The Month of Hacker Folklore
Welcome to the The Month of Hacker Folklore
project, where you can win one of the ten Cross Site Scripting Attacks: Xss Exploits and Defense books and take a honorable place on the GNUCITIZEN website.
For the month of August we are going to collect various pieces of work that inspire the hacker spirit. This means that we except projects that are creative, clever, unique, provocative, intelligent, intense, intriguing or simply interesting. If you have done something that fits into any of these characteristics, do not hesitate to fill your details in the form bellow pointing us to the URL where we can find your work. You can also email us at contact at gnucitizen.org and group at gnucitizen.org. Attachments are welcome!
If you are not interested in participating in the event but you know someone that might be, sign them up. Your request will be totally anonymous.
The Month of Hacker Folklore
project aims to give a good exposure of your work. Saying that, you can submit anything that you can think of. No restrictions are implied. Whether this is going to be a movie, graphic, article, source code, tune, or interesting prank, it is all fine with us. Hackers express themselves in many different ways so give it a try.
Your work will be evaluated by the GNUCITIZEN members and DIGG’s on-line community. We will take into consideration both factors and choose the best of all submissions. So keep sending. The more you send, the higher changes you have to win.
Comments
Hacker, Cracker, Watchman, Spy
Hacker, Cracker, Watchman, Spy. Some old-school Valley hackers grew up to be high-tech cat burglars. Some went to work for the man. Some just never grew up.
by David Holthouse
Polymorphic File
Here I present a file that will appear diferent depending on which application you open it. As plain text, it will describe how it works, as HTML (with Firefox!), it will define XSS, and as JavaScript it will pop up a simple alert(document.cookie+window.location); XSS PoC. This means that it is a valid txt file, a valid html code, and a valid javascript code.
by sirdarckcat
Lan Scan
Javascript LAN scanner which finds IP’s on a local area network from an external domain, the code will also probe for a router model from a database which is being expanded by the community all the time.
by Gareth Heyes
PHP-IDS
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to.
Various from Kishor
Provocative: http://wasjournal.blogspot.com.....xcess.html
This is a learn XSS tool. I think it is provocative because you have an urge to cause XSS by bypassing least number of filters possible. We had cheat sheets, but no resource where people could ‘try’ different xss vectors. This page presents a XSS hacking contest in itself.
Interesting: http://wasjournal.blogspot.com.....e-for.html
This was unique for web app security at the timeof writing ;) (In my opinion)
http://wasjournal.blogspot.com.....f-web.html
Clever: http://wasjournal.blogspot.com.....ement.html
Humor: http://wasjournal.blogspot.com.....-idea.html
Creative (Simple but effective) - http://forum.php-ids.org/comme.....e=1#Item_0
So, who won this?
bunch of you, :) don’t worry I will sort it out soon