The scripting tag has no wiki summary.
3
votes
0answers
69 views
Preferred UAC configuration in Enterprises that use Login scripts to map drives
In Windows 7, Vista and newer OS's, UAC will prevent logon scripts from mapping hard drives so that the following logon script code won't work:
Dim WshNetwork
Set WshNetwork = ...
8
votes
1answer
126 views
How is a public scriptable site like codepad or ideone manages it's sandboxing?
I've researched this stuff a lot in the recent months but i can't grasp any solid basis on how they achieve runing unsafe scripts in so many languages without a problem!
I'm sure they are running ...
4
votes
1answer
79 views
What is the security impact of changing PowerShell's PSLanguageMode?
A vendor is asking me to change the PSLanguageMode from within IIS on my Exchange server(s).
What potential vulnerabilities am I opening myself up to?
I'm surprised to see this option present within ...
0
votes
2answers
96 views
What is Greasemonkey / Userscripts and how does it relate to IT Security?
I came across http://userscripts.org/ and learned that it is popular among web-users to install something called "Greasemonkey" to allow client side scripts to run.
What are the benefits of ...
0
votes
1answer
262 views
Best efficient windows hardening audit script
Do anyone know of a script that uses no 3rd party executables (preferably a batch file) that can be used to audit windows machine state securitywise? (including best practices features - gpo, ...
1
vote
2answers
253 views
Looking for a tutorial on meterpreter extensions
A simple custom DLL source would be sufficient. All of the links I find on google are dead. I don't mind reading some clear source if there's a tut DLL floating about.
I tried for meterpreter and ...
17
votes
3answers
443 views
NoScript: How to determine which sites/scripts to whitelist?
NoScript is a great plug-in, both for security and for ad blocking. However, I've found it's not always easy to figure out what scripts need to be permitted on certain pages, to be able to use the ...
2
votes
3answers
1k views
Facebook spam / phishing attempt?
I got this sent by a friend on facebook and i dont think its a genuine message
___ shared a link on your Wall.
This will leave you speechless)
...
0
votes
1answer
213 views
Is this enough to tackle script / malicious code insertion in GET, POST requests?
I've got legacy PHP code which attempts to prevent script / SQL injection with the following:
if (!empty($_POST)) {
reset($_POST);
while (list($k,$v)=each($_POST)) {
...
4
votes
3answers
1k views
How is PowerShell's RemoteSigned execution policy different from AllSigned?
I'm still pretty new to PowerShell, and recently read this in a blog posting about creating and using PowerShell scripts.
To prevent the execution of malicious scripts, PowerShell enforces an ...
