An awesome online resource for learning Ruby
Wednesday, June 24, 2009
After a bunch of googling to find out what PEB was I happened upon this old milw0rm paper, which answered that question and the one I was going to ask next: How is it used in exploitation:
Explorer Suite is awesome, here is their description:
A freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86, x64 and Itanium.
I apologize for not remembering who tweeted this to thank them. But thanks to Daniel Reynaud for posting it.
Tuesday, June 23, 2009
Paul goes into a lot of meat and potatoes about SCTP but the juice is here:
To scan for SCTP on your network and check if you are vulnerable using Nessue:
Enable “IP Protocols Scan” under the “Misc” plug-in family, and check “Thorough tests(slow)” in the Advanced tab of the scan policy under “Global Variable Settings”.
Monday, June 22, 2009
Thursday, June 18, 2009
Etherpad is a pastebin like site where you can edit on the fly… and so can a dozen other people. They actually do a REALLY good job at monitoring changes from everyone. There is also a chat feature, that way you aren’t notepad chatting, and an IMPORT functionality. Importing is great when your clipboard buffer just might not be good enough:
.. just wow.. (Google check them out, they nailed something you are STILL having problems with, but of course, you are still in BETA)
Wednesday, June 17, 2009
A really good list of extensions. The best way to do this is keep multiple copies of Portable Firefox with the addons. I would suggest naming the directories for each copy of Firefox accordingly and also editing their configuration to allow simultaneous starting and altering the title bar so that you can differentiate between the multiple instances.
Tuesday, June 16, 2009
I hope to be using these links to use as part of .. you know what… I forgot, but I know it will come back to me and I’ll need these links, so I am storing them here. Muhahahah..
CORE’s write-up + code: http://www.coresecurity.com/content/ie-security-zone-bypass
MS09-019 advisory: http://www.microsoft.com/technet/security/Bulletin/MS09-019.mspx
CSO interviewed Chris Nickerson and he showed a reporter 5 security problems a random office building had before he ever entered the building:
Monday, June 15, 2009
Wednesday, June 10, 2009
Off Setting: DWORD=0
On Setting: DWORD=1
This option can make Kon-boot, OFFLINE NT PASSWORD RESET and some of HIREN’s PASSWORD tools pretty useless. But wait.. Can’t you edit the registry offline? Yup! (Be sure to pull the plug because “Computer” policies are applied BEFORE the logon prompt appears)
Tuesday, June 9, 2009
On the Security Focus: Penetration Testing List there was a great set of links to lists of tools:
http://www.indianz.ch/ – Haven’t seen this one before. HUGE list of ‘interesting’ files.
And a VOIP specific list: http://www.voipsa.org/Resources/tools.php
Monday, June 8, 2009
So IronGeek puts out tons of videos and some pretty sweet tools. This one is no less awesome:
Probably the best way of getting hands on a Cisco without buying one off of eBay. Tons of features and probably the only sim I’ve worked with that has the complete feature set of the actual devices. (Probably because you have to supply it with a real IOS file)
Sunday, June 7, 2009
Chris Eng does a good job at explaining what you need to know:
Thursday, June 4, 2009
- "What does your company do?"
- "Are you going to do a background check?"
- "When will I be eligible for a raise?"
- "Do you have any other jobs available?"
- "How soon can I transfer to another position?"
- "Can you tell me about bus lines to your facility?"
- "Do you have smoking breaks?"
- "Is [my medical condition] covered under your insurance?"
- "Do you do a drug test?"
- "If you hire me, can I wait until [more than three weeks from now] to start the job?"
There are tons of scanners/testers on the market, but this one’s feature set kinda caught my eye:
As of now, the SandCat will scan for these fault injections:
* Buffer Overflow
* Cookie Manipulation
* Command Execution
* CRLF Injection
* Cross Frame Scripting
* Cross-Site Scripting (XSS)
* Default Account
* Directory Listing
* Directory Traversal
* File Inclusion
* Information Disclosure
* LDAP Injection
* MX Injection
* Password Disclosure
* Path Disclosure
* PHP Code Injection
* Server-Specific Vulnerabilities: IIS / iPlanet / Others
* Source Code Disclosure
* SQL Injection
* XPath Injection