Select Page

CVE-2011-3368 PoC – Apache Proxy Scanner

A recent Apache vulnerability has been made public whereby an attacker could gain unauthorised access to content in the DMZ network: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly...

Proxyfuzz fuzzer RPM binary

Proxyfuzz is now available in RPM format for Fedora users. Petr Sklenar has created and uploaded the RPM version, available for download here. Source code and windows binaries can still be found in the security research section of our website. Proxyfuzz is a...

SECFORCE is now CREST certified

As part of the SECFORCE commitment to ensuring the provision of high quality services, SECFORCE has now achieved CREST certification. This will further complement the strong existing methodology and work of ethics. SECFORCE is already recognised as one of the leading...

GUI manipulation and penetration testing

Whilst in the web application development world it is becoming very well understood that “you should never trust the data from the client side”, this is not always the case in local applications. In web environments any restriction enforced at the client...