Events Related

Resources

Tools

  • Skipfish Update
    Skipfish is a fully automated, active web application security reconnaissance tool. Its key features: High speed, Ease of use, Cutting-edge security logic.

  • UPDATE: Nmap 5.52.IPv6.Beta2! – nmap.org
    Nmap (“Network Mapper”) is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
  • UPDATE: SWFRETools v1.2.0! – github.com/sporst/SWFREtools/downloads
    The SWFRETools are a collection of tools built for vulnerability analysis of the Adobe Flash player and for malware analysis of malicious SWF files. The tools are partly written in Java and partly in Python and are licensed under the GPL 2.0 license.
  • UDPATE: ZAProxyv1.3.0! – code.google.com/zaproxy/downloads/list
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
  • RADARE: Reverse engineering framework – radare.nopcode.org
    Opensource tools to disasm, debug, analyze and manipulate binary files. There are small tools also included for better deguging, graphs can be used to link and have a better idea over of the binary.
  • Burpsuite free edition v1.4 released – blog.portswigger.net
    This is a major upgrade with numerous new features, including: The ability to compare site maps, functions to help with testing access controls using your browser,support for preset request macros, session handling rules to help you work with difficult situations etc.
  • SecureState Releases New Tool  For Footprinting 802.1x Wireless Networks – blog.securestate.com
    Today, SecureState is releasing a new tool for footprinting 802.1x wireless networks called EAPeak. EAPeak is a Python powered script that is meant to parse useful pieces of information for a Security Assessment of wireless networks that use the Enterprise Authentication Protocol.

Techniques

  • Defcon Obfuscation Technique
    Feds aren’t the only ones who are paying attention to the demonstrations at security conferences like Black Hat and DEFCON – the folks who actually don the black hats are, also.That point was driven home this week by Kaspersky Lab researcher Marta Janus, who blogged about an interesting new code obfuscation technique that she discovered while analyzing a Polish e-commerce Web site that had been compromised.

  • Using Nmap for Pentesting eDirectory – cqure.net
    While doing a security review the other day I came across Novell eDirectory running on Windows. It’s been a while since I looked at eDirectory and while it’s a lot of LDAP, the servers were also running the Netware Core Protocol (NCP).

Vendor/Software Patches

  • Wireshark 1.6.0 Released – wireshark.org
    Wireshark 1.6.0 has been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available. Wireshark is now distributed as an installation package rather than a drag-installer on OS X. The installer adds a startup item that should make it easier to capture packets. Large file (greater than 2 GB) support has been improved.

Other News

  • RSA SecurID Revelation
    Lockheed Martin and RSA today each separately confirmed that the breach that compromised RSA’s SecurID authentication technology helped lead to the recent targeted attack aimed at the defense contractor.