L0phtCrack is back! At a special information session at SOURCE Boston (Thursday, 10:15am), the team that brought you L0phtCrack will be releasing version 6 of the highly-acclaimed Windows password auditing tool. Expect www.l0phtcrack.com to go live soon! See you at SOURCE!
read more | digg story
Saturday, February 28, 2009
L0phtCrack Lives!
http://www.l0phtcrack.com/
If you are going to SOURCE Boston, you get a front row ticket to this ride. I hate you all...
If you are going to SOURCE Boston, you get a front row ticket to this ride. I hate you all...
Thursday, February 26, 2009
Digital Soapbox - Latest ClickJacking Twitter Exploit vs. Firefox + NoScript
Here is a great article by Rafal Los on ClickJacking: http://preachsecurity.blogspot.com/2009/02/latest-clickjacking-twitter-exploit-vs.html
Monday, February 23, 2009
Oracle Security Blog
Please excuse the horrid color scheme for some awesome tech crunchiness:
http://www.petefinnigan.com/weblog/entries/
http://www.petefinnigan.com/weblog/entries/
What about Bob! (the Butcher)
Since we were on the topic of cracking passwords, I can't leave out Bob, he is always jealous of how much attention that 'Ripper' guy gets:
http://btb.banquise.net/
http://btb.banquise.net/
Oracle Password Cracker - woraauthbf 0.22
Something magical about finding a tool that you need at just the right time.
http://www.soonerorlater.hu/index.khtml?article_id=513
http://www.soonerorlater.hu/index.khtml?article_id=513
VMMap (by SysInternals)
VMMap is a process virtual and physical memory analysis utility. It shows a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. Besides graphical representations of memory usage, VMMap also shows summary information and a detailed process memory map. Powerful filtering and refresh capabilities allow you to identify the sources of process memory usage and the memory cost of application features.
Besides flexible views for analyzing live processes, VMMap supports the export of data in multiple forms, including a native format that preserves all the information so that you can load back in. It also includes command-line options that enable scripting scenarios.
VMMap is the ideal tool for developers wanting to understand and optimize their application's memory resource usage.
http://technet.microsoft.com/en-us/sysinternals/dd535533.aspx
McFeters lives again! nsearch ImmunityDbg searching script
Nate posts about a memory searching script for ImmunityDbg
http://natemcfeters.blogspot.com/2009/02/nsearch-new-immunitydbg-searching.html
http://natemcfeters.blogspot.com/2009/02/nsearch-new-immunitydbg-searching.html
Thursday, February 19, 2009
Packets and Logs from ShmooCon
Tenable's assessment of what happened at Shmoo:
http://blog.tenablesecurity.com/2009/02/packets-and-logs-found-on-the-shmoocon-network.html
http://blog.tenablesecurity.com/2009/02/packets-and-logs-found-on-the-shmoocon-network.html
InfoSec Magazine - Feb
Ok ok, so I'm posting this because an Ad for the Academy made it into a full page (35). But it's cool because a good friend of mine was the actual designer of the page.
http://searchsecurity.techtarget.com/magOnline/0,,sid14_gci1347059,00.html
http://searchsecurity.techtarget.com/magOnline/0,,sid14_gci1347059,00.html
Tuesday, February 17, 2009
Command Line / Shell Fu Part Deux
Paul Asadoorian and Byte_Bucket have started a blog about cool command line tricks here:
http://blog.commandlinekungfu.com/
http://blog.commandlinekungfu.com/
Command Line / Shell Fu
Some links to answer "now what" after you popped shell.
Shell Fu:
http://www.shell-fu.org/
Command Line Fu:
http://www.commandlinefu.com/
Ed Skoudis released 3 cheat sheets:
http://www.inguardians.com/pubs/articles.html
Shell Fu:
http://www.shell-fu.org/
Command Line Fu:
http://www.commandlinefu.com/
Ed Skoudis released 3 cheat sheets:
http://www.inguardians.com/pubs/articles.html
Monday, February 16, 2009
RainbowCrack 1.3 Released
Multicore and CUDA (GPU) integration. w00t!
http://www.professionalsecuritytesters.org/modules.php?name=News&file=article&sid=1005
http://www.professionalsecuritytesters.org/modules.php?name=News&file=article&sid=1005
Friday, February 13, 2009
Thursday, February 12, 2009
List of 'bad' sites and blocklists
Here is a list of known bad sites:
http://www.malwaredomainlist.com/mdl.php?inactive=&sort=IP&search=&colsearch=All&ascordesc=ASC&quantity=100&page=0
Here is my favorite blocklist site:
http://iblocklist.com/lists.php
http://www.malwaredomainlist.com/mdl.php?inactive=&sort=IP&search=&colsearch=All&ascordesc=ASC&quantity=100&page=0
Here is my favorite blocklist site:
http://iblocklist.com/lists.php
Wednesday, February 11, 2009
BT4 USB/Persistent Changes/Nessus
A great tutorial that shows you how to get all three working with the new release of Back|Track. Remeber it is still BETA. WHICH MEANS THEY NEED FEEDBACK! - http://www.infosecramblings.com/backtrack/backtrack-4-usbpersistent-changesnessus/
Security PR Excuse Bingo
Play internally, play via Google News or Digg. However you chose to play, it's still hours of fun:
http://www.crypto.com/bingo/pr
http://www.crypto.com/bingo/pr
Tuesday, February 10, 2009
Vulnerable Versions of Software
Check out: https://www.securinfos.info/old-softwares-vulnerable.php for software to try your RE / Hack fu on.
Monday, February 9, 2009
BackTrack 4 Beta NOTES
I would suggest you read these before going too deep into BT4: http://backtrack4.blogspot.com/2009/02/backtrack-4-beta-shmoo-release.html
Sunday, February 8, 2009
Sunday, February 1, 2009
Subscribe to:
Posts (Atom)