So, it’s been a while since we’ve done anything on SA. Honestly my new gig at HP/Fortify (Director of Pentesting) has kept me busy. I did get a chance to play the Mozilla CTF though with a few other HP/Fortify pentesters. The competition was a worldwide CTF run by Mozilla. The Mozilla CTF (capture the [...]
So you’re on a social engineering test… and you need to target some users for spear phishing. Previously we’ve used theHarvester and metasploit for this, but I’ve now fully switched over to esearchy by Matias P. Brutti.
Seeing as DirBuster is my brute forcer of choice, and Burp is my interception proxy of choice, bridging the gap between these 2 tools and getting the output from DirBuster into Burp for further analysis is crucial. As you can see below, one bash command, about 140 characters long, does the trick. It takes the [...]
MS11-083 has arrived and people are getting both excited and scared, it looks like its going to be the next MS08-067. Which if you remember, Conficker used to bend windows over and have a jol. Time for a honeypot?
The quoting of this page has been removed, please visit: http://danielmiessler.com/projects/webappsec_testing_resources/#methodologies# for the full article.
Timeline : Vulnerability discovered and reported to ZDI by Aniway Vulnerability reported to vendor by ZDI the 2010-10-18 Coordinated release of the vulnerability the 2011-04-12 Metasploit PoC provided the 2011-11-05 PoC provided by : Aniway abysssec sinn3r juan vazquez Reference(s) : CVE-2011-0105 MS11-021 ZDI-11-121 Affected version(s) : Microsoft Office XP Service Pack 3 Microsoft Office [...]
SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community’s favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those [...]
I found myself inspired by Vivek Ramachandran’s videos, I thought I would take the honor in creating the simple meterpreter script that basically does what you see in the third installation of the Swse Addendum videos. When I watched the third video I thought to myself, “This shouldn’t be too difficult to do”. From my [...]
Pretty straightforward little pattern here that will run a post module against all open sessions. ## This RC file assumes that you’ve got a bunch of open sessions, and now you want to go searching for a domain admin token. use post/windows/gather/enum_domain_tokens ## Now run against all open sessions framework.sessions.count.each do |session| run_single(“set SESSION #{session.first}”) [...]