naoeの日記 このページをアンテナに追加 RSSフィード

主に,情報セキュリティサマリMLとかINAS-MLのメモ用日記です.
実験的にsec-summaryの内容を日記として公開中

Twitterはじめました〜
twitter / kensukenaoe

2010-01-02 2009 12/27〜2010 1/2

[][] を含むブックマーク のブックマークコメント

MouseOverJacking attacks

http://websecurity.com.ua/3814/

Bypassing SEHOP

http://www.sysdream.com/articles/sehop_en.pdf

SEHOPとはStructured Exception Handlingの拡張である,Structured Exception Handling Overwrite Protectionの略.と書いてある.良く分からない.

最近Windows,例えばMicrosoft Windows 2008 SP0,Microsoft Windows Vista SP1,Microsoft Windows 7とかで実装されているらしい.

XSS vulnerabilities in 8 millions flash files

http://websecurity.com.ua/3789/

[][]  を含むブックマーク  のブックマークコメント

Wapiti

http://sourceforge.net/projects/wapiti/

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... It use the Python programming language.

WAFP

Web Application Finger Printing tool written in ruby using sqlite3 databases for storing the fingerprints.

http://mytty.org/wafp/

FindDomains v0.1.1

http://code.google.com/p/finddomains/

FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system.

[][] を含むブックマーク のブックマークコメント

2nd Call for Papers for the Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10)

Bradford, UK. Date: 29 June-1 July, 2010

http://trust.csu.edu.cn/conference/tsp2010

15th ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES (SACMAT 2010)

Renaissance Pittsburgh Hotel, Pittsburgh, June, 9-11, 2010

http://www.sacmat.org/

ACM WiSec 2010: Call for Posters and Demos. The 3rd ACM Conference on Wireless Network Security

March 22-24, 2010 Hoboken, USA

http://www.sigsac.org/wisec/WiSec2010/

Special Issue on Wireless Multimedia Networks and Security Services

Topics

* Multimedia indexing, processing and retrieval for WMN

* Data mining applications in WMN

* Content-aware multimedia distribution in WMN

* Multimedia multicasting in WMN

* QoS management in WMS

* Multimedia and multimodal interaction models in WMN

* Novel wireless and mobile multimedia applications and services

* Emerging standards, protocols and technologies in WMN

* Security, privacy, and cryptographic algorithms in WMN

* Network security issues and protocols in WMN

* Authentication, identity management in WMN

* Intrusion detection and prevention in WMN

* Content protection and digital rights management for WMS

* Trusted computing in WMS

* Information hiding and watermarking in WMS

* Network forensics and fraud detection for WMS

Important Dates:

Full manuscript due: February 15, 2010

Acceptance Notification: June 15, 2010

Final manuscript due: September 15, 2010

Publication date: 1Q or 2Q 2011 (Tentative)

http://eventseer.net/e/10777/

トラックバック - http://d.hatena.ne.jp/naoe/20100102