- Dan Kaminsky Reveals His Process For Security Research – resources.infosecinstitute.com
Dan Kaminsky has been a noted security researcher for over a decade, and has spent his career advising Fortune 500 companies such as Cisco, Avaya and Microsoft. Dan spent three years working with Microsoft on their Vista, Server 2008 and Windows 7 releases.
- Incident Response Methodologies Worm Infection Cheat Sheet – isc.sans.edu
The CERT Societe Generale (site is in French and English) has published a 6 Steps IRM Worm Infection cheat sheet (English only) freely available for download here. “Feel free to contact us if you identify a bug or an error in these IRMs.”
- UPDATE: Ncrack 0.4ALPHA! – nmap.org
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.
- UPDATE John the Ripper 1.7.7 – download.openwall.net
- John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords.
- UPDATE: THC HYDRA v6.3! – freeworld.thc.org
THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system.
- OWASP Hatkit Proxy Project HTTP/TPC Intercepting Proxy Tool – darknet.org
The primary purpose of the Hatkit Proxy is to create a minimal, lightweight proxy which stores traffic into an offline storage where further analysis can be performed, i.e. all kinds of analysis which is currently implemented by the proxies themselves.
- Introducing the Cisco IOS Software Checker – blogs.cisco.com
This tool introduces a feature that has been long-requested from our customers and will make Cisco product security information much easier to consume and digest.
- Suspender.dll – blog.didierstevens.com
When the suspender DLL is loaded inside a process, it will wait for 60 seconds and then suspend all the threads of the host process. If you want another delay, just change the name of the file by appending the number of seconds to sleep.
- The ultimate collection kit – integriography.wordpress.com
Its a mix of ediscovery and forensics, with all the typical issues – custodians available only for a day, unexpectedly large hard drives, systems that cannot come down at all, 3 Sony Vaios with just one power cord, etc.
- TCDiscover – code.google.com
We posted about TCHunt yesterday, that could help you identify TrueCrypt encrypted data on your hard drive. But, what if you are not able to load TCHunt and only have access to a backed up hard drive? If that data is backed with dd, you are in luck – for we now have TCDiscover!
- Pitbull: An IDS/IPS Testing Framework – code.google.com
Pytbull1 Pytbull: An IDS/IPS Testing Framework!As you must have read our old post regarding The RedWolf Security Threat Generator. It will help you test for the threats on your complete network.
- Harddisk Password Recovery
Quite a while ago