Stripe-CTF Walkthrough
August 29, 2012 | Ryan Linn
I had the opportunity to do the Stripe-CTF (Capture The Flag) contest this past ...
WAF Normalization and I18N
August 29, 2012 | Ryan Barnett
Submitted By Breno Silva Pinto and Ryan Barnett
How to Get the Most Out of a PenTest
August 29, 2012 | Nathan Drier
Being a PenTester for Trustwave Spiderlabs, I work with a huge amount of ...
How Antivirus Saved the Day…Sort of.
August 28, 2012 | Josh Grunzweig
Recently, I found myself in a common situation—helping a comrade in our ...
It's a sunny (zero) day for Java
August 27, 2012 | SpiderLabs Researcher
Java exploits have been used for distributing malware for a while. See for ...
PTJ Undermines Your Blinky Light Box
August 27, 2012
So, you just bought that fancy new box with the blinky lights that's supposed ...
All Your Password Hints Are Belong to Us
August 22, 2012 | Jonathan Claudius
This past weekend I ended up coming into the SpiderLabs office and "nerded out" ...
DEF CON 20: French Fry, Pizza, or Rotten Apples?
August 21, 2012
If you currently do a search online for a female's perspective about DEF CON, ...
Microsoft Patch Tuesday August 2012 – Staying Alive In Gale Crater
August 14, 2012 | Space Rogue
As you install the nine updates that came out of Microsoft this month, five of ...
Poems from The Palms
August 13, 2012 | Martin Murfitt
SpiderLabs gathered for its annual meeting in Las Vegas recently. Though no ...
Stamping Out Hash Corruption, Like a Boss
August 07, 2012 | Jonathan Claudius
Have you ever dumped LM and NTLM password hashes from a Windows system using ...
One Factor, Two Factor, Three Factor, More
August 07, 2012
There has been a lot of talk online today about how Matt Honan, a reporter for ...
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
July 27, 2012 | Robert Foggia
The SpiderLabs team at Trustwave published a new advisory today, which details ...
PenTest Manager 2.0 - Attack Sequences
July 26, 2012
Trustwave recently launched PenTest Manager 2.0, a major enhancement of the ...
Announcing the availability of ModSecurity extension for IIS
July 26, 2012 | Ryan Barnett
This blog post has also been posted on the Microsoft Security Research and ...
Spiders are FUN! Party at DEF CON
July 25, 2012
Hey folks! This week a fair amount of us (15k) are heading to Vegas for Black ...
Reducing web application attack surface
July 24, 2012 | Breno Silva
For as long as companies rely on web sites to do business with their customers ...
Beyond Apache: ModSecurity for IIS/Nginx is Coming
July 20, 2012 | Ryan Barnett
The Trustwave SpiderLabs Research Team is proud to announce that, through a ...
Spam Down II: Grum Down
July 20, 2012 | Phil Hay
So the media is abuzz with news of the takedown of the Grum botnet, which has ...
Analyzing PDF Malware - Part 3D
July 19, 2012 | Ryan Merritt
Pentesting like an Eastern European
July 18, 2012 | Jonathan Werrett
Through SpiderLabs' Incident Response and Penetration Testing services we get a ...
Hashcat Per Position Markov Chains
July 18, 2012 | Daniel Turner
I just wanted to let you guys know about some interesting work Atom has been ...
Spam Down: Where is Lethic?
July 17, 2012 | Phil Hay
At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish ...
What did the Java applet say to the SWF? Don't leave me alone in this Blackholeee!
July 16, 2012 | SpiderLabs Researcher
Last week as we were analyzing the new version of Blackhole with the new Java ...
Conference tips from your friends at Trustwave SpiderLabs
July 11, 2012 | SpiderLabs Anterior
We are quickly approaching the largest security conference week on the planet. ...
Microsoft Patch Tuesday July 2012 – TLS and Office for Mac?
July 10, 2012
We have nine bulletins to deal with this month three of which are rated ...
How much data? Apache, Ubuntu and the Lies of the Logs.
July 03, 2012 | Ryan Jones
Forensic investigators rely heavily on log file data in order to analyse ...
Analyzing PDF Malware - Part 3C
July 03, 2012 | Ryan Merritt
Let me explain, no there is too much, let me sum up… This is part 3C in the ...