During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other …

Synopsis
Title : Minify and related plugins DOM-Based XSS Vulnerability
Version : 2.1.3 & 2.1.4-Beta
Credit  : Ayoub Aboukir, Independent Security Researcher
Contact : <ay.aboukir at gmail d0t com>
Software Link :   http://code.google.com/p/minify/
Release note:    https://groups.google.com/group/minify/browse_thread/thread/48c1d1cf2642f79
Date of found    :     03/01/2012
Date of report     :     03/03/2012
Developer response:     03/03/2012
Upgrade release    :    03/10/2012
Disclosure date   …

[+] Title                        :    GeoClassifieds Lite Multiple vulnerabilities
[+] Affected Version :   v2.0.1 & V2.0.3.1 & V2.0.3.2 &V2.0.4
[+] Software Link      :   http://geodesicsolutions.com/
[+] Tested on              :    Windows 7 <Firefox>
[+] Date                        :   25/08/2011
[+] Dork                       :     “inurl:/admin/ Classifieds and Auctions …

Last week I was alerted that Google had blacklisted our Web site: yaboukir.com . It’s the first time that happened and I was surprised. I hadn’t much time to figure out the problem because I went on a holiday trip.

A typical Safe Browsing diagnostic page say something like this:
Malicious software is hosted on 1 …

[+] Title                       :  Advanced Poll 2.02 SQL Injection Vulnerability
[+] Affected Version     :  v2.02
[+] Software Link         :  http://www.electrolized.free.fr/scripts-php/pollphp.zip
[+] Tested on                  :  Windows 7 <Firefox>
[+] Date                     :  15/10/2011
[+] Dork                     …

RAMALLAH, Palestinian Territories — Hackers from around the world have attacked Palestinian servers, cutting Internet service across the West Bank and Gaza, the Palestinian communications minister said on Tuesday.
“Since this morning all Palestinian IP addresses have come under attack from places across the world,” Mashur Abu Daqqa told AFP on …

I’ve seen for the first time this freaky minimalist programming language called BrainF%#* in an on-line hacking contest two years ago. The challenge was at that time, to  decode a bizarre sequence of characters  written in BF. So, last year I suggested to my team to design a compiler that …

 
This is an open invitation for an open seminary this Saturday 22nd October, 10 AM at ENSIAS – Irfane, Rabat.  This will be organized by AIENSIAS (Association des Ingénieurs lauréats de l’ENSIAS) in partnership with ISC (Internet Systems Consortium) about: Understanding and Contributing to Open Source Software and Internet Infrastructure.  …

I had the opportunity to attend today the last day of this fourth edition of  WOTIC (Workshop on Information Technologies and Communication) at ENSEM, Casablanca.
WOTIC’11 was a forum for meeting, information and awareness of the scientific community (researchers, makers, equipment manufacturers and users) on the evolution and prospects of research …

e-commerce-maroc
Professionnels et autorités de tutelle main dans la main pour améliorer la confiance numérique.
Selon les statistiques du ministère de l’Industrie, du commerce et des nouvelles technologies, on recense 150 sites marchands au Maroc. Le chiffre peut paraître extrêmement faible pour une économie qui compte 7,7 millions de cartes bancaires. Mais …