Security Updates via Twitter

The Twitterverse offers all kinds of gems for offensive security, so i whipped up a short guide on how to leverage twitter to stay current. Check that out.

Also some very cool stuff has come up:

First up: Bactrack 4 pre final was released by Muts and the offensive security team. Download from:

http://www.remote-exploit.org/backtrack_download.html

Secondly: Chris Eng has  good video on Crypto for Pentesters for OWASP

Thirdly: A new attack environment based on the OWASP top 10 vulnerabilities was released and demoed by none other that Adrian Crenshaw (Irongeek) and its a nice alternative to Webgoat. Check out the Mutillidae presentation.


Fourth: You remember that Penetration Testing and Vulnerability Analysis class I was raving about by Dan Guido? Well he has released all the course materials online finally. GO check that out, there is awesome material there.

http://pentest.cryptocity.net/

Fifth (and definitely hot) is the slides from the SANS Pentest Summit, closing thoughts,  and Ed Skoudis’ tweets about the conference. Thanks to Ed and SANS, you guys rock.

Lastly, Rsnake released a wicked DoS tool called Slowloris for apache (who runs apache anyways, right?) and Muts posted some breakdowns on exploiting itunes

Good stuff!

VN:F [1.1.6_502]
Rating: 0.0/5 (0 votes cast)

No Comments

Filter Evasion – Houdini on the Wire

In case you didn’t see it, Rob Ragan (HP security) had an awesome presentation on filter evasion and his tool  on the IronGeek.com website. Check it out. The audio is a little low, might need to turn up the volume ;)

VN:F [1.1.6_502]
Rating: 5.0/5 (1 vote cast)

No Comments

Heorot.net Pen Test Fundamentals Course Discount!

Just a reminder to all followers that the discount for Heorot.net Penetration Testing Fundamentals Course (and advanced course) will run out soon! Save a hundred bucks on already awesomely priced training =)

http://heorot.net/discounts/

2009-06-08_001415 2009-06-08_001019 2009-06-08_001118

VN:F [1.1.6_502]
Rating: 5.0/5 (1 vote cast)

No Comments

Kevin Johnson Interview: Forget Zero Day

untitledshapeimage_1

Anyone who knows training (or InfoSec for that matter) knows SANS is probably THE most recognized name in InfoSec training. While the foundation of SANS is Stephen Northcutt and Alan Paller, his superstars are the InGuardian’s crew. Call them security divas, we don’t care. We know that Ed Skoudis, Kevin Johnson, Mike Poor, and Joshua Wright are instructors with whom we’d give the whole of our security budget to train. We can’t decide what we like best: their stellar tool development, their helpful whitepapers, their nifty cheat sheets, their open source projects, or the fact that their courses are the most interesting and engaging we’ve seen.

Web application pen testing is a huge focus for the security space right now, and SANS just turned their 4-day SEC542 – Web App Penetration Testing and Ethical Hacking into a 6-day class. We had the chance to pick the brain of its instructor/creator Kevin Johnson, InGuardian pen tester, father, and all around great guy.

Read on as he answers our questions on a wide array of our web-app security queries ;) (clicky clicky)

VN:F [1.1.6_502]
Rating: 5.0/5 (2 votes cast)

No Comments

Interview: Thomas Wilhelm (Heorot.net, Hackerdemia, and De-ICE hacker CD projects)


“Everyone is a pentester these days…”

In a new age of computer security the above is a cynical statement I hear all the time. It is
also incorrect. Although compliance and our own security hype may have made
pentesting an every-mans job, not everyone is a skilled pentester. Thomas Wilhelm
breaks into systems and documents their security holes for Verizon and he does one of
the things I think differentiates pentesters from the masses, he contributes back to the
scene.

Thomas runs three projects that are geared towards teaching pentesting from start to
finish with practical exercises. In addition he holds MSCS, MSM ISSMP, CISSP
SCSECA, SCNA, SCSA, NSA-IEM, and NSA-IAM certs. Two of his projects are
completely free ( De-ICE cd’s and Hackerdemia) and the third is so competitively cheap
it makes for a “best value” in the training space (Heorot.net pentest video training). I
wanted to pick Thomas’s brain about his vision, opinions, and projects in offensive
security. Here’s what he had to say….

Don’t miss out on a discount link for his pentest courses at the end of the interview!

VN:F [1.1.6_502]
Rating: 5.0/5 (2 votes cast)

No Comments

w3af and SQLmap

Seth Misenar recently did some videos for pauldotcom.com on the w3af framework which were really good. w3af is the Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Check below and also head to:

http://w3af.sourceforge.net/videos/video-demos.php

for more w3af goodness.

PDC Episode 151 – Part I – w3af GUI – Seth Misenar from PaulDotCom on Vimeo.

PDC Episode 151 – Part II – w3af Console – Seth Misenar from PaulDotCom on Vimeo.

They also did a short on SQLmap, and SQLi testing tool:

Testing SQL injection with SQLMap from PaulDotCom on Vimeo.

VN:F [1.1.6_502]
Rating: 0.0/5 (0 votes cast)

No Comments

Pass the Hash and SSL Strip Videos

xXxKrisxXx over at Ethicalhacker.net reminded me that I need to keep up on John Strands Vimeo page… good stuff is always found there!

SSLStrip from John Strand on Vimeo.

also check out Ryan Linn’s Pass the Hash presentation!

PTHTK

VN:F [1.1.6_502]
Rating: 0.0/5 (0 votes cast)

No Comments

Pentesting with Backtrack – Offensive Security 101, and future content!

Hey Guys!

Exciting news,  albeit a little old, I won the sponsored contest for offensivesecurity.com’s Pentesting with Backtrack training. Don over at EthicalHacker.net liked my contribution to the forums and chose me as 2nd place for the content of my posts. I’m about 50% of the way through and when I’m done expect a full review and article.

Also Coming soon (we have been a little busy lately, sorry!):

Offensive Security 101 Review

Interview with Thomas Wilhelm of Hereot.net and review of his pentesting courses!

Review of the NEW CEH version 6 training by SecureIA and Wayne Burke!

Review of the CBTNuggets CEH version 5 Training!

Multiple reviews of new and upcoming security products

And, barring a disaster, an interview with one of webapp pentesting’s greatest hero’s (to be un-named until i hear back from him lol)

VN:F [1.1.6_502]
Rating: 4.0/5 (2 votes cast)

No Comments

Review: Secrets of Network Cartography: A Comprehensive Guide to Nmap

Also featured  on Ethicalhacker.net:

Nmap is indispensable.

OK, that was obvious. There is no doubt that Fyodor and contributors have made the de-facto standard of network scanners, but when it comes down to learning the ins and outs and the power of Nmap, where should you put your hard earned cash?

Let’s neglect the support documentation (man pages) for a second, and assume you don’t really use Nmap on a day-to-day basis. Why? Over at http://www.professormesser.com/, James “Professor” Messer has put together a 232-page eBook proving that one doesn’t have to be a networking guru to learn how to use Nmap effectively in your organization.

But what about the $197 video companion to this $47 book? How does it stack up against Fyodor’s own book on Nmap (See EH-Net Review by JP Bourget)?

Stick around my friends as the answers you seek are only minutes away, click here for the full review!

VN:F [1.1.6_502]
Rating: 5.0/5 (1 vote cast)

No Comments

Conficker links

Tomorrow is phone home day for Conficker…

 

I went over today’s links from security people I follow on twitter. Dan Kaminsky (of last years DNS fame) has one of the best interview articles I’ve seen on Conficker at a high level and new tools related, but here are some additional docs:

http://isc.sans.org/conficker – SANS ISC Entry of third party removal tools

http://www.honeynet.org/papers/conficker/ – Know Your Enemy: Containing Conficker.

http://seclists.org/nmap-dev/2009/q1/0870.html – Nmap Scripting Engine script for detection.

http://securitylabs.websense.com/content/Alerts/3329.aspx – Some Technical nitty gritty of it by websense.

http://www.doxpara.com/?p=1294 – Packaged, updated, stand alone scanner by Kaminsky (rebuild the py2exe, Tillmann and Felix’s scs code, now with Core’s impacket library safely embedded); as well as more links for windows (nmap) scanning.

http://blog.tenablesecurity.com/2009/03/detecting-conficker-with-nessus.html – nessus plugin blog update

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx – Microsoft’s “Protect yourself from the Conficker computer worm” entry.

VN:F [1.1.6_502]
Rating: 5.0/5 (2 votes cast)

No Comments