Sometimes people ask if there are exploits or the latest offensive techniques in TeamMentor. The short answer is no. It doesn’t seem like an appropriate place for that type of information, because the focus is on preventing vulnerabilities. Preventing vulnerabilities makes exploits and offensive techniques irrelevant.
There may be some value to describing some attack scenarios so that people understand the threats better and how to defend from them, but it’s not necessary to describe any specific exploits or techniques to do that.
There is a strange appeal to talking about exploits and attack techniques; for some reason these things tend to draw a lot of attention. In practice, they are actually very simple, especially for web application.
Information about tools is another popular request. Generally speaking, preventing vulnerabilities is not accomplished by tools, but rather by following simple and proven methods during application development. Carrying out attacks often involves…
View original post 67 more words