what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 32 of 32

Files from Wireghoul

Feindura CMS 1.0rc Cross Site Scripting / Local File Inclusion

Posted Oct 29, 2010

Authored by Wireghoul | Site justanotherhacker.com

Feindura CMS versions 1.0rc and below suffer from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion

SHA-256 | 364e10b51df7e626af9e31c02f0fd1b74762c2df9327f0e6c321824c0b173d53

Download | Favorite | View

GRAudit Grep Auditing Tool 1.7

Posted Aug 3, 2010

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: New PHP signatures. Improved C signatures for fewer false positives. Improved dotnet signatures. Whitespace neutrality for all signatures. The -l operator lists available databases. An -x operator for excluding files. A configure script has been added to the make chain. Makefile install targets have changed, install is now server-wide.

systems | unix

SHA-256 | 17946720a1c50de801eced1894efd654595b7b1df1b7da38ba589deb5373464c

Download | Favorite | View

GRAudit Grep Auditing Tool 1.6

Posted May 14, 2010

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: This release adds a bugfix for greedy separator code, imports C rules from RATS, starts a test suite transition to the Junio C Hamano Git-inspired one, adds a case insensitive switch, adds dotnet signatures, discontinues the rough database, adds the combined database "all", and supports the GRDIR environment variable.

systems | unix

SHA-256 | 720edb009cb6438b0f052d5ac5e00f4961194644994839f8048a4df1b32fbfab

Download | Favorite | View

GRAudit Grep Auditing Tool 1.4

Posted Nov 25, 2009

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: New and improved signatures were added. Grep versions earlier than 2.5.3 are now gracefully detected. Preparations were done for version 1.5.

systems | unix

SHA-256 | 104f0b51d3d805140edef3ecfe2b8f58a37bb6a4f10397514e1156d1d8ccb7de

Download | Favorite | View

GRAudit Grep Auditing Tool 1.3

Posted Nov 3, 2009

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Some signatures have been added to existing databases. There are signature improvements to existing databases. JSP and ASP rulesets have been added. Testing has been improved.

systems | unix

SHA-256 | b5b1e4d5cc7f188f06ffae425b33102c9461e28b698cf121ce6edc4854372d48

Download | Favorite | View

GRAudit Grep Auditing Tool 1.2

Posted Sep 22, 2009

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Default signatures are now aimed at low hanging fruit. Documentation was improved. Bugs in graudit and signatures were fixed.

systems | unix

SHA-256 | fd668294add7e92f0178994cd6b27f09d6fabef89a1daf7529eb87bd31f18a0a

Download | Favorite | View

Graudit Source Code Analysis Tool 1.1

Posted Sep 16, 2009

Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

systems | unix

SHA-256 | 3e1a35d86f38060fb3dd3056661099be48c961d41dbb19aba33d9763da7aee55

Download | Favorite | View