Subscribe to Infosec Events
Infosec Events Feed Stay up to date with all of the latest security news by subscribing to our RSS Feed. Alternatively, you can have updates sent directly to your email address.

Week 50 in Review – 2010

Published: December 20th, 2010 | Category: Security Conferences, Security Tools, Security Training, Security Vulnerabilities, Security Workshops, Vendor News

Events Related:

  • RSnake, Web Security and a few beers – andlabs.org
    Reminiscing Black Hat Abu Dhabi.
  • DojoCon Follow-Up – novainfosecportal.com
    Although there was a formal CFP, everything else followed a traditional unconference format.
  • SANS SEC660: Post Mortem – c22.cc
    The class is designed to cover the ground between the SEC560 Network Penetration Testing class and the SEC709/710 that Stephen Sims has been running for a while now (Exploit development).

Resources:

  • Will it Blend? – xs-sniper.com
    I’m always humbled when I learn of what others are doing in the security community and even more humbled when asked to present.
  • DOJOCON 2010 Videos – irongeek.com
    Below are the videos from the conference, at least the ones I can show :), enjoy.
  • IOS Crash Analysis and Rootkit Wiki – recurity.com
    Almost everything you need to know about Cisco IOS Forensics

Tools:

  • Zozzle: Low-overhead Mostly Static JavaScript Malware Detection – microsoft.com
    In this paper, we propose ZOZZLE, a low-overhead solution for detecting and preventing JavaScript malware that can be deployed in the browser.
  • Websecurify 0.8Alpha4 – code.google.com/p/websecurify/
    Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
  • All about Heaplocker
    HeapLocker allows you to set a maximum to the amount of private virtual memory a process is using. If the maximum is exceeded, HeapLocker will suspend the process and inform the user.

  • Netglub – netglub.org
    Really Open Source Information Gathering
  • Gruyere – google-gruyere.appspot.com
    This codelab is built around Gruyere – a small, cheesy web application that allows its users to publish snippets of text and store assorted files.
  • Metasploit Framework 3.5.1 Released! – metasploit.com
    This minor version release adds 47 new modules, including exploit covereage for recent bugs in the news: Exim4, Internet Explorer, and ProFTPd.
  • Mantra Security Toolkit – getmantra.com
    The Mantra is a powerful set of tools to make the attacker’s task easier. The alpha version of Mantra contains following tools built into it.
  • Squid-Imposter – github.com/koto/squid-imposter/
    Squid-imposter makes it easy to create Squid based proxy injecting your own content to chosen website URLs.
  • pwnshell – a better jsp shell – i8jesus.com
    The world needs a JSP shell that really helps a blackbox attacker pivot to important assets, so I took a stab at it. It’s called quite lamely called pwnshell.

Techniques:

  • Port Scanning with HTML5 and JS-Recon – andlabs.org
    Since even closed ports can be identified we can extend this technique to perform network scanning as well as internal IP detection.
  • Capturing Windows Logons with Smartlocker – metasploit.com
    One of the most effective ways to capture the clear-text user password from a compromised Windows machine is through the “keylogrecorder” Meterpreter script.
  • Attacking Windows Operating System over PowerShell – sectechno.com
    Now if you are on a penetration testing mission you start by running nmap searching for the live windows hosts on the network basically with 1433 active port (Mssql).
  • Watch out for exim! – skullsecurity.org
    My strategy was to keep running ‘make’ and fixing what it complained about until it shut up and compiled.
  • Conducting a Phishing Campaign in Metasploit Pro – carnal0wnage.attackresearch.com
    Only gripe is the lack of configuration ability in the exploit payload section. I’ve been told this will be addressed shortly even though a lot of work has been put into smart defaults the ability to change it when necessary would be nice.
  • Mallory and Me: Setting up a Mobile Mallory Gateway – intrepidusgroup.com
    Improving the user experience from the initial code checkout to helping users “Mallorize” traffic is a key goal for the project.
  • Metasploit and VNC Password Bruteforcing – carnal0wnage.attackresearch.com
    You probably missed it but jduck recently snuck in a VNC mixin and vnc_login module to the trunk.

Vulnerabilities:

Vendor/Software Patches:

Other News:

Be Sociable, Share!

    Tags: , , , ,

    RSS feed | Trackback URI

    2 Comments »

    Name (required)
    E-mail (required - never shown publicly)
    URI
    Your Comment (smaller size | larger size)
    You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

    Trackback responses to this post

    © Godai Group 2014
    Home - Calendar - Communities - Training - Archives - Contact