Events Related:

  • RSnake, Web Security and a few beers –
    Reminiscing Black Hat Abu Dhabi.
  • DojoCon Follow-Up –
    Although there was a formal CFP, everything else followed a traditional unconference format.
  • SANS SEC660: Post Mortem –
    The class is designed to cover the ground between the SEC560 Network Penetration Testing class and the SEC709/710 that Stephen Sims has been running for a while now (Exploit development).


  • Will it Blend? –
    I’m always humbled when I learn of what others are doing in the security community and even more humbled when asked to present.
  • DOJOCON 2010 Videos –
    Below are the videos from the conference, at least the ones I can show :), enjoy.
  • IOS Crash Analysis and Rootkit Wiki –
    Almost everything you need to know about Cisco IOS Forensics


  • Zozzle: Low-overhead Mostly Static JavaScript Malware Detection –
    In this paper, we propose ZOZZLE, a low-overhead solution for detecting and preventing JavaScript malware that can be deployed in the browser.
  • Websecurify 0.8Alpha4 –
    Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
  • All about Heaplocker
    HeapLocker allows you to set a maximum to the amount of private virtual memory a process is using. If the maximum is exceeded, HeapLocker will suspend the process and inform the user.

  • Netglub –
    Really Open Source Information Gathering
  • Gruyere –
    This codelab is built around Gruyere – a small, cheesy web application that allows its users to publish snippets of text and store assorted files.
  • Metasploit Framework 3.5.1 Released! –
    This minor version release adds 47 new modules, including exploit covereage for recent bugs in the news: Exim4, Internet Explorer, and ProFTPd.
  • Mantra Security Toolkit –
    The Mantra is a powerful set of tools to make the attacker’s task easier. The alpha version of Mantra contains following tools built into it.
  • Squid-Imposter –
    Squid-imposter makes it easy to create Squid based proxy injecting your own content to chosen website URLs.
  • pwnshell – a better jsp shell –
    The world needs a JSP shell that really helps a blackbox attacker pivot to important assets, so I took a stab at it. It’s called quite lamely called pwnshell.


  • Port Scanning with HTML5 and JS-Recon –
    Since even closed ports can be identified we can extend this technique to perform network scanning as well as internal IP detection.
  • Capturing Windows Logons with Smartlocker –
    One of the most effective ways to capture the clear-text user password from a compromised Windows machine is through the “keylogrecorder” Meterpreter script.
  • Attacking Windows Operating System over PowerShell –
    Now if you are on a penetration testing mission you start by running nmap searching for the live windows hosts on the network basically with 1433 active port (Mssql).
  • Watch out for exim! –
    My strategy was to keep running ‘make’ and fixing what it complained about until it shut up and compiled.
  • Conducting a Phishing Campaign in Metasploit Pro –
    Only gripe is the lack of configuration ability in the exploit payload section. I’ve been told this will be addressed shortly even though a lot of work has been put into smart defaults the ability to change it when necessary would be nice.
  • Mallory and Me: Setting up a Mobile Mallory Gateway –
    Improving the user experience from the initial code checkout to helping users “Mallorize” traffic is a key goal for the project.
  • Metasploit and VNC Password Bruteforcing –
    You probably missed it but jduck recently snuck in a VNC mixin and vnc_login module to the trunk.


Vendor/Software Patches:

Other News:


  1. […] This post was mentioned on Twitter by Win Security, Michael Stanton. Michael Stanton said: Week 50 in Review – 2010: Events Related: RSnake, Web Security and a few beers – Reminiscing Black H… […]

Leave A Comment