Profile cover photo
Profile photo
Robin Wood
745 followers -
Hacking, Coding and Climbing
Hacking, Coding and Climbing

745 followers
About
Robin Wood's posts

Post has attachment
A new blog post talking about how a common web application mutual authentication technique often used by banks can be easily bypassed.

Post has attachment
New tool, Sitediff. Use a local copy of a set of files to fingerprint what framework an app is using.

https://digi.ninja/projects/sitediff.php

Post has attachment
Be careful who you share your backup data with.

https://digi.ninja/blog/crashplan.php

Post has attachment
New blog post, forcing Windows RDP client to show the desktop rather than asking for credentials itself.

This is useful doing an assessment as the desktop login page may reveal sensitive information such as login names and domains.

https://digi.ninja/blog/rdp_show_login_page.php

Post has attachment
New blog post, advice on asking a technical question or reporting a bug in free tools.

https://digi.ninja/blog/asking_for_help.php

Post has attachment
Finally tagged release 5.2 of CeWL, loads of bug fixes and better internationalisation.

https://digi.ninja/projects/cewl.php

Post has attachment
Just released a new blog post asking when it is OK for a tester to miss a vulnerability.

https://digi.ninja/blog/missing_a_vuln.php

Post has attachment
New blog post, EE, why no password change feature?

https://digi.ninja/blog/ee_no_password_change.php

Post has attachment
New blog post, using CSRF and iframes to exploit POST based reflected XSS

https://digi.ninja/blog/xss_through_csrf.php
Wait while more posts are being loaded