- OWASP threat modeling project – myappsecurity.blogspot.com
We are starting an OWASP threat modeling project to standardize a threat modeling approach which can be used by various companies.
- Neil Daswani Reveals His Process for Security Research – resources.infosecinstitute.com
In our ongoing series of interviews, this week Neil Daswani answered a few questions and pulled back the curtain a bit on the methods, tools and motivation for the work he does.
- Ethical Hacking Degrees – the good, the bad, the ugly – ethicalhack3r.co.uk
Ethical Hacking or Information Security or Computer Security or Network Security… are all included within titles of university level undergraduate degrees within the UK. No matter what they title their courses or whether or not you agree with the use of certain terms within their titles is irrelevant as they are all attempting to teach the same things.
- Security Researchers Exploit Logic Flaws to Shop for Free Online – networkworld.com
Security researchers from Indiana University Bloomington and Microsoft Research published a very interesting paper called How to Shop for Free Online.
- creating an as-secure-as-possible laptop — ideas? – reddit.com
I’m interested in creating a laptop (though a desktop would be fine, too) with a big emphasis on security. what types of treatments would reddit recommend?
- We have started a security group at my University and we are trying to build up a database of tests, competitions, papers, etc – reddit.com
Any relevant links and content are welcome! We have a dozen of tests taken from previous competitions we attended this year, but we would like to get more if possible.
- NIST publishes 50kish vulnerable code samples in Java/C/C++, is officially krad – cgisecurity.com
NIST has published a fantastic project (its been out since late December, but I only just became aware of it) where they’ve created vulnerable code test cases for much of MITRE’s CWE project in Java and c/c++.
- ClubHack Issue 15 – terminal23.net
New issue available.
- FISMApedia – fismapedia.org
FISMApedia is a collection of documents and discussions focused on Federal IT security. This site is a database of current guidance, laws and directives on how the Federal government secures its IT assets.
- Burp Hacking Slides – Bsides Chicago – securityaegis.com
Download the padding oracle vuln plugin for forms authentication (thats a mouthful) from Joel’s site: beersec.org.
- Hackito Ergo Sum 2011 Presentation Dump – slideshare.net
A collection of everything from this security event
- RawCap sniffer for Windows released – netresec.com
We are today proude to announce the release of RawCap, which is a free raw sockets sniffer for Windows.
- Spooftooph: The Bluetooth Spoofer – sourceforge.net/projects/spooftooph/
Spooftooph is designed to automate spoofing or cloning Bluetooth device information. Make a Bluetooth device hide in plain site.
- sqlmap 0.9 – sourceforge.net/projects/sqlmap/
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
- hackxor – hackxor.sourceforge.net
Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc.
- SVN Digger – Better Wordlists for Forced Browsing – mavitunasecurity.com
DirBuster ships with several wordlists, these wordlists generated via one big crawler which visited tons of websites, collected links and created most common directory / file names on the Internet.
- Patriot NG – security-projects.com
Patriot is a ‘Host IDS’ tool which allows real time monitoring of changes in Windows systems or Network attacks.
- CVE Checker 3.1 – cvechecker.sourceforge.net
cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database.
- OllyDbg 2.01 Alpha 3 – ollydbg.de
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.
- Microsoft Pushes Out Two New Security Tools – threatpost.com
In parallel with its release of 17 bulletins on Patch Tuesday this month, Microsoft also unveiled two new tools that are meant to help make a couple of common exploitation scenarios more difficult for attackers.
- smooth-sec – bailey.st
Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring.
- BodgeIt Store – code.google.com/p/bodgeit/
The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to penetration testing.
- Qubes OS – qubes-os.org
Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps.
- McAfee ShareScan – mcafee.com
ShareScan is a free utility that enables IT security personnel to identify open Windows file shares available on the internal network. This tool can help administrators identify systems that have wide open permissions or no permissions — potential vulnerabilities that should be remediated.
- md5deep version 3.8 – jessekornblum.livejournal.com
This version adds two new features. First, you can now use a file to indicate the input files to process. For example, you can make a file, foo.txt.
- Common Vulnerability Scoring System Version 2 Calculator – dueyesterday.net
Allows for the creations of enums. Thanks to norvig.com/python-iaq.html
- MS10-070: Padding Oracle applied to .NET framework – bernardodamele.blogspot.com
I followed the research closely and way before vulnerability scanners like Nessus could detect the security vulnerability on .NET applications anonymously and remotely, I coded a small script to test for the flaw based on Juliano Rizzo’s details. You might still find it useful, so I thought about publishing it on GitHub.
- IEZoneAnalyzer v3 – technet.com
IEZoneAnalyzer is a utility for viewing and comparing Internet Explorer security zone settings. It is particularly valuable on systems controlled through Group Policy, on which the standard security settings dialog does not allow viewing of settings.
- Full Disclosure:Barracuda Networks Hacking via SQL Injection – hmsec.tumblr.com/
The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection.
- Parsing CDP Packets With Scapy – darkoperator.com
In this blog post I will cover how to use one of the new parsers to parse CDP packets included in version 2.2 of scapy. Cisco Discovery Protocol (CDP) is a proprietary Layer 2 Data Link Layer network protocol used to share device information with devices connected on the same subnet.
- Mozilla Firefox Internals & Attack Strategies – chmag.in
This paper aims to detail some of the techniques and methods that exist to subvert a fully patched and functioning browser Firefox.
- BackTrack 5 on a Motorola Xoom – offensive-security.com
In the past few days we have been toying with some Motorola hardware, and have managed to get a basic build of BackTrack 5 (+ toolchain) on a Motorola Xoom.
- Things overheard on the WiFi from my Android smartphone – freedom-to-tinker.com
Today in my undergraduate security class, we set up a sniffer so we could run Wireshark and Mallory to listen in on my Android smartphone. This blog piece summarizes what we found.
- Execute Metasploit payloads bypassing any anti-virus – bernardodamele.blogspot.com
Most of the shellcode launchers out there, including proof of concepts part of many security books, detail how to allocate a memory page as readable/writable/executable on POSIX systems, copy over your shellcode and execute it. This works just fine. However, it is limited to POSIX, does not necessarily consider 64-bit architecture and Windows systems.