Nessus in WebApp Pentesting

There is a nice presentation covering “Using Nessus In Web Application Assessments”:


Great excuses for not fixing …

Great list of items for “No one at the organization knows about, understands, or respects the issue.” within the “8 reasons why website vulnerabilities are not fixed”-list (



Windows 7 RC 1 – Update

It was not possible to make Win 7 use the nVidia driver:

  • the setup program of nVidia didn’t install the drivers because it didn’t find an appropriate device
  • I forced a driver installation via the Windows device settings

But during reboot with the nVidia graphic card I always got the BSOD STOP 0×124 0×4 all over again.

So I lost the battle and gave up – and ghosted Win XP back …


Windows 7 RC 1

I wanted to update my Vista system in the living room (Medion MD 8818) to Win 7 RC 1. But I encountered a nasty error: the RC version doesn’t seem to work with nVidia chipsets. I tried the following:

  • boot old Vista, install Win 7 RC using upgrade mode
  • boot old Vista, install Win 7 RC using clean install mode

Both resulting in a BSOD (0×124, 0×4, see here: concerning PCIe.


50 percent chance …

A must read – and don’t miss the video!


Fuzzer within WebScarab

A nice article about the fuzzer within WebScarab:


YubiKey for Squirrelmail and Drupal

There are modules for intergration YubiKey authentication in Squirrelmail and Drupal:




Update Ubuntu to 9.04 on Eee PC 1000H

Did an Update of Ubuntu 8.10 to 9.04 on my Eee PC 1000H using this procedure: