Events Related:

  • OpenSSL 1.0 –
    The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit SSL v2/v3 and TLS v1 protocols.
  • Vicnum v1.4 –
    A lightweight flexible vulnerable web application written in PERL and PHP.
  • Plecost v0.2.2-8 –
    Wordpress finger printer tool, plecost search and retrieve information about the plugins versions installed in WordPress systems.
  • DBAPPSecurity web application scanner MatriXay 3.6 –
    MatriXay 3.6 not only has the remarkable scanning ability, but also provides powerful penetration testing functions and web Trojan detection.
  • Zigbee Analysis Tools –
    KillerBee is a Python based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks.
  • pvefindaddr v1.27 –
    Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files.
  • Buck Security v0.5 –
    Buck Security is a collection of security checks for Linux.
  • pwnat v0.2-Beta –
    Simply put, this is a proxy server that works behind a NAT, even when the client is behind a NAT, without any 3rd party.
  • Nmap v5.30 Beta 1 –
    Nmap is a free open source utility for network exploration or security auditing.
  • Wireshark 1.2.7 –
    Wireshark is the world’s most popular network protocol analyzer.
  • SQLFury –
    SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application.
  • w3af v1.0-RC3 –
    The w3af core and it’s plugins are fully written in python.
  • CMS Explorer (or: what’s that CMS running?) –
    CMS Explorer is currently set up to test Drupal, WordPress and Joomla!/Mambo, with exploration support for Drupal and WordPress.
  • Microsoft SDL version 5 –
    The largest change in SDLv5 is the inclusion of SDL for Agile Development as an Addendum at the end.
  • LoverBoy –
    A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres.
  • CUPP v3 –
    Going through different combinations and algorithms, CUPP can predict specific target passwords by exploiting human vulnerabilities.
  • Skipfish v1.29B –
    Skipfish is an active web application security reconnaissance tool.
  • Kon-Boot v1.1 –
    Kon-Boot is an prototype piece of software which allows to change contents of a Linux kernel.
  • Flint 1.0.5 –
    Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems.

  • Can you still trust your network card? –
    The talk explained how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (NICs).
  • Has SSL become pointless? Researchers suspect state-sponsored CA forgery –
    Using ‘man-in-the-middle’ to intercept TLS or SSL is essentially an attack against the underlying Diffie-Hellman cryptographic key agreement protocol.
  • A couple of PDF exploits you might want to hear about
    • Escape From PDF –
      I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability!
    • Escape From Foxit Reader –
      Remember, Foxit Reader issues no warning when launching a command!
  • Pwn2Own 2010: Lessons Learned –
    So, why do Web browsers make such good targets for exploit developers?
  • Resilient SSH Tunneled Meterpreter Session –
    Resilient in that it will monitor the tools running needed to give me access and relaunch them if needed.
  • Automated SEO poisoning attacks explained –
    SEO poisoning is one of the major methods of attack that we are seeing being used by online criminals at the moment.
  • Plugging the CSS History Leak –
    It’s a tough problem to fix, though, so I’d like to describe how we ended up with this approach.
  • Using Nessus Thorough Checks for In-depth Audits –
    Nessus users have a wide range of powerful options whose functionality is critical to a successful vulnerability scan, but whose meaning may not be completely clear.
  • PWN2OWN & Fuzzing –
    Charlie Miller got quite a bit of buzz for his fuzz when at CanSecWest he owned a fully patched Mac with fully patched Safari “in 10 seconds”.
  • Reverse Engineering File Formats –
    But soon you will see by blackbox testing and reverse engineering, we can get all the information we need to correctly produce EDS files and find vulnerabilities.
  • Burp Suite Tutorial – Intruder Tool version 2 –
    My Burp Suite tutorial blog posts appear to be a bit like buses, it took a long time for me to do the first one and now I’m writing the third one!
  • OpenRunSaveMRU and LastVisitedMRU –
    Talking with a colleague the other day reminded me of just how nuanced many of the forensic artifacts are that we rely upon.


  • OpenSSL Flaw Can Crash Remote Machines –
    The flaw gives an attacker the ability to use a single TLS record to take out remote machines that are running vulnerable OpenSSL software.
  • PHP blunders with random numbers –
    Andreas Bogk warns that, despite recent PHP improvements, the session IDs of users who are logged into PHP applications remain guessable.

Vendor/Software Patches:

Other News: