Comments for Neohaxor.org

Comment on Enumerating Dropbox Resources by SaaS Vendors Should Learn The Art Of Security Before They Open Shop - Dropbox Issue | CloudAve

Sun, 13 Dec 2009 09:24:15 +0000

[...] apps to see how they implement the security in their apps and, also, in their infrastructure.Today, Nathan Hamiel, a security professional, has highlighted one such misstep by a Cloud storage vendor, Dropbox.In [...]

Comment on Enumerating Dropbox Resources by Twitted by dkoffler

Twitted by dkoffler — Fri, 11 Dec 2009 21:33:26 +0000

[...] This post was Twitted by dkoffler [...]

Comment on Enumerating Dropbox Resources by Tweets that mention Enumerating Dropbox Resources -- Topsy.com

Tweets that mention Enumerating Dropbox Resources -- Topsy.com — Fri, 11 Dec 2009 20:20:07 +0000

[...] This post was mentioned on Twitter by James Arlen, Nathan Hamiel. Nathan Hamiel said: My blog post on resource enumeration issues in @dropbox is posted. Food for thought for cloud devs. http://is.gd/5k1No [...]

Comment on MonkeyFist Fu: The Intro by Nathan Hamiel

Nathan Hamiel — Fri, 11 Dec 2009 13:23:18 +0000

Wireghoul, It’s called laziness. I haven’t updated any of my posts since I changed the theme on my blog. Previously it was a dark theme, obviously this theme is not

Comment on MonkeyFist Fu: The Intro by Wireghoul

Wireghoul — Fri, 11 Dec 2009 01:43:05 +0000

The yellow on white colors makes your command line examples impossible to read without highlighting them.

Comment on WASC and GIAC/SANS to Create a Certification for Web Application Security by Dakingari

Dakingari — Sun, 15 Nov 2009 01:06:45 +0000

SANS and GIAC are same to me. I had the training AND exam paid for at the same time to SANS.
I must say the training was very good but to pay 900 USD for a Challenge exam is way over the top. I will not pay that if I am the one paying …but [sigh].. my company wants me to sit for the GIAC cert and add it to my CV .. to make more money from our clients… [sigh again]. so off I go and 4 hrs later I have it.. BTW I have over 15 years doing the stuff…so I am not a starter.. and also about 10 odd certs with an MSc thrown into the mix…

Comment on MonkeyFist Fu: The Intro by nyjezeme

nyjezeme — Sun, 23 Aug 2009 18:52:33 +0000

nyjezeme... Craigs List Alaska Craigslist ...

Comment on MonkeyFist Fu: The Intro by Interesting Information Security Bits for 08/13/2009 | Infosec Ramblings

Interesting Information Security Bits for 08/13/2009 | Infosec Ramblings — Thu, 13 Aug 2009 20:58:33 +0000

[...] you do so. Don’t forget, only use it in your lab or on sites you have permission to test. Neohaxor.org >> Blog Archive >> MonkeyFist Fu: The Intro Tags: ( tools csrf [...]

Comment on Dynamic Cross-Site Request Forgery (CSRF) by Twitted by MrOla

Twitted by MrOla — Thu, 13 Aug 2009 11:18:05 +0000

[...] This post was Twitted by MrOla [...]

Comment on Facebook Application Verification = Fail by Richard

Richard — Wed, 15 Jul 2009 02:37:13 +0000

Nathan, I am not familiar with the inside procedures of Facebook verification. If that’s true, the only point we can get is that the designer of this verification program doesn’t know security well. As a basic practice for application/web security, every changes need re-verification/check, at least major changes. Richard