Resources:

Tools:

  • Hyenae 0.35-2 – sourceforge.net/projects/hyenae/
    Hyenae is a highly flexible platform independent network packet generator.
  • Nikto 2.1.3 available! – cirt.net
    Nikto is an open source web server scanner which performscomprehensive tests against web servers for multiple items, includingover 6400 potentially dangerous files/CGIs, checks for outdated versionsof over 1000 servers, and version specific problems on over 270 servers.
  • rpc-client – code.google.com/p/rpc-client/
    The tool is designed to make, in command line, easily XML-RPC packet to a remote server and offering the possibility of being used in scripts for automation.
  • TrueCrypt 7.0a released – h-online.com
    According to the developers, TrueCrypt 7.0a is a maintenance release that includes a workaround for an issue in some custom, non-Microsoft storage device controller drivers.
  • Released DllHijackAuditor v2 with New & Smart Interception Engine – securityxploded.com
    DllHijackAuditor is the FREE tool to Audit against the  DLL Hijacking Vulnerability for any Windows application.
  • DVWA 1.0.7 is here! – ethicalhack3r.co.uk
    After 9 months since the last release we are proud to present the all new Damn Vulnerable Web Application version 1.0.7.
  • upSploit – Public Beta Release – webantix.net
    The aim is for upSploit to become a service/framework that security researchers can depend on when disclosing vulnerabilities to vendors.
  • Social-Engineer Toolkit 0.7 Codename “Swagger Wagon” and Online Tutorials – secmaniac.com
    The new version of SET incorporates two brand new web attack vectors, slew of bug fixes, and two new Teensy attack based payloads.
  • cvechecker 0.6 – cvechecker.sourceforge.net
    Indeed, this is not a bullet-proof method and you will most likely have many false positives, yet it is still better than nothing, especially if you are running a distribution with little security coverage.
  • Update on Upcoming Release of SpyDLLRemover & StreamArmor – securityxploded.com
    With all these coming together, the expected release of SpyDllRemover 4.0 will be around the end of this month.
  • Ncrack 0.3ALPHA release – seclists.org
    The post-SoC Ncrack 0.3ALPHA release is finally ready! This summer brings you new cracking modules for two of the most ubiquitous and famous protocols out there
  • HexInject – hexinject.sourceforge.net
    HexInject is a very versatile packet injector and sniffer, that provide a command-line framework for raw network access.
  • WinAPIOverride32 – jacquelin.potier.free.fr/winapioverride32
    It tries to fill the gap between classical API monitoring softwares and debuggers.

Techniques:

  • Everybody Loves REMnux – holisticinfosec.blogspot.com
    A quick read of the SANS Forensics blog, courtesy of Gregory Pendergast, and you’ll get a feel for all the positive feedback for Lenny Zeltser’s REMnux.
  • Integrity Levels and DLL Injection – didierstevens.com
    For processes, this means that a process with low integrity level can’t open a handle with full access to a process with medium integrity level.
  • Apple’s secret “wispr” request – erratasec.blogspot.com
    There is more complexity to this feature than the simple HTTP request; there is probably a way to attack it.
  • PDF XSS (CVE-2010-0190) – xs-sniper.com
    PDFs support  JavaScript from within the PDF.  Unfortunately, the script executed from within the PDF will not have access to the browsers DOM.
  • Re-visiting JAVA De-serialization: It can’t get any simpler than this !! – andlabs.org
    Many people that I spoke to recently said to me that modifying objects programatically using the IRB shell in DSer would be difficult and it would require the penetration tester to have indepth knowledge of the application’s source code.
  • Directory traversal exploitation: no more problems with double quotes – itsecuritylab.eu
    Alternatively short file names can be used (see above). But what if I would try to double-quote not the entire string but a parts of it?
  • Bossing with JBOSS – securepla.net
    The main issue with JBoss is the fact that the JMX-Console, which is a web interface to MBeans, has a default configuration which is vulnerable.
  • Vendor Response to Backdoor in Accton Switches Post – attackvector.org
    I’m sure there are a lot of people who run Accton based switches that will find this information useful.
  • Rapid Fire PSEXEC for Metasploit – room362.com
    Exploit modules inside of metasploit don’t have the ability to run on multiple hosts with one swing of the bat. So I created some code to facilitate that

Vulnerabilities:

Vendor/Software Patches:

Other News: