Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Plone CMS Security Research: the Art of Plowning

from [Adrian Pastor] Network Security [Permanent Link]
Subject: Plone CMS Security Research: the Art of Plowning
Date: Thu, 13 Mar 2008 17:42:28 +0000 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello webappsec folks!

I thought the following research makes a good case study of a CMS that
is based on secure web application development guidelines (OWASP Top
10), but is still susceptible to issues that could allow the target to
be compromised.

Full details can be found here:
http://www.procheckup.com/Hacking_Plone_CMS.pdf

- --
Adrian P. | Security Consultant | +44 (0)207 307 5026 | ProCheckUp Ltd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH2WeEUmN3xwbmU6YRAkGhAJ0Z4GFkWqm0aRatSCpLi3NligJa3gCeMVdk
CZGnSZ9maKVTowm211tyg1M=
=cLod
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Plone CMS Security Research: the Art of Plowning, Adrian Pastor <=
Previous by Date:  AW: post vulnerability scenario, Martin Muench
Next by Date:  Black Hat Announcements: New CFP system and Japan '08 confirmed, jmoss
Previous by Thread:  AW: post vulnerability scenario, Martin Muench
Next by Thread:  Black Hat Announcements: New CFP system and Japan '08 confirmed, jmoss
Indexes:  [Date] [Thread] [Top] [All Lists]