LogicX

Insecurity at its best — At Shmoocon I saw a presentation on WPAD, which is essentially a means of dispensing new proxy settings to browsers. Of course this was implemented by Microsoft, with no forms of security in mind. Over the next few months I intend to use WPAD at clients to dispense rogue proxy servers, and see what sensitive information can be gathered.