Resources

  • OWASP ZAP and Web Sockets – digininja.org

    With the slow uptake of HTML5, web sockets are going to start being seen in more and more applications so I figured I’d better learn how to test them before being put in front of them on a client test and having to learn as I went along.

  • SSH Brute Force The 10 Year Old Attack That Still Persists – blog.sucuri.net

    One of the first server-level compromises I had to deal with in my life was around 12 ago, and it was caused by a SSH brute force attack. A co-worker set up a test server and chose a very weak root password for it. A few days later, the box was owned running IRC bots and trying to compromise the rest of the network.

  • F5 Networks BIG-IP Cookie Decoded – blog.whitehatsec.com

    Have you ever seen a BIG-IP Cookie? Maybe you are just wondering what they are? In this post I will attempt to explain what a BIG-IP Cookie is and why they are important to a web application. Also I’ve linked to a tool (below) to help identify information leakage in BIG-IP Cookies that can reveal internal network information.

Tools

  • PowerSploit: The Easiest Shell Youll Ever Get – pentestgeek.com

    PowerSploit is a collection of security-related modules and functions written in PowerShell. PowerSploit is already in both BackTrack and Kali, and its code is utilized by other awesome tools like SET so you may already be using it!  Many of the scripts in the project are extremely useful in post-exploitation in Windows environments.  The project was started by Matt Graeber who is the author of the function we will use in this tutorial: Invoke-Shellcode.

  • Enumerating web services with classify.webbies.py – security.sunera.com

    classify.webbies.py is a Python script that captures and presents a high-level overview of all the web listeners within a defined scope. This allows the user to spot the more interesting web targets with efficiency and relative ease, regardless of the number of discovered web services. The script will enumerate the web listener to determine if the service is using SSL, the banner of the web service, the title of the web application, and if the web application has any interactive components such as forms and logins. Last, the script can also take a screenshot of the web application.

  • WMIS: The Missing Piece of the Ownage Puzzle – passing-the-hash.blogspot.com

    The unsung hero of the PTH-Suite is definitely WMIS. It has replaced several other tools that I previously used to pass the hash. It is essentially the Linux equivalent to WMIC and the “process call create” query. The advantage of WMI over other methods of remote command execution is that it doesn’t doesn’t rely on SMB and starting a service on the remote host.  In most cases, it flies beneath the radar and it just might be the easiest way to get a shell on a remote host all without writing to the disk.

Vulnerabilities

Other News

  • Nations Buying as Hackers Sell Flaws in Computer Code – nytimes.com

    On the tiny Mediterranean island of Malta, two Italian hackers have been searching for bugs — not the island’s many beetle varieties, but secret flaws in computer code that governments pay hundreds of thousands of dollars to learn about and exploit.