XSS - :: Deepquest ::

[webapps] – Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

Posted by q121q under exploit, m$, Security, XSS (No Respond)

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

Secunia Security Advisory 50058

Posted by deepcore under Apple, blackberry, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple Safari for Mac OS X, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user’s system.

Tags: exploit, facebook, python, tools, ubuntu

Secunia Security Advisory 50068

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Secunia Security Advisory – A weakness and a vulnerability have been reported in Apple Xcode, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user’s session, and bypass certain security restrictions.

Tags: facebook, Security, Vulnerability

iOS SSL Kill Switch

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system’s default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

Tags: exploit, iphone, ubuntu, xss