Saturday, February 28, 2009

L0phtCrack 6 To Be Released At SOURCE Boston 2009

L0phtCrack is back! At a special information session at SOURCE Boston (Thursday, 10:15am), the team that brought you L0phtCrack will be releasing version 6 of the highly-acclaimed Windows password auditing tool. Expect to go live soon! See you at SOURCE!

read more | digg story

L0phtCrack Lives!

If you are going to SOURCE Boston, you get a front row ticket to this ride. I hate you all...

Monday, February 23, 2009

Oracle Security Blog

Please excuse the horrid color scheme for some awesome tech crunchiness:

What about Bob! (the Butcher)

Since we were on the topic of cracking passwords, I can't leave out Bob, he is always jealous of how much attention that 'Ripper' guy gets:

Oracle Password Cracker - woraauthbf 0.22

Something magical about finding a tool that you need at just the right time.

VMMap (by SysInternals)

VMMap is a process virtual and physical memory analysis utility. It shows a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. Besides graphical representations of memory usage, VMMap also shows summary information and a detailed process memory map. Powerful filtering and refresh capabilities allow you to identify the sources of process memory usage and the memory cost of application features.

Besides flexible views for analyzing live processes, VMMap supports the export of data in multiple forms, including a native format that preserves all the information so that you can load back in. It also includes command-line options that enable scripting scenarios.

VMMap is the ideal tool for developers wanting to understand and optimize their application's memory resource usage.

McFeters lives again! nsearch ImmunityDbg searching script

Nate posts about a memory searching script for ImmunityDbg

Thursday, February 19, 2009

Packets and Logs from ShmooCon

InfoSec Magazine - Feb

Ok ok, so I'm posting this because an Ad for the Academy made it into a full page (35). But it's cool because a good friend of mine was the actual designer of the page.,,sid14_gci1347059,00.html

Tuesday, February 17, 2009

Command Line / Shell Fu Part Deux

Paul Asadoorian and Byte_Bucket have started a blog about cool command line tricks here:

Command Line / Shell Fu

Some links to answer "now what" after you popped shell.

Shell Fu:

Command Line Fu:

Ed Skoudis released 3 cheat sheets:

Wednesday, February 11, 2009

BT4 USB/Persistent Changes/Nessus

A great tutorial that shows you how to get all three working with the new release of Back|Track. Remeber it is still BETA. WHICH MEANS THEY NEED FEEDBACK! -

Security PR Excuse Bingo

Play internally, play via Google News or Digg. However you chose to play, it's still hours of fun:

Tuesday, February 10, 2009

Sunday, February 8, 2009