Tuesday, July 29, 2008

Microsoft Source Code Analyzer for SQL Injection tool

[RIP]The Microsoft Source Code Analyzer for SQL Injection tool is a static code analysis tool that helps you find SQL injection vulnerabilities in Active Server Pages (ASP) code. This article describes how to use the tool, the warnings that are generated by the tool, and the limitations of the tool. See the tool Readme document for more information.

[ Download

Saturday, July 26, 2008

Chronology of Data Breaches

This is a very interesting site which I feel provides some great information.  [RIP]  The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer organization with a two-part mission -- consumer information and consumer advocacy. It was established in 1992 and is based in San Diego, California. It is primarily grant-supported and serves individuals nationwide.

Friday, July 25, 2008

Coolest thing since sliced cheese

If you're using Outlook, this is a really nice tool.  Finally....a tool that actually helps with email!

Tuesday, July 22, 2008

LifeCycle Security

A friend of mine [and group of renegade badasses] has started a new security conference based around Web Application Security.  If you are going to be at Blackhat next month, be sure to get hooked up for this show.  Also...if you are a member of OWASP, please feel free to use this invitation for free admission.


We would like to make a special offer to you and the people at OWASP as our way of thanking you for your support of our Lifecycle Security (web application security)Conference which we are holding the day after Blackhat-Vegas on August 8-9, 2008 at the Las Vegas Ceasar's Palace.
FREE ADMISSION (normal price is $350) for the first 100 people who register by sending an email to freeoffer@LifeCycleSecurity.com with:
  • Name:
  • Company:
  • Address:
  • E-mail:
We plan to open this up to other lists later in the week, but we want to give OWASP members "first shot" at the free admission.  (There are only 100 free admission tickets.)  Our goal is to create a community where Application Security professionals can share information on an on-going basis.
We have Ounce, Proactive, Price Waterhouse, Modsecurity, Microsoft, Safe Channel, OWASP and Verizon involved in our Penetration Testing, Policy/Compliance/Solutions and a Vendor Tracks.
Thanks once again for your support.