My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
Welcome. WordPress is a very special project to me. Every developer and contributor adds something unique to the mix, and together we create something beautiful that I'm proud to be a part of. Thousands of hours have gone into WordPress, and we're dedicated to making it better every day. Thank you for making it part of your world.
-
— Matt Mullenweg
-
Installation: Famous 5-minute install
-
-
Unzip the package in an empty directory and upload everything.
-
Open wp-admin/install.php in your browser. It will take you through the process to set up a wp-config.php file with your database connection details.
-
-
If for some reason this doesn't work, don't worry. It doesn't work on all web hosts. Open up wp-config-sample.php with a text editor like WordPad or similar and fill in your database connection details.
Once the configuration file is set up, the installer will set up the tables needed for your blog. If there is an error, double check your wp-config.php file, and try again. If it fails again, please go to the support forums with as much data as you can gather.
-
If you did not enter a password, note the password given to you. If you did not provide a username, it will be admin.
-
The installer should then send you to the login page. Sign in with the username and password you chose during the installation. If a password was generated for you, you can then click on 'Profile' to change the password.
-
-
Updating
-
Using the Automatic Updater
-
If you are updating from version 2.7 or higher, you can use the automatic updater:
If you've looked everywhere and still can't find an answer, the support forums are very active and have a large community ready to help. To help them help you be sure to use a descriptive thread title and describe your question in as much detail as possible.
There is an online chat channel that is used for discussion among people who use WordPress and occasionally support topics. The above wiki page should point you in the right direction. (irc.freenode.net #wordpress)
You can post from an email client! To set this up go to your "Writing" options screen and fill in the connection details for your secret POP3 account. Then you need to set up wp-mail.php to execute periodically to check the mailbox for new posts. You can do it with cron-jobs, or if your host doesn't support it you can look into the various website-monitoring services, and make them check your wp-mail.php URL.
-
Posting is easy: Any email sent to the address you specify will be posted, with the subject as the title. It is best to keep the address discrete. The script will delete emails that are successfully posted.
If you have any suggestions, ideas, or comments, or if you (gasp!) found a bug, join us in the Support Forums.
-
WordPress has a robust plugin API that makes extending the code easy. If you are a developer interested in utilizing this, see the plugin documentation in the Codex. You shouldn't modify any of the core code.
-
-
Share the Love
-
WordPress has no multi-million dollar marketing campaign or celebrity sponsors, but we do have something even better—you. If you enjoy WordPress please consider telling a friend, setting it up for someone less knowledgable than yourself, or writing the author of a media article that overlooks us.
-
WordPress is the official continuation of b2/cafélog, which came from Michel V. The work has been continued by the WordPress developers. If you would like to support WordPress, please consider donating.
-
License
-
WordPress is free software, and is released under the terms of the GPL version 2 or (at your option) any later version. See license.txt.
My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.
\n\
-
Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.
\n\
-
The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.
Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called the ‘Hackers Lounge’, everyone in there was talking about all sorts of cool things you could do with computers that I had never heard of before. With hindsight, most of the people in the chat room were script kiddies who knew how to run a few Windows GUI ‘hacking’ tools and largely acting like they were the kings of the Internet. At the time I wanted to learn about all of the cool things they knew. I started downloading and learning how to use these ‘hacking’ tools by the use of my guinea pig friends and family (my siblings soon grew tired of me remotely opening and closing their CD-ROM drives).
\n\
-
Some of these tools are still actively developed and used today, invaluable to conducting modern Penetration Testing and security audits. For the sake of nostalgia, I present to you some of the coolest most 1337 ‘hacking’ tools that I and others used ‘back in the day’. Warning: Download links not verified.
A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further.
\n\
-
X-Frame-Options is a HTTP response header that tells the browser what pages are allowed to be loaded in <frame> or <iframe> HTML tags. The header is an extra layer of security that a web application can implement to attempt to mitigate clickjacking (UI redressing).
\n\
-
The X-Frame-Options header may have three different values:
\n\
-
DENY – No pages are allowed to be loaded. \n\
- SAMEORIGIN – Only pages from the same domain are allowed to be loaded. \n\
- Allow-From http://www.example.com – Only allow frames from www.example.com.
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, I hate the term and would never call myself one.
\n\
- \n\
-
\n\
- Posted on 13 February, 2012 by ethicalhack3r
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
\n\
-
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
\n\
-
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
![\"rss](\"http://www.ethicalhack3r.co.uk/wp-content/themes/ethicalhack3r/img/rss.png\")
\n\
- \n\
- ![\"Legion](\"http://www.ethicalhack3r.co.uk/wp-content/uploads/2012/05/legion_rhino9.gif\" "\\"legion_rhino9\\"")
![](\"http://www.ethicalhack3r.co.uk/wp-content/uploads/2010/09/238614.jpg\")
\n\
- ![](\"http://www.ethicalhack3r.co.uk/wp-content/uploads/2010/11/EFF-logo-trans.gif\")
\n\
- \n\
- 