Browser sandbox 만 따로 웹에서 서비스를 하는 곳이 있네요.
http://spoon.net/browsers/
원래는 Xenocode에서 제공하는 서비스였는데 spoon이라는 회사로 독립을 한 것 같네요.
접속 후에 내가 원하는 웹 브라우저를 선택해서 사용할 수 있습니다. IE, Firefox, Chrome, Opera, Safari 서비스를 합니다.
지금 IE 8로 들어와서 글 남깁니다.
SecurityTubeCon is aimed at democratizing hacker conferences by allowing any researcher, regardless of his physical location, to share his work with the community. Unlike other Cons we will not *accept / reject* speakers. If you have something interesting to share, you WILL be heard. The idea behind SecurityTubeCon is not to pass judgments on your work, instead, it aims at providing a platform for knowledge exchange.
Link - http://www.ethicalhack3r.co.uk/2009/09/12/defcon-too-far-blackhat-too-expensive-no-problem/
Site home - http://securitytubecon.org
Contents
- Executive summary
- Overview
- Vulnerability exploitation trends
- Application vulnerabilities exceed OS vulnerabilities
- Web application attacks
- Windows: Conficker/Downadup
- Apple: QuickTime and six more
- Origin and destination analysis for four key attacks
- Application patching is much slower than operating system patching
- Tutorial: Real-life HTTP client-side exploitation example
- Step 0: Attacker places content on trusted site
- Step 1: Client-side exploitation
- Step 2: Establish reverse shell backdoor using HTTPS
- Steps 3 and 4: Dump hashes and use pass-the-hash attack to pivot
- Step 5: Pass the hash to compromise domain controller
- Steps 6 and 7: Exfiltration
- Zero-day vulnerability trends
- Best practices in mitigation and control of the top risks
- Critical Controls - As Applied to HTTP Server Threats