Earlier this month I decided to take the scripts for username generation and roll them into an open source project. There were a couple of reasons for doing so. First, I needed source control hosting and SourceForge provides that for free as long as you release the project to the public. Second, I want to [...]
Tags: open source, penetration testing, web app security
I’ve written a couple of posts about a script I wrote to generate usernames. Since then I’ve written another script that uses Yahoo’s XML API and both of them have been included in SamuraiWTF. It’s been pretty cool to see people try out something that I wrote and find it useful to them. The scripts [...]
Tags: penetration testing, username generation, username generator
Mike Patterson on the Pauldotcom mailing list commented that he thought usernameGen.py could use handling for middle names. The template that he suggested was of first initial, middle initial and last name. I think he’s right. Originally I had the script avoid middle names or initials, but I went back and added the format Mike [...]
Tags: penetration testing, social networks, username generator
I wanted to do some testing on access controls to a SQL server recently, but I needed to a decent password list and username list. Password lists are fairly straight forward to find and I used an excellent how to from the Pauldotcom Podcast to create my password list. Next I needed a list of [...]
Tags: social networking, username generation, web security
There have been a few vulnerabilities lately with Adobe Acrobat Reader handing malicious javascript badly and this post is to show how to disable javascript in Acrobat Reader. While disabling an entire piece of functionality seems a bit like over kill, there are a couple of reasons that you may want to do this. Adobe [...]
Tags: adobe acrobat vulnerability, computer security
