penetration-testing

First of all, I want to avoid a flame-war on languages. The languages to choose from are Perl, Python and Ruby . I want to mention that I'm comfortable with all of them, but the problem is that I can't focus just on one. If, for example, I see a cool Perl module, I have to try it out. If I see a nice Python app, I have to know how it's made. If I see a Ruby DSL or some Ruby voodoo, I'm hooked on Ruby for a while. Right now I'm working as a Java developer, but plan on taking CEH in the near future. My question is: for tool writing and exploit development, which language do you find to be the

Burp newbie writing an extension... I am trying to add a header to the response to test CSP rules. I have found lots of resources to add headers to Requests, but not for Responses. Here is the (non-working) code I have so far: def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # determine what tool we would like to pass though our extension: if toolFlag == 4: #if tool is Proxy Tab # determine if request or response: if not messageIsRequest:#only handle responses response = messageInfo.getResponse() #get Response from IHttpRequestResponse instance responseStr = self.

I've been trying to break this up for a few hours now but with no success... I am pretty desperate now :( I am doing penetration testing for a company and I need to bypass this frame killer JS: <script type="text/javascript">/* <![CDATA[ */ if (top != self) { try { if (parent != top) { throw 1; } var disallowed = ['XXXXXXX.com']; var href = top.location.href.toLowerCase(); for (var i = 0; i < disallowed.length; i++) { if (href.indexOf(disallowed[i]) >= 0) { throw 1; } } } catch (e) { try { window.document.getElementsByTagName('head')[0].innerHTML = ''; } catch (e) { /* IE */ var htmlEl =

Over the years I have had a few of the websites I have developed submitted for penetration testing by clients. Most of the time the issues that are highlighted when the results return relate to the default behaviour of ASP .Net such as possible cross site scripting attacks etc. Are there any good articles on which vulnerabilities exist by default in an ASP .Net application and secondly are there any good checklists to follow which will help prepare a site in advance? I think that the check list changes by the time and its theory with experience together. I always check my log files and see new

I need to remove excessive headers (primarily to pass penetration testing). I have spent time looking at solutions that involve running UrlScan, but these are cumbersome as UrlScan needs to be installed each time an Azure instance is started . There must be a good solution for Azure that does not involve deploying installers from startup.cmd. I understand that the response headers are added in different places : Server : added by IIS. X-AspNet-Version : added by System.Web.dll at the time of Flush in HttpResponse class X-AspNetMvc-Version : Added by MvcHandler in System.Web.dll. X-Powered-By :

I am doing some penetration testing on my localhost with OWASP ZAP, and it keeps reporting this message: The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff' This check is specific to Internet Explorer 8 and Google Chrome. Ensure each page sets a Content-Type header and the X-CONTENT-TYPE-OPTIONS if the Content-Type header is unknown I have no idea what this means, and I couldn't find anything online. I have tried adding: <meta content="text/html; charset=UTF-8; X-Content-Type-Options=nosniff" http-equiv="Content-Type" /> but the I still get the alert. What is the