Archive for the ‘tools’ Tag

hide your JavaScript

If there is a reason why you don’t want humans to read your JavaScript code, you can use the packer from
http://dean.edwards.name/packer/ to obfuscated it (online).

The packer compress the code to one line, deletes all comments and has the option to encode it with Base62. You can put the generated code in your code, it should work with any browser.
You must correctly terminate all JavaScript statements with semi-colons.

Here an example script and the output from the packer:
Continue reading

Advertisements

Stop Spam with reCAPTCHA

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) can protect you and your users from spammers and crackers.
Broadly spoken, user don’t like this ugly looking pictures and I saw a lot of false implemented code or very easy to crack. To see some examples which CAPTCHAs can be broken you should check out http://sam.zoy.org/pwntcha/

An easy to implement, free and I guess secure service can be found on recaptcha.org and you help by digitizing books.

Continue reading

Pixy: XSS and SQLI Scanner for PHP Programs

Pixy is a free Java program that performs automatic scans of PHP 4 source code, aimed at the detection of Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

There is also a easy to use webinterface where you can upload your files or paste the code to analyse it.

http://pixybox.seclab.tuwien.ac.at/pixy/webinterface.php