Subscribe to Infosec Events
Infosec Events Feed Stay up to date with all of the latest security news by subscribing to our RSS Feed. Alternatively, you can have updates sent directly to your email address.

Week 14 in Review – 2012

Published: April 9th, 2012 | Category: Security Conferences, Security Tools, Security Vulnerabilities

Event Related

Resources

  • Towards Firmware Analysis – sensepost.com
    While I was evaluating a research idea about a SCADA network router during the past week, I used available tools and resources on the Internet to unpack the device firmware and search for interesting components.
  • Fusion Advancing exploit mechanisms – exploit-exercises.com
    Fusion is the next step from the protostar setup, and covers more advanced styles of exploitation, and covers a variety of anti-exploitation mechanisms.
  • Ascii shellcode – Security101 – blackhatacademy.org
    Printable ascii shellcode is used to evade sanitizing on the network and software layers during buffer overflow exploitation.
  • X-Frame-Options – blog.whitehatsec.com
    What is it and why should I care? X-Frame-Options (moving towards just Frame-Options in a draft spec – dropping the X-) is a new technology that allows an application to specify whether or not specific pages of the site can be framed. This is meant to help prevent the clickjacking problem.
  • Getting your message across: Screenshots – blog.c22.cc
    Since I’ve finally started doing something with pentestreports.com I thought it was time to write-up some interesting content. Seeing as this one has been bugging me for a while, I thought it would make an interesting starting point. As always, comments are welcomed and encouraged!
  • Dinis Cruz blog: Great description of why OWASP Summits are special – diniscruz.blogspot.com
    Abe (on the owasp-leaders list) just posted the text below in response to my Summits must be part of OWASP’s DNA reply and it provides one of the best descriptions of what makes Owasp Summit’s special and worthwhile doing.

Tools

  • ModSecurity Advanced Topic of the Week: Automated Virtual Patching using OWASP Zed Attack Proxy – blog.spiderlabs.com
    The SpiderLabs Research Team has added an example script to the OWASP ModSecurity Core Rule Set (CRS) Project archive that will help users to quickly implement virtual patches for vulnerabilities identified by an open source web vulnerability scanning tool.
  • GooDork Command Line Google Dorking/Hacking Tool – darknet.org.uk
    GooDork is a simple python script designed to allow you to leverage the power of Google Dorking straight from the comfort of your command line. There was a GUI tool we discussed a while back similar to this – Goolag – GUI Tool for Google Hacking.
  • Medusa 2.1 Release – foofus.net
    What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net.
  • Enema is Powerful tool for SQL injection – pentestit.com
    Enema is not autohacking software. This is dynamic tool for people, who knows what to do. Not supported old database versions (e. g. mysql 4.x). Development targeted to modern versions.
  • Adobe open sources Malware Classifier tool – h-online.com
    Adobe has open sourced a tool for analysing and classifying malware to help security first responders, including malware analysts and security researchers. Called “Adobe Malware Classifier”, the command-line tool is written in Python and was originally created for internal use by the Adobe Product Security Incident Response Team (PSIRT) “for quick malware triage”.
  • Dissecting the SQL Injection Tools Used By Hackers – blog.imperva.com
    Recently, during a presentation to a group of security professionals, an impromptu poll was taken asking attendees whether they were familiar with Havij, a SQL injection tool used heavily in the hacking community.
  • Web tool checks if your Mac is Flashback-free – cnet.com
    Have you been put off by the work required to find out if your machine is one of the unlucky ones infected with the Trojan? There’s a new Web app that will check your Mac.
  • Intersect version 2.5 update – github.com
    Intersect is a post-exploitation framework written in Python. The main goal of this project is to assist penetration testers in the automation of many post exploitation and data exfiltration tasks that they would otherwise perform manually. With the Intersect framework, users can easily build their own customised scripts from the pre-built templates and modules that are provided or they can write their own modules to add additional or specialised functionality. As of the time of writing, there are almost 30 separate modules to choose from and more are added almost daily.
  • Mercury: An Open Source Android Assessment Framework! – labs.mwrinfosecurity.com
    Mercury is a framework that provides interactive tools that allow for dynamic interactions with the target applications running on a device.

Techniques

  • windows privilege escalation via weak service permissions – travisaltman.com
    When performing security testing on a Windows environment, or any environment for that matter, one of the things you’ll need to check is if you can escalate your privileges from a low privilege user to a high privileged user.
  • Another Approach To Tracking ReadFile – dvlabs.tippingpoint.com
    We often receive fuzzed file submissions, which at times can be agonizing to analyze. Tools help a lot here, as we have shown in previous posts, such as with Peter’s awesome write up on hooking ReadFile and MapViewOfFile.

Vulnerabilities

Other News

Be Sociable, Share!

    Tags: , , , ,

    RSS feed | Trackback URI

    6 Comments »

    Name (required)
    E-mail (required - never shown publicly)
    URI
    Your Comment (smaller size | larger size)
    You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

    Trackback responses to this post

    © Godai Group 2014
    Home - Calendar - Communities - Training - Archives - Contact