JavaScript Bug-hunting Tool Revealed
News As expected, SPI Dynamics researcher Billy Hoffman demonstrated a web application vulnerability scanner written in JavaScript. The tool, called Jikto, can make an unsuspecting web user's PC silently crawl and audit public websites, and send the...
[March 26, 2007, 9:38]
JavaScript Attack Maps Secure Networks
News We have discovered a technique to scan a network, fingerprint all the Web-enabled devices found and send attacks or commands to those devices," said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics.
[July 31, 2006, 9:00]
Black Hat Gears Up In Las Vegas
News Meanwhile, Jeremiah Grossman will talk more about "Hacking intranet websites from the outside (Take 2) — fun with and without JavaScript malware", and Billy Hoffman will team with Brian Sullivan to discuss "Ajax-ulation", a talk about building a...
[July 31, 2007, 9:43]
PDF Threat Worse Than First Thought
News This means any JavaScript can access the user's local machine," Billy Hoffman, lead engineer at SPI Dynamics, said in an emailed statement. By contrast, a link to a PDF hosted on a website with malicious JavaScript code would run on the user's...
[January 5, 2007, 7:24]

