Month: March 2010


Persistent XSS: more than a popup :)

So a while ago I asked if I was allowed to play with and I got a positive response, I kinda looked around at their custom CMS,  didnt see anything immediately available, playing with cookies, changing values here and there, got some SQL errors on but nothing really spectacular: I looked around some…


NLP/NER: First views

So recently we have really been struggling at work with NLP/tags/phrases relating to a specific person/phrase. For example, you put down something like “Maltego” and you would like it to return things like the company (Paterva),  Information mining, Open source forensics, etc etc So i started looking around for NER/NLP API’s online and i found…


ZaCon ’09

So we had a little security con here in .za (South Africa), – basically an uncon styled conference: An unconference is a facilitated, participant-driven conference centered around a theme or purpose. The term “unconference” has been applied, or self-applied, to a wide range of gatherings that try to avoid one or more aspects of…