«
Expand/Collapse
200 items tagged "proxy"
Related tags:
proxy mode [+],
internal web servers [+],
buffer overflow vulnerability [+],
web proxy cache [+],
web proxy [+],
phpcas [+],
apache [+],
zorp [+],
testing tool [+],
proxy firewall [+],
policy decisions [+],
penetration [+],
firewall [+],
core architecture [+],
zap [+],
tor [+],
string [+],
proxy bypass [+],
proof of concept [+],
mac os x [+],
mac os [+],
internet [+],
firefox [+],
exploits [+],
mod [+],
ubuntu [+],
testing [+],
tar [+],
remote buffer overflow vulnerability [+],
read [+],
proxies [+],
mode [+],
gopher [+],
filtering [+],
external exposure [+],
dns [+],
darknet [+],
cyclope [+],
apache software foundation [+],
service vulnerability [+],
ycrawler [+],
x release [+],
windows [+],
wildcard characters [+],
websense [+],
web crawler [+],
usn [+],
tool 1 [+],
tool [+],
stefano nichele [+],
squid proxy [+],
special request [+],
socks [+],
security vulnerability [+],
security notice [+],
security [+],
remote buffer overflow [+],
red hat security [+],
red [+],
publishers [+],
proxy settings [+],
proxy filter [+],
proxy check [+],
prank o [+],
pound [+],
load balancer [+],
internal server error [+],
integer overflow [+],
installer [+],
heap [+],
hacks [+],
hacking [+],
gtk interface [+],
gsettings [+],
filter [+],
fhttp [+],
evasion [+],
crawling [+],
check [+],
charlie vedaa [+],
caching [+],
bypass [+],
backend servers [+],
attack [+],
Tools [+],
denial of service [+],
vulnerability [+],
apache http server [+],
xpath expressions [+],
url parameter [+],
umbraco [+],
txt [+],
traffic [+],
tor proxy [+],
timeout [+],
tar gz [+],
symantec [+],
ssl aware [+],
ssh ports [+],
socks proxy [+],
slides [+],
siri [+],
service [+],
security proxy [+],
security bug [+],
sec wall [+],
reverse proxy [+],
python library [+],
pyproxy [+],
proxy server [+],
proxy hunter [+],
proxy checker [+],
promiscuous [+],
php script [+],
penetration testers [+],
pbx [+],
open [+],
network traffic analysis [+],
multithreaded [+],
mitmproxy [+],
linux [+],
level cross [+],
iphone [+],
header field [+],
ftp [+],
dnschef [+],
denial [+],
cvs [+],
cross site scripting [+],
client proxy [+],
client [+],
checks [+],
checker [+],
cas [+],
bugtraq [+],
authentication schemes [+],
authentication header [+],
aspx [+],
application network [+],
apple airport [+],
alcatel 4400 [+],
alcatel [+],
Wireless [+],
Release [+],
Programming [+],
http [+],
squid [+],
zip [+],
wrt [+],
winsock functions [+],
win [+],
web giant [+],
vulnerabilities [+],
virtual box [+],
video [+],
sync [+],
ssh telnet [+],
ssh [+],
squipy [+],
specific software [+],
sophos [+],
security response team [+],
routers [+],
round [+],
retired [+],
response [+],
quot [+],
proxy support [+],
proxy software [+],
proxy host [+],
proxy auto configuration [+],
proxy authorization [+],
proxocket [+],
project [+],
program [+],
plz [+],
pipeline [+],
pete [+],
paraegis [+],
owasp [+],
overflow [+],
openvas [+],
open architecture [+],
offline storage [+],
ntv [+],
new [+],
negative content [+],
mechanism [+],
matic [+],
linksys [+],
libproxy [+],
konsole [+],
jailbreak [+],
interim response [+],
integer overflow vulnerability [+],
httpd [+],
hatkit [+],
google [+],
functionality [+],
forensics [+],
firesheep [+],
finder [+],
file [+],
evil [+],
doesn [+],
dll [+],
disclosure [+],
custom [+],
content length [+],
charset [+],
car [+],
bt4 [+],
browser [+],
brandon fiquett [+],
black hat [+],
big g [+],
autostart [+],
authorization [+],
audio [+],
arabic [+],
antonio [+],
admin [+],
Software [+],
Pentesting [+],
Newbie [+],
BackTrack [+],
Area [+],
proxy ftp [+],
server mod [+],
web [+],
null pointer [+],
uri [+],
information disclosure vulnerability [+],
zed attack [+],
server [+],
security vulnerabilities [+],
request body [+],
security experience [+],
proxy module [+]
-
-
13:39
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1461-01 - libproxy is a library that handles all the details of proxy configuration. A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy instructed the use of a PAC proxy configuration. This issue was discovered by the Red Hat Security Response Team.
-
-
17:00
»
SecuriTeam
Squid proxy caching server is prone to a denial-of-service vulnerability.
-
-
13:03
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0542-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
13:03
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0542-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
13:02
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0543-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
13:02
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0543-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
-
15:37
»
Packet Storm Security Recent Files
A user has discovered a severe security bug in Firefox related to websockets bypassing the SOCKS proxy DNS configuration. This means when connecting to a websocket service, your Firefox will query your local DNS resolver, rather than only communicating through its proxy (Tor) as it is configured to do.
-
15:37
»
Packet Storm Security Misc. Files
A user has discovered a severe security bug in Firefox related to websockets bypassing the SOCKS proxy DNS configuration. This means when connecting to a websocket service, your Firefox will query your local DNS resolver, rather than only communicating through its proxy (Tor) as it is configured to do.
-
-
12:53
»
Packet Storm Security Advisories
Ubuntu Security Notice 1400-5 - USN-1400-1 fixed vulnerabilities in Firefox. Firefox 11 started using GSettings to access the system proxy settings. If there is a GSettings proxy settings schema, Firefox will consume it. The GSettings proxy settings schema that was shipped by default was unused by other applications and broke Firefox's ability to use system proxy settings. This update removes the unused schema. Various other issues were also addressed.
-
12:53
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1400-5 - USN-1400-1 fixed vulnerabilities in Firefox. Firefox 11 started using GSettings to access the system proxy settings. If there is a GSettings proxy settings schema, Firefox will consume it. The GSettings proxy settings schema that was shipped by default was unused by other applications and broke Firefox's ability to use system proxy settings. This update removes the unused schema. Various other issues were also addressed.
-
12:53
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1400-5 - USN-1400-1 fixed vulnerabilities in Firefox. Firefox 11 started using GSettings to access the system proxy settings. If there is a GSettings proxy settings schema, Firefox will consume it. The GSettings proxy settings schema that was shipped by default was unused by other applications and broke Firefox's ability to use system proxy settings. This update removes the unused schema. Various other issues were also addressed.
-
-
20:30
»
Packet Storm Security Recent Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
-
20:30
»
Packet Storm Security Tools
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
-
20:30
»
Packet Storm Security Misc. Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
-
20:29
»
Packet Storm Security Recent Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
-
20:29
»
Packet Storm Security Tools
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
-
20:29
»
Packet Storm Security Misc. Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
-
20:28
»
Packet Storm Security Recent Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
-
20:28
»
Packet Storm Security Misc. Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
-
-
18:53
»
Packet Storm Security Recent Files
Vulnerable installations of Umbraco allow unauthenticated users to abuse the script FeedProxy.aspx into proxying requests on their behalf through the "url" parameter.
-
18:53
»
Packet Storm Security Misc. Files
Vulnerable installations of Umbraco allow unauthenticated users to abuse the script FeedProxy.aspx into proxying requests on their behalf through the "url" parameter.
-
-
17:15
»
Packet Storm Security Recent Files
Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
-
17:15
»
Packet Storm Security Tools
Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
-
17:15
»
Packet Storm Security Misc. Files
Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
-
-
18:16
»
Packet Storm Security Recent Files
DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.
-
18:16
»
Packet Storm Security Misc. Files
DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.
-
-
18:34
»
Packet Storm Security Advisories
Ubuntu Security Notice 1368-1 - It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Various other issues were also addressed.
-
-
10:01
»
Hack a Day
As weird as it might sound, there’s a way to use Google documents as a web proxy. The image above is a screenshot of [Antonio] demonstrating how he can view text data from any site through the web giant’s cloud applications. Certain sites may be blocked from your location, but the big G can load [...]
-
-
10:11
»
Packet Storm Security Recent Files
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
10:11
»
Packet Storm Security Tools
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
10:11
»
Packet Storm Security Misc. Files
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
-
6:59
»
Packet Storm Security Recent Files
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
-
6:59
»
Packet Storm Security Tools
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
-
6:59
»
Packet Storm Security Misc. Files
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
-
-
14:01
»
Hack a Day
Siri can make appointments, tell you the weather, but now she can start your car as well! After we showed you how Siri could be hacked to use a custom proxy and execute custom commands, we knew it wouldn’t be long before additional hacks would start rolling in. [Brandon Fiquett] thought it would be great [...]
-
-
9:01
»
Hack a Day
[Pete] has an iPhone 4s and loves Siri, but he wishes she had some more baked-in capabilities. While the application is technically still in beta and will likely be updated in the near future, [Pete] wanted more functionality now. Since Apple isn’t known for their open architecture, he had to get creative. Knowing how Siri’s [...]
-
-
19:11
»
Packet Storm Security Advisories
Ubuntu Security Notice 1259-1 - It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Stefano Nichele discovered that the mod_proxy_ajp module in Apache when used with mod_proxy_balancer in certain configurations could allow remote attackers to cause a denial of service via a malformed HTTP request. Various other issues were also addressed.
-
19:11
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1259-1 - It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Stefano Nichele discovered that the mod_proxy_ajp module in Apache when used with mod_proxy_balancer in certain configurations could allow remote attackers to cause a denial of service via a malformed HTTP request. Various other issues were also addressed.
-
19:11
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1259-1 - It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Stefano Nichele discovered that the mod_proxy_ajp module in Apache when used with mod_proxy_balancer in certain configurations could allow remote attackers to cause a denial of service via a malformed HTTP request. Various other issues were also addressed.
-
-
16:10
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1392-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
16:10
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1392-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.
-
16:00
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1391-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. It was discovered that mod_proxy_ajp incorrectly returned an "Internal Server Error" response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed.
-
16:00
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1391-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. It was discovered that mod_proxy_ajp incorrectly returned an "Internal Server Error" response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed.
-
16:00
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1391-01 - The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. It was discovered that mod_proxy_ajp incorrectly returned an "Internal Server Error" response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed.
-
-
18:06
»
Packet Storm Security Exploits
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.
-
18:06
»
Packet Storm Security Recent Files
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.
-
18:06
»
Packet Storm Security Misc. Files
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.
-
-
12:29
»
Packet Storm Security Exploits
Context discovered a security vulnerability which allows for Apache in reverse proxy mode to be used to access internal/DMZ systems due to a weakness in its handling of URLs being processed by mod_rewrite. Versions 1.3 and 2.x are affected.
-
12:29
»
Packet Storm Security Recent Files
Context discovered a security vulnerability which allows for Apache in reverse proxy mode to be used to access internal/DMZ systems due to a weakness in its handling of URLs being processed by mod_rewrite. Versions 1.3 and 2.x are affected.
-
12:29
»
Packet Storm Security Misc. Files
Context discovered a security vulnerability which allows for Apache in reverse proxy mode to be used to access internal/DMZ systems due to a weakness in its handling of URLs being processed by mod_rewrite. Versions 1.3 and 2.x are affected.
-
-
7:17
»
Packet Storm Security Recent Files
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
7:17
»
Packet Storm Security Tools
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
7:17
»
Packet Storm Security Misc. Files
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
-
-
7:45
»
Packet Storm Security Recent Files
This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more.
-
7:45
»
Packet Storm Security Tools
This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more.
-
7:45
»
Packet Storm Security Misc. Files
This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more.
-
7:10
»
Packet Storm Security Tools
tor2web is a web proxy tool that promotes the use of Tor hidden services. It is based on the Glype web proxy and is meant to protect publishers.
-
7:10
»
Packet Storm Security Misc. Files
tor2web is a web proxy tool that promotes the use of Tor hidden services. It is based on the Glype web proxy and is meant to protect publishers.
-
-
12:47
»
Packet Storm Security Recent Files
sec-wall is a high-performance security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers.
-
12:47
»
Packet Storm Security Misc. Files
sec-wall is a high-performance security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers.
-
-
11:22
»
Packet Storm Security Recent Files
YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
-
11:22
»
Packet Storm Security Tools
YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
-
11:22
»
Packet Storm Security Misc. Files
YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
-
-
13:50
»
Packet Storm Security Recent Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.
-
13:50
»
Packet Storm Security Misc. Files
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.
-
-
7:18
»
Packet Storm Security Headlines
Maybe it's just too early in the morning, but this article confuses me. Sophos is telling people to tunnel a proxy over SSH in order to mitigate the chances of getting nabbed by Firesheep. This is all well and good but why go through all that extra trouble?
If you have the ability to SSH into a host that you trust, just use it with -D port_number and use that as your SOCKS proxy in your Firefox configuration. For all the people out there that are actually shaken by Firesheep, it's probably worth noting that this plug-in does not demonstrate any new vulnerability.
-
-
23:01
»
Packet Storm Security Recent Files
Part of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
-
23:00
»
Packet Storm Security Advisories
Part of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
-
-
20:00
»
Packet Storm Security Advisories
A timeout detection flaw in the httpd mod_proxy_http module causes proxied response to be sent as the response to a different request, and potentially served to a different client, from the HTTP proxy pool worker pipeline.
-
-
8:36
»
remote-exploit & backtrack
I'm having a problem updating it
It says "Error: rsync failed. Your NVT collection might be broken now."
Firewall? ..I'm using a domain for downloads, and that's blocking me.. How can i define the proxy in the Konsole, like I had to do on Firefox?
Ty
-
-
4:42
»
remote-exploit & backtrack
Hi..
I hv just installed backtrack4 in virtual box..
I can use internet with bt4..
In win xp i hv a proxy software which always promt me to choose a proxy server(which i hv previously defined.) when i start any internet based application(eg. Telnet,ftp,any internet browser etc.)..
Is there any kind of apps in bt4 which will let me allow to use socks proxy server like the above or nearly above..
-
-
4:39
»
remote-exploit & backtrack
Hey!
Since Linksys WRT54GL Routers are Linux based and SSH / Telnet AND Remote Connection to the device is possible, I asked myself if it wouldn't be possible to add some proxy function to this device, so that it proceeds every request from outside.
So the main idea is to write a script that proceeds every request, copy it to the router, make it executable and execute it once so that it is present until the router is restarted (or better copy it into the routers autostart?)
Unfortunately, I have no idea to start, but I would be pleased about every input you have :)