Events Related

Resources

  • Opensecuritytraining.info Welcome Message – opensecuritytraining.info
    New open source, creative commons powered teaching portal on computer security.
  • Free Commercial Security Products? – reddit.com
    I just found out that ArcSight Logger is free for personal/home use (within some reasonable log size limits), and I’m wondering what other commercial enterprise security products are also free for personal use. I don’t mean trial/eval licenses that limit the user to 15 or 30 days, I’m looking for full blown, feature-full enterprise software that is free for personal use within reasonable limits.

Tools

  • Router Audit Tool (RAT) – gse-compliance.blogspot.com
    The Router Audit Tool or RAT was designed to help audit the configurations of Cisco routers quickly and efficiently. RAT tests Cisco router configurations against a baseline. After performing the baseline test, it not only provides a list of the potential security vulnerabilities discovered but also a list of commands to be applied to the router in order to correct the potential security problems discovered.
  • UPDATE: Cain & Abel v4.9.43! – www.oxid.it/downloads/ca_setup.exe
    Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of  passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
  • UPDATE: Ettercap 0.7.4! –  sourceforge.net/projects/ettercap/files/ettercap/0.7.4-Lazarus/
    Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. It is a suite for man-in-the-middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
  • Cookie Decoder: F5 BIG-IP – blog.taddong.com
    I still remember with excitement the first time I found my first F5 BIG-IP load balancer persistent cookie, disclosing the network details of the internal hosts: IP address and TCP port. Although it was a few years ago during a pen-test, still today is very common to find them on lots of target environments.
  • Announcing SQL Invader – manvswebapp.com
    Today, we announced SQL Invader, a new free GUI-based tool that enables testers to easily and quickly exploit a SQL Injection vulnerability, get a proof of concept with database visibility and export results into a csv file. In just a few clicks, users will be able to view the list of records, tables and user accounts on the back-end database.
  • CSRF Scanner v1.0 Released – vulnerabilitydatabse.com
    CSRFScan is a tool designed to find CSRF security flaws on forms. The tool uses a static analysis of pages to determine if the form is protected or not. It is written in Python and published under GPL v3. This tool analyse only forms present in an authenticated session, so it needs authenticated cookies to perform the analysis.

Techniques

  • VLAN Hacking How To
    In Virtual LAN or VLAN is a group of hosts communicate with each other, even thoughthey are in different physical location. Virtual LAN provides location independence to the users, able to save the bandwidth, manage the device, cost effective for the organization are some of the facilities provided by the Virtual LAN.
  • Shellcode Detection Using Python – dvlabs.tippingpoint.com
    DVLabs has been collecting a large number of documents and files that are flagged as malicious and we’re trying to decrease the number that we have to do a full manual analysis on. One of the methods we’re using to aid in this is shellcode detection.
  • Path of Least Resistance – fishnetsecurity.com
    I (Tim Medin) do a good number of internal penetration tests, and I have found one particular series of techniques that tend to be very quick and efficient at gaining Domain Administrator-level access. Of course, the viability of this depends on the environment and the configurations, and since this technique depends on default configurations, it is usually very effective because defaults aren’t usually changed.
  • Aggressive Mode VPN — IKE-Scan, PSK Crack, and Cain – carnal0wnage.attackresearch.com
    In IKE Aggressive mode the authentication hash based on a preshared key (PSK) is transmitted as response to the initial packet of a vpn client that wants to establish an IPSec Tunnel (Hash_R). This hash is not encrypted. It’s possible to capture these packets using a sniffer, for example tcpdump and start dictionary or brute force attack against this hash to recover the PSK.
  • Understanding Firefox and SQLite Tables For Computer Forensics – resources.infosecinstitute.com
    I was showing off a trick to export Firefox SQLite tables to a spread sheet, and while she is a forensics person, she had never ever heard of this trick. It is neat enough to know when working off an image to pull the entire history of a Firefox user by using the SQLite table manager Firefox plugin. You can also find this plugin for Chrome that makes things just as easy. This article though will focus on SQLite and Firefox.
  • SQLMap — Searching Databases for Specific Columns/Data & Extracting from Specific Columns – carnal0wnage.attackresearch.com
    So assuming we have some sort of SQL Injection in the application (Blind in this case) and we’ve previously dumped all the available databases (–dbs), we now want to search for columns with ‘password’ in them.

Vendor/Software Patches

Vulnerabilities

Other News

  • The Carrier IQ Controversy
    Security researchers who have investigated the inner workings of the Carrier IQ software and its capabilities say that the application has some powerful, and potentially worrisome capabilities, but that as it’s currently deployed by carriers it doesn’t have the ability to record SMS messages, phone calls or keystrokes.
  • All Your Shreds Belong To Us – shredderchallenge.com
    Today’s troops often confiscate the remnants of destroyed documents in war zones, but reconstructing them is a daunting task. DARPA’s Shredder Challenge called upon computer scientists, puzzle enthusiasts and anyone else who likes solving complex problems to compete for up to $50,000 by piecing together a series of shredded documents.
  • Google Researchers Propose Way Out Of The SSL Dilemma – h-online.com
    In a paper entitled Certificate Authority Transparency and Auditability, Google researchers Adam Langley and Ben Laurie have proposed new measures for improving the trustworthiness of the public key infrastructure (PKI) underpinning HTTPS. The researchers’ idea is based on a public list of all certificates ever issued by certificate authorities.