Projects
Here we post information about various interesting stuff we have been working on.
Browser Security test. We have created a web site that tests web browsers for security vulnerabilities. The site has been up and running since 2003. It is the only fully automatic browser security test available now checking for 12 different vulnerabilities in Microsoft Internet Explorer, Mozilla browsers and Opera. We also test for bugs in browser plugins such as Flash and QuickTime.
"Secure File Upload in PHP Web Applications". Various web applications, such as blogs, forums and photo galleries allow users to upload files. Providing file upload function without opening security holes proved to be quite a challenge in PHP web applications. The article describes various security holes occurring in file upload implementations and provides an example secure implementation. The examples from the article can be downloaded here.
"SSL security in the .be TLD". SSL is frequently used to secure the exchange of sensitive information, e.g. in the context of web applications (accessed via a "https://" URL). However, in our experience, instances of SSL are often subject to implementation or configuration issues which substantially weaken the protection offered by this protocol. This article surveys the security of SSL in the ".be" top-level domain, mainly from the point-of-view of issues which may lead to vulnerability to man-in-the-middle attacks. Please use our form to request a test to determine if your SSL instance is at risk.
Excess is a tool for testing webmail systems for cross-site scripting bugs
EMon uses the Windows debugging API to attach to running processes and monitor for exceptions. When an exception occurs, it prints a summary containing the exception, a register dump, a stack dump, and a disassembly listing.
A software and hardware system for testing IVR (Interactive Voice Response) systems and in particular brute-forcing voice mail PIN codes.
SNMPblow is a tool for "blind" SNMP community bruteforcing and fetching Cisco IOS configuration file. It uses source IP address spoofing to bypass access lists.