[Full-disclosure] RuggedCom – Backdoor Accounts in my SCADA network? You don’t say… – lists.grok.org.uk
RuggedCom is one of a handful of networking vendors who capitalize on the market for “Industrial Strength” and “Hardened” networking equipment.
CVSS Vulnerability Scoring Gone Wrong – labs.neohapsis.com
If you have been in the security space for any stretch of time you have undoubtedly run across the Common Vulnerability Scoring System (CVSS).
Presentation: PowerShell for Pen Testers – pen-testing.sans.org
Tim “My Shell Makes Your Shell Cry Like a Little Baby” Medin did a presentation at SANS Orlando called “PowerShell for Pen Testers”. It’s really good. It starts out with an overview of PowerShell for the uninitiated, and then quickly jumps to some really effective use cases of PowerShell for penetration testers and ethical hackers.
Security Implications of IPv6 on IPv4 Networks – tools.ietf.org
This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on “IPv4-only” networks, and describes possible mitigations for the aforementioned issues.
- OWASP ZAP SmartCard Project – blog.taddong.com
OWASP ZAP (Zed Attack Proxy) has become THE open-source web application interception proxy and security auditing tool, replacing well known open-source players in this field we have been using all over the last decade, such as Paros, WebScarab, or AndiParos.
- WebGoat 5.4 Released – owasp.blogspot.com
WebGoat 5.4 was released today. Thanks to all of those who sent comments and helped get this release out the door.
- Kautilya v0.2.2 payloads for Teensy Released – code.google.com
Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby.
- PdfStreamDumper version 0.9.320 update – sandsprite.com
PdfStreamDumper is a free tool for the analysis of malicious PDF documents. It also has some features that can make it useful for PDF vulnerability development.
- Exploring Symbol Type Information with PdbXtract – blog.mandiant.com
Mandiant is introducing a new free tool today, PdbXtract™, which allows you to browse and search PDB-type information.
- Inception – breaknenter.org
Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost any machine you have physical access to.
- Plown Security Scanner v0.3 for Plone CMS released – github.com
Plown is a security scanner for Plone CMS. Although Plone has the best security track record of any major CMS and is considered highly secure, misconfigurations and weak passwords might enable system break-ins. Plown has been developed to ease the discovery of usernames and passwords, and act as an assistant to system administrators to strengthen their Plone sites.
- ERPScan has released ERPScan Security Scanner for Sap 2.0 – professionalsecuritytesters.org
ERPScan has released ERPScan Security Scanner for SAP 2.0 – a complex solution to continuously monitor all areas of SAP security, from vulnerability assessment and misconfigurations to ABAP code review and analysis of business-critical privileges.
- psychomario/ntlmsspparse – github.com
Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker.
- Appsec Testing Tips: Edge Cases & Tool Chaining Security Aegis – securityaegis.com
At BruCon 2011 I gave a talk called The Web Application Hackers Toolchain. In this talk i outlined several non-standard additions and aides to web pentesters. One section in particular was leveraging tool chaining for better application mapping.
- 64-bit Process Replacement in Powershell – exploit-monday.com
For those of you who follow me on Twitter, you may have noticed that I posted a few teasers related to replacing processes in Powershell. Without further ado, I am releasing Replace-x64-Process.
- Metasploit 4.3 Released: Task Chains, Email Reports, Upgrades, and More Modules – community.rapid7.com
It’s been a fun and challenging month for the Metasploit team, and we’re happy to announce that Metasploit 4.3 is ready and available for you to download. Metasploit 4.3 ships with 33 new exploits, 20 new auxiliary modules, 11 new post-exploitation modules, 4 new payloads, and some nifty new features on the Metasploit Pro side. That’s a lot of new stuff, so let’s just cover the highlights for this release.
- VoIP Hopper version 2.04 – sourceforge.net
VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop security test.
- WooThemes WooFramework exploit: Execute any shortcode as an unauthenticated visitor – gist.github.com
WooThemes has now bumped their version number and fixed the update bug so please click “Update Framework” inside of the WordPress Admin to grab and install the latest version which patches this bug.
- Microsoft MSN Hotmail
- Weak Passwords Still Subvert IT Security – computerworld.com
A recent data breach that exposed the Social Security numbers of more than 280,000 people served as yet another reminder of the well-recognized, but often discounted, risks associated with using weak and default passwords.
- Trojan Uses Motion Sensors To Steal Smartphone Data – techweekeurope.co.uk
Motion-sensor data from smartphones can be used to effectively guess what keys a user is tapping and steal sensitive data such as PINs and bank details, according to new research (PDF) from Pennsylvania State University (PSU) and IBM.
- Hacker leaks source code of old VMware software – h-online.com
EMC subsidiary VMware has acknowledged that a hacker has released some of the company’s source code.
- Oracle databases vulnerable to injected listeners – h-online.com
There is no patch for a serious security hole in almost all Oracle database installations; administrators themselves should therefore take immediate action to protect their systems.
- Penetration Testing Deception through Vocabulary – netspi.com
This post is not of the technical nature (I’m the wrong guy) nor is it really about industry trends (maybe a little). I want to use this post to focus on some industry-specific vocabulary.