Information Security Specialists.
News: FTC persuades court to shutter rogue ISP
News: Obama launches cybersecurity initiative
News: Browsers bashed first in hacking contest
News: Experts: U.S. needs to defend its cyber turf
News: iPhone crashing bug could lead to serious exploit
News: OpenSSH chink bares encrypted data packets
Security Technology Science is a supporter of Open Source and the free software community. We will try to license all libraries and/or simple tools created by us under the GNU General Public License, therefore not permitting you to incorporate our programs into proprietary programs without our expressed permission. We see this as a way of allowing the free dissemination of this knowledge for further exploration, research, development and innovation. If you wish to embed our technology into proprietary or commercial software, you must use a commercial version of our software. We sell alternative licenses, so if you wish to evaluate any of our software for commercial use, please (contact sales [at] securitytechscience [dot] com).
The Open Source tools listed below are free* and do not come with any implied or expressed warranty or support:
Research & Development is a key focal point to the growth and strength of Security Technology Science. So where possible we endeavor to provide knowledge back to the information security community in as open, honest and factual a way as possible. To achieve this we have provided an online knowledge base for guidance to enterprises seeking answers to a wide range of vital security issues and trends.
This paper is an howto on the correct usage of the STS Scanner. The information is made available to educate testers on how to discover these vulnerabilities and developers on how to prevent writing applications that contain these types of vulnerabilities.
Application username enumeration may not be so apparent once the application is developed. After all, you met all deadlines, budget limitations and all functional requirements. You even managed to provide extra error messages to help the end user when accessing your application. But this extra help has opened your application up to a serious security hole. To find out more about this vulnerability and how you can use our free* (see above) automated tools to discover this vulnerability in your applications and also how to remediate this vulnerability then click download above to get the whitepaper.