account to post some comments. That'd be the same as a car thief walking around with a slim-jim in his hands.. you won't see the professional car thief, nor will you even realize the testing these guys are doing on your board looking for that little crack that will provide them full admin rights to your database.

You've done a good job of finding definitions for protocols/applications/attack methods and putting them on your wiki, I'm sure that's taken a while. Now take a little time to look around these forums and read up on some of the amazing stuff these guys work on.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 23, 2009 12:41PM

@thrill well spoken - hope the de-escalation works

@winvincken attackers can still steal your and your users cookies. poc posted earlier.



Edited 1 time(s). Last edit at 06/23/2009 12:42PM by .mario.

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: wireghoul
Date: June 23, 2009 12:42PM

I'm getting sick of telling you guys...

You need to use HTTPS for the "secure" wiki!!!!

[www.justanotherhacker.com]

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Anonymous User
Date: June 23, 2009 05:28PM

Quote

“Y-o-u m-u-s-t m-a-k-e m-e p-r-e-g-n-a-n-t,” she said slowly.

“Like … like … in shagging?” stammered Harry, not believing his ears. He for sure heard this wrong. “Time turner?” he asked. “Two hours? Time-turner?”

http://www.hpfanficarchive.com/viewstory.php?sid=273&chapter=1

I.. am.. outie 5000.. Bye thread

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: sirdarckcat
Date: June 23, 2009 08:53PM

> The only "hacker" who tried was repelled by the security engine.
fuck, a real hacker!


--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Global Application Security Wiki
Posted by: Spyware
Date: June 25, 2009 07:50AM

Fun fact; Wim Vincken once wrote some Potter slashfic called "Impossible Loves". Interesting. Anyhow, moving on...

Another fun fact; Wim once wrote a SEO Web 2.0 guide. Let me quote: "When you are known by the communities, then you have the ability to go to the customers or to the communities, who already know you. Making a sale is then very easy for a real sales man.

The examples above are extremely simple presented, but I hope you get the message. Creating announcements everywhere does not do the job. You must make people interested. And that can only be done with real content, not stupid announcements."

Seeing this thread, reading that article, what can I say, it's funny. Irony, thanks, I love having you around. Irony, that is.

What's the point of me telling you this? I'm a total jackass. Sorry Wim. I guess the point I'm trying to make is that people like Wim, well, I think they ruin the internet. Wim here earns his money by promoting websites by posting ambiguous messages on fora. He pretends to have used/use a service, and then tell people about it, conviently placing a link to the website of the company that offers the service. For Wim, this is his job. To me, it's spam. Look Wim, you're free to do as you please, by all means, indulge yourself in get-rich-quick schemes (http://www.webmasters.am/forums/showthread.php?t=6592), write your slashfic and submit your shit to digg (http://digg.com/users/wimvincken), but don't expect the bubble to last. You're making money off of nothing. It's not even real money, it's vapormoney. Metamoney. Internet-money.

Wim, don't ever post "interesting links" here again. This is slackers, which operates on a Fight Club vs. The Matrix basis. People here read code, and kick ass. Not me, but people, the others, they do. There's no room for "SEA Web 2.0"'rs who earn money by placing links to websites they have to promote.

Edit: layout of the message above probably sucks, sorry, posting with Lynx.

Options: ReplyQuote


Sorry, only registered users may post in this forum.