Ever wanted to know what exactly changed? Check out the following link:
http://metasploit.com/dev/trac/timeline
http://metasploit.com/dev/trac/timeline
Friday, October 31, 2008
Thursday, October 30, 2008
10 Linux Desktop Themes
These are pretty sweet. I know I have been slacking on the security links and I swear this is the last frufru for a while.
http://www.linuxhaxor.net/2008/10/10/10-finger-licking-linux-desktopthemes/
http://www.linuxhaxor.net/2008/10/10/10-finger-licking-linux-desktopthemes/
Wednesday, October 29, 2008
Tuesday, October 28, 2008
Malware Challenge Answer
More than you ever wanted to know about what you can do with Malware without executing it:
http://hype-free.blogspot.com/2008/10/solution-to-malware-challenge.html
http://hype-free.blogspot.com/2008/10/solution-to-malware-challenge.html
CD Burning on the Road
Who still burns CDs? Well, if you do, keep this program handy on your USB stick. It does DVDs and CDs alike and can handle most formats:
http://cdburnerxp.se/
http://cdburnerxp.se/
Thursday, October 23, 2008
Fail Whale
Nothing can compare the the level of "Fail" shown here:
http://www.flickr.com/photos/44124451045@N01/2783265768/
http://www.flickr.com/photos/44124451045@N01/2783265768/
Terry Tate is back and ANNNGGRRRY
The PAIN TRAIN was coming, you didn't believe me, but now it's HERE and you better be ready! 'cause it's coming for YOU
http://returnofterrytate.com/
http://returnofterrytate.com/
Wednesday, October 22, 2008
The Zone-H of XSS
http://www.xssed.com/
And if you don't know what Zone-H is: http://www.zone-h.org/content/view/76/86/
It's an archive, but some would say a "leader board" of defaced web sites.
And if you don't know what Zone-H is: http://www.zone-h.org/content/view/76/86/
It's an archive, but some would say a "leader board" of defaced web sites.
Tuesday, October 21, 2008
A little something for iPhone fanboys
Yes, I am one of them and I still thought this was hilarious:
http://dilbert.com/strips/comic/2008-10-20/
http://dilbert.com/strips/comic/2008-10-20/
Infinity Exists
An interesting video blog that goes into some pretty deep topics. They are a bit young and are into the "underground", but great content.
http://infinityexists.com/
http://infinityexists.com/
Monday, October 20, 2008
Synergy on Steroids
Yup, that's right, someone made a better virtual KVM. Here is the problem, it's only for Winders
http://www.inputdirector.com/
http://www.inputdirector.com/
Sunday, October 19, 2008
SQL Injection for the Boss
I asked the question on twitter a while ago and Daniel Miessler posted about it (There are some really good comments):
http://dmiessler.com/blog/how-does-one-explain-sql-injection-to-a-non-techie
http://dmiessler.com/blog/how-does-one-explain-sql-injection-to-a-non-techie
Michael Mcintyre
Sorry for linking MySpace but this dude is hilarious.
http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendID=131621659
http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendID=131621659
Saturday, October 18, 2008
Label it FAIL
Oh yes, now you too can label things properly. Who needs photoshop!
http://www.zestuff.com/home-and-office/stickers/fail-sticker.aspx
http://www.zestuff.com/home-and-office/stickers/fail-sticker.aspx
Office Poltergeist
No, I didn't even have to think up an interesting title for this one, it's actually what the app is called:
http://geniushackers.com/blog/2008/03/10/officepoltergeist-play-pranks-on-your-friends-with-this-open-source-software/
http://geniushackers.com/blog/2008/03/10/officepoltergeist-play-pranks-on-your-friends-with-this-open-source-software/
Thursday, October 16, 2008
Alternatives to VirusTotal
You can never have too much information.
http://anubis.iseclab.org/?Anubis
http://virusscan.jotti.org/
http://anubis.iseclab.org/?Anubis
http://virusscan.jotti.org/
RegEx builder for Googling your MOSS
Haven't played with it yet, but it's from Hak5's latest ep, and Dan Griffin released it at toorcon. Use the tool to search your sharepoint server for credit card numbers, and other PII.
http://www.codeplex.com/MossRegExSearch
http://www.codeplex.com/MossRegExSearch
Wednesday, October 15, 2008
John Strand's Penetration Testing Videos
Now isn't that much nicer than saying "Hacking" ;-)
http://vimeo.com/user595761/videos/sort:date
http://vimeo.com/user595761/videos/sort:date
Tuesday, October 14, 2008
Don't Use Default Passwords
You tell your users to not use default passwords. Now you can check to see if they are doing as you asked.
http://midnightresearch.com/pages/depant-your-network/
http://midnightresearch.com/pages/depant-your-network/
Thursday, October 9, 2008
Ubuntu Tweak
Sweet app that helps you tweak out your ubuntu install
Ubuntu Unleashed: New: Ubuntu tweak 0.4.0 Released!
Ubuntu Unleashed: New: Ubuntu tweak 0.4.0 Released!
Wednesday, October 8, 2008
Doing great things
These are a bunch of leading edge guys doing great things. Check out Episode 11 of Securabit to get filled in.
Defcon Group 949
Defcon Group 949
ratproxy
Try running all of your traffic for the day through this baby. You will be surprised how many sites you no longer trust with your information.
ratproxy - Google Code
ratproxy - Google Code
Give Me Too!
Imagine Cain and Able's arp spoofing coupled with Network Miner's ability to reconstruct packets.
SpyArsenal.com - spy software free download page - Family Key Logger, Home Free Keylogger download, Internet Spy, network sniffer.
Ignore the rest of the crap on the page.
SpyArsenal.com - spy software free download page - Family Key Logger, Home Free Keylogger download, Internet Spy, network sniffer.
Ignore the rest of the crap on the page.
ShareMyApps.org
Not exactly sure that I like the idea of sharing what apps I have on my system but it a great resource ;-)
Share My Apps ( Home )
Share My Apps ( Home )
Network Security Toolkit VM
Haven't had the chance to play with this but it looks sweet. Network Security in a box, what could go wrong.
Network Security Toolkit (NST) Virtual Machine | Virtual Appliance Marketplace
Network Security Toolkit (NST) Virtual Machine | Virtual Appliance Marketplace
Smoothwall for the WRT Family
Well not exactly, but it's pretty awesome none the less. Does a lot more than OpenWRT as far as a real firewall/ips/ids.
PacketProtector.org: security solution for wireless routers
PacketProtector.org: security solution for wireless routers
RSS Change
Don't know if ya'll will see a difference, but I am now on feedburner at
http://feeds.feedburner.com/MubixsLinks
So if you are here because you stopped getting the feed, this is why.
http://feeds.feedburner.com/MubixsLinks
So if you are here because you stopped getting the feed, this is why.
Tuesday, October 7, 2008
Alex Eckleberry's Keynote
Alex's keynote which was basically a state of the union address via the virus world. Horrible video quality but content is what you are watching for.
http://sunbeltblog.blogspot.com/2008/10/virus-bulletin-2008-keynote-address.html
http://sunbeltblog.blogspot.com/2008/10/virus-bulletin-2008-keynote-address.html
Sweet Windows mod
Work in progress as of now to get my desktop to look like this except for the wallpaper.
http://lifehacker.com/5058949/windows-vista-with-a-live-thumbnail-sidebar
http://lifehacker.com/5058949/windows-vista-with-a-live-thumbnail-sidebar
shell fu
This is definitely something you want in your RSS feed and probably a weekly site visit:
http://www.shell-fu.org/
http://www.shell-fu.org/
Monday, October 6, 2008
New Registry Analysis Tool
I have no idea why this guy is so excited about this tool but I'm sure someone out there will benefit from it.
Windows Incident Response: New Registry Analysis Tools
Windows Incident Response: New Registry Analysis Tools
Another Google Chrome binge - SSL Indexing
Seriously, and I just read a article by a Google employee stating that it holds up better than any other browser while surfing malicious sites. (Great, but what if one gets through and can now access my clear text passwords and indexed SSL surfing)
http://www.readwriteweb.com/archives/chrome_password_protected_web.php
http://www.readwriteweb.com/archives/chrome_password_protected_web.php
Firewall and IDS Testing Tool
This was mentioned on a PaulDotCom blog post, I haven't tried it out yet.
http://dev.inversepath.com/trac/ftester
http://dev.inversepath.com/trac/ftester
The State of the Union
You will be surprised at what people said and searched for during the VP debates... Wow.. just wow..
Official Google Blog: The VP debate: Candidates, questions, and queries
Official Google Blog: The VP debate: Candidates, questions, and queries
Sunday, October 5, 2008
CoinStar Hacking
Sticking it to the man and his 9% cut: ;-) Disclaimer, this may be illegal, don't do it.. seriously, don't... really.. no... stop..
The ultimate users guide to hacking a CoinStar machine
The ultimate users guide to hacking a CoinStar machine
Please check your phone at the door
Metasploit on the iPhone doesn't hold a candle to this ubergadget. Might have to get your company to pay for it at the prices they are asking. (I can't blame them though, it's awesome)
http://neopwn.com/
It would be great if they would send me a demo! ;-)
http://neopwn.com/
It would be great if they would send me a demo! ;-)
Saturday, October 4, 2008
AppleTV as Boxee and XBMC
If you don't have a Boxee invite already just ping me and I will get one for ya, but I really wish I had a AppleTV now:
http://code.google.com/p/atvusb-creator/
http://code.google.com/p/atvusb-creator/
Thursday, October 2, 2008
Security Tools - unpublished
Here is a list of tools that don't get the lime light that often but are most impressive:
http://www.askapache.com/security/computer-security-toolbox-2.html
http://www.askapache.com/security/computer-security-toolbox-2.html
Your argument is irrelevant
My dog is batman, your argument is irrelevant.
http://www.zootropole.com.br/uploaded_images/9lfw5e-712261.jpg
http://www.zootropole.com.br/uploaded_images/9lfw5e-712261.jpg
Server Gated Cryptography
Knowing what this is just might get you a job:
http://en.wikipedia.org/wiki/Server_gated_cryptography
http://en.wikipedia.org/wiki/Server_gated_cryptography
Netbooks side by side
This was posted in August, but still a great side by side comparison:
http://gizmodo.com/5040400/a-comprehensive-list-of-ultraportables-netbooks-mini+notebooks-or-whatever-you-call-them
http://gizmodo.com/5040400/a-comprehensive-list-of-ultraportables-netbooks-mini+notebooks-or-whatever-you-call-them
Wednesday, October 1, 2008
Richard Mogull
http://securosis.com/ - his site.. currently talking about a huge TCP flaw that could DoS anything that uses TCP.. interesting.
Presentation Zen
So before you send you stuff to http://shmoocon.org/cfp.html you might want to check out http://www.presentationzen.com/
Web App Guru
Remember I asked for a Web App Sec Guru (WASG? Sounds like a stupid Cert), well this guy is one that finally decided to start posting to a blog. Don't hate on him yet. Let him get his feet wet in the blogisphere first.
http://jack-mannino.blogspot.com/
Definitely worth adding to your RSS feed reader. (Just in case he posts ever again...)
http://jack-mannino.blogspot.com/
Definitely worth adding to your RSS feed reader. (Just in case he posts ever again...)
Greasemonkey Text Area Backup script
This awesome little script keeps your text area from disappearing into /dev/null when Firefox decides to crash in the middle of an extremely long post that you had been working on for weeks and didn't save anywhere else other than in that stupid text area..... but I'm not mad..
http://lifehacker.com/photogallery/LH-Top-10|-Greasemonkey-User-Scripts/1682268
http://lifehacker.com/photogallery/LH-Top-10|-Greasemonkey-User-Scripts/1682268
Blackhat Forums
Another one of those, if you don't know you don't need to be there:
http://www.blackhat-forums.com
let me add Ryan1918 to the mix to so I don't have to post again.
http://www.blackhat-forums.com
let me add Ryan1918 to the mix to so I don't have to post again.
EC-Council Portal
Even though I have a C|EH now, this place still alludes my grasp as it takes them forever to do ANYTHING except take your money:
http://portal.eccouncil.org/forum/login_user.asp
Any good webapp sec gurus out there wanna help me out ;-)
http://portal.eccouncil.org/forum/login_user.asp
Any good webapp sec gurus out there wanna help me out ;-)
SurftheChannel is still there
Great way to stur up media guys, but they are still here, and still a great site to watch TV at work.. I mean, online..
http://www.surfthechannel.com/
http://www.surfthechannel.com/
McGoo
If have had the unfortunate luck of not coming across Mr. McGrew's website yet, then I am here to help in the fulfillment of your life. You can either google for "Killer Coding Ninja Monkey looks like Ulysses S. Grant" or simply click the link below:
http://www.mcgrewsecurity.com/
http://www.mcgrewsecurity.com/
Great non-govvie Security Site
Great site that tells it like it is, most of the time:
http://www.governmentsecurity.org/
http://www.governmentsecurity.org/
Department of Homeland Stupidity
Good article. Applies to big corporations too.
http://www.homelandstupidity.us/2006/03/20/government-computer-security-has-a-long-way-to-go/
http://www.homelandstupidity.us/2006/03/20/government-computer-security-has-a-long-way-to-go/
90 Day Botnet Count from Shadow Servers
Finally decreasing. People getting smarter or are dumb bot hearders getting caught?
http://www.shadowserver.org/wiki/pmwiki.php?n=Stats.BotCount90-Days
http://www.shadowserver.org/wiki/pmwiki.php?n=Stats.BotCount90-Days
John McCain
No, I am not a McCain hater, but damn is this funny:
http://i169.photobucket.com/albums/u220/jack603ny/John_Balls.jpg
http://i169.photobucket.com/albums/u220/jack603ny/John_Balls.jpg
Packet-o-Matic
Real-time packet processor - In other words it drumps useable STUFF from dumps.
http://www.packet-o-matic.org/
http://www.packet-o-matic.org/
Installing XP from USB
Two references:
- http://www.vandomburg.net/installing-windows-xp-from-usb/
- http://www.liliputing.com/2008/04/install-windows-xp-on-mini-note-usb.html
Fived - A Layer Five Daemon
If anyone can tell me what this actually does, that would be great.... mmmkay..
http://fived.capelis.dj/
http://fived.capelis.dj/