Resources

  • RWSPS: WPA/2 Cracking Using HashCat
    [ch5pt2] – www.rootsh3ll.com
    If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking as while using PMKs for cracking we are not performing actual calculations in real-time.
  • Inside Yubikey Neo – www.hexview.com
    Yubikey Neo is a $50 authentication token (with bells and whistles) from Yubico. Yubico advertizes it as “practically indestructible”.

Tools

  • Sniffly – github.com
    Sniffing browser history using HSTS + CSP.
  • NOPC version 0.4.7 released – labs.portcullis.co.uk
    NOPC (Nessus-based Offline Patch Checker) is a patch-checker for primarily Linux distribution and UNIX-based systems.
  • WSUSpect Proxy – github.com
    A tool for MITM’ing insecure WSUS connections.

Techniques

Other News

  • Cisco Beefs Up Security, Buys Lancope For $453M – techcrunch.com
    As HP downsizes its own holdings in network security, another IT giant is ramping up: today Cisco announced that it would acquire Lancope, which focuses on behavior analytics, threat visibility and security intelligence to detect malicious activity on corporate networks.
  • Sustaining Digital Certificate Security – googleonlinesecurity.blogspot.com
    Following our notification, Symantec published a report in response to our inquiries and disclosed that 23 test certificates had been issued without the domain owner’s knowledge covering five organizations, including Google and Opera.