[Announcement] Blackhat Arsenal USA 2013 Selected Tools – toolswatch.org
I’m pleased to announce the selected tools for the next coming session of Arsenal that will take place in Las Vegas Nevada in July 31-August 1, 2013 | 10:00-18:00
- The Social-Engineer Toolkit (SET)
- AirCrack-NG Updated after 3-Year Hiatus – novainfosec.com
Seems older tools are getting updates recently. A few weeks ago it was Cain & Abel after two years … and now we have the popular Aircrack-ng suite with their 1.2 beta 1 release after three years.
- savon-noir/python-libnmap – github.com
libnmap is a python library to run nmap scans, parse and diff scan results. It’s wonderful.
- John the Ripper 1.8.0 – openwall.com
I’ve just released John the Ripper 1.8.0, available from the usual place.
- WCE v1.4beta released – hexale.blogspot.com
WCE v1.4beta released. Includes several bug fixes and support for Windows 8.
- PenQ Security Testing Browser Bundle – qburst.com
PenQ is an open source Linux based penetration testing browser bundle we built over Mozilla Firefox.
- Security and Networking – Blog – DNSRecon 0.8.6 isOut! – darkoperator.com
Just updated DNSRecon to check if it can pull the Bind Version by doing a query for the TXT Record version.bind and it will now check if the RA Flag is set in responses from each of the NS servers it detects. If the server has recursion enabled it could be used for DDoS attacks and for performing Cache Snooping.
- Under The Hood: Linksys Remote Command Injection Vulnerabilities – SpiderLabs Anterior – blog.spiderlabs.com
Several models in the Linksys E-Series WiFi routers running their respective current firmwares are prone to remote OS command injection vulnerabilities. In this article, we’ll take a look at two of these vulnerabilities that exist due to improper validation of system command parameters passed via the stock Linksys web administration interface.