- Watch: An (Almost) Inside Look at China’s Top Information Security Forum – blogs.wsj.com
Chinese computer-security researchers and professionals gathered in Beijing late last week for the 10th annual session of the country’s best-known information security conference, where presenters spoke on security threats and how they could be prevented.
- DefCon 19 Archive Page – twitter.com
The DefCon 19 archives page is up! Slides posted…
- USENIX Security Symposium 2011 – dbusenix.org
Video plugin download.
- BlackHat USA 2011: The Past And Future of SSL – youtube.com
In the early 90’s, at the dawn of the World Wide Web, some engineers at Netscape developed a protocol for making secure HTTP requests, and what they came up with was called SSL. Given the relatively scarce body of knowledge concerning secure protocols at the time, as well the intense pressure that everyone at Netscape was working under, their efforts can only be seen as incredibly heroic.
- Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10 – irongeek.com
What I’m attempting to do with Mutillidae is implement the OWASP Top 10 in PHP, and do it in such a way that it is easy to demonstrate common attacks to others. Feel free to use it in your own classes or videos, but if you do I’d love to hear about it.
- Building A Safer Web With ASafaWeb – troyhunt.com
In case it’s not already pretty obvious by now, there are a bunch of websites out there which have some rather glaringly large vulnerabilities in them. Or at least they did have, then they were hacked in spectacular fashion and security suddenly became important to them. But of course we only hear about the big ones whilst hoards of smaller attacks go by unreported and very often, unnoticed.
- Cryptohaze Multiforcer 1.1 Released! – blog.cryptohaze.com
The big news is LM support. Close behind is a set of improvements for network support: You can now run the server as only a server (not doing any compute), the clients will now sit and wait for the server if it goes away, and the Windows client no longer crashes the server when it disconnects.
- UPDATE: OWASPBWA v0.94! – sourceforge.net/projects/owaspbwa/files/0.94
Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products(along with their commercial products).
- UPDATE: SWFRETools v1.4.0! – github.com/sporst/SWFRETools/downloads
The SWFRETools are a collection of tools built for vulnerability analysis of the Adobe Flash player and for malware analysis of maliciousSWF files. The tools are partly written in Java and partly in Python and are licensed under the GPL 2.0 license.
- OWADE: The Offline Windows Analysis and Data Extraction Tool! – pentestit.com/2011/09/07/owade-offline-windows-analysis-data-extraction-tool/
What really makes OWADE special is that it is dedicated to cloud forensics! We know that almost everything is moving to the cloud now. We have antiviruses in the cloud, e-mails in the cloud and all the services that existed singularly can now be hosted on the cloud. Hence, cloud forensics is something that we need to concentrate on now.
- Announcing Registry Decoder – dfsforensics.blogspot.com
Digital Forensics Solutions is pleased to announce Registry Decoder, an open source tool that automates the acquisition, analysis, and reporting of Microsoft Windows registry contents. The tool was initially funded by the National Institute of Justice (NIJ) and is now ready for public release. Please see our History Page for information about the project.
- FBPwn: A Cross-Platform Facebook Profile Dumper! – code.google.com/p/fbpwn/downloads/list
It supports a lot of modules that can expand its current functionalities. It has a well documented Wiki page explaining the process of building a FBPwn module. Though it has a lot of available modules prebuilt for your use.
- Registry Decoder: Automated Acquisition, Analysis and Reporting of Registry Contents! – digitalforensicssolutions.com/registrydecoder/content/download
Registry Decoder provides a single tool in which to perform browsing, searching, analysis, and reporting of registry hive contents. All functionality is exposed through an intuitive GUI interface and accommodates even novice investigators. Registry Decoder also acts as a great resource for new research and experimenting within the registry. We have recenlty written about a tool that deals with forensics in the cloud – OWADE.
- The THC Hydra page – thc.org
A very fast network logon cracker which support many different services.Have a look at the feature sets and services coverage page – including a speed comparison against ncrack and medusa!
- toolsmith: memory Analysis with DumpIT and Volatility – holisticinfosec.blogspot.com
Two recent releases give cause for celebration and discussion in toolsmith. First, in July, Matthieu Suiche of MoonSols released DumpIt for general consumption, a “fusion of win32dd and win64dd in one executable.” Running DumpIt on the target system generates a copy of the physical memory in the current directory.
- Post Exploitation Command Lists – room362.com
I’ve had a private list of commands that I run on Windows or Linux when I pop a shell, as I’m sure most pentesters do. It isn’t so much a thing of hoarding as much it is just jumbled notes that are ‘not worth posting.’
- Announcing Etherpeep – blog.pentestify.com
It’s rough right now, but the concept is solid. This would make a good base for implementing etherape / p0f-like functionality in the framework. In short, load it up, run it & hosts you contact appear in your metasploit database.
- Typosquatters exploit misspelled variations of YouTube.com domain name – labs.m86security.com
Here is a scenario that may sound familiar to you. You were in front of your computer one night and decided to watch some YouTube clips. So you opened your favourite browser and because you have clumsy fingers, instead of typing “YouTube.com” in the address bar you entered “YoutTube.com”.
- DEP Enforcing Shellcode – blog.didierstevens.com
I developed shellcode that enforces permanent DEP when it is injected inside a process.
- Post Exploitation In Windows: From Local Admin to Domain Admin – pentestmonkey.net
There are some excellent tools and techniques available to pentesters trying to convert their local admin rights into domain admin rights. This page seeks to provide a reminder of some of the most common and useful techniques as well as rating their effectiveness to suggest which ones to try first.
- Microsoft Handles DigiNotar Crisis
Last week, We