Not sure when this was released, but I am sure that it was pretty recently.  From the title I wasn’t really expecting much, but was pleasantly surprised by the clarity with which the tips were explained.  Frank Kim and Ed Skoudis co-authored this pithy 6 page paper.

Here is the description from the SANS Reading Room:

Many web application vulnerabilities are a direct result of improper input validation and output filtering, which leads to numerous kinds of attacks, including cross-site scripting (XSS), SQL injection, command injection, buffer overflows and many others. This article describes some of the best defenses against such attacks, which every Web application developer should master.

This offering looks to be part of a new series from SANS entitled, Working Papers in Application Security. I am looking forward to future papers if they are written as lucidly as this one.

Good work, Frank and Ed.

Here is the link to get the document: http://www.sans.org/reading_room/application_security/protecting_web_apps.pdf

Ed Skoudis (of InGuardians and SANS 504/517/560 fame) twitted about the release of 3 new cheat sheets this morning.  The sheets are hosted on SANS website and links to them can be found on InGuardians (http://www.inguardians.com/pubs/articles.html).

Here is the description from InGuardians:

“Ed Skoudis releases 3 new cheat sheets for the most useful Windows command-line tools, Netcat, and other useful attack tools (Metasploit, Fgdump, and Hping). Get ‘em while their hot!”

Links:
Netcat: http://www.sans.org/resources/sec560/netcat_cheat_sheet_v1.pdf

Windows command line: http://www.sans.org/resources/sec560/windows_command_line_sheet_v1.pdf

Metasploit, Fgdump, Hping, etc.: http://www.sans.org/resources/sec560/misc_tools_sheet_v1.pdf

Seth Misenar

http://www.digininja.org/cewl.php

CeWL “spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper” (from the website).

Very nice. This tool dovetails nicely with Ed’s first tip from SATPT, “Build Password Guessing and Cracking Dictionaries”.  In fact, it turns out that the tool was based on a PaulDotCom discussion, http://pauldotcom.com/2008/11/creating-custom-wordlists-for.html, which was in turn based upon content provided in Ed’s SEC560: Network Penetration Testing, which I will be teaching in Atlanta in February, https://www.sans.org/atlanta09_cs/description.php?tid=1717.

Wshew…did you follow all that.  Regardless of its origins, CeWL definitely looks like something I will be adding to my tool arsenal.  Check it out.