I’ll be presenting “Attacking and Defending Apple iOS Devices in the Enterprise” Monday, March 12 @ 10am. I’ve got a bunch of new content about iOS 5, iCloud and the latest attacks on these devices. This is the inaugural event for SANS and I’m proud to be part of it! More information can be found here at the SANS website.
Category Archives: Application Security
Speaking at the SANS Mobile Device Security Summit
2
Filed under Apple, Application Security, Mobile Security, Penetration Testing
Tagged as Apple, icloud, ios, Jailbreak, mobile, SANS, security
Tagged as Apple, icloud, ios, Jailbreak, mobile, SANS, security
More Firefox application testing plugins: ExploitMe
Filed under Application Security
I recently wrote about some other Firefox plugins which allow you to manipulate and hack web pages. Looks like there is another set of tools called “ExploitMe” which allows for SQL Injection and XSS (Cross Site Scripting), and web service testing. From the article:
“The ExploitMe tools — which are in currently in beta form — include SQL Inject-Me, which lets you right-click on an HTML field in your Firefox browser and inject it with SQL injection payloads, and XSS-Me, which works the same way, but with XSS. The tools developers also plan to release Web services exploit tools as well…”
Looks like this is becoming a new trend in application testing tools. Good to see that things are using a good framework like Firefox extensions to add useful tools for testing. Note that I just did a quick search for the ExploitMe set of of tools in the Firefox extensions database and it has not been released yet as the creators will be launching these tools at the SecTor conference later this month.
