Information Security Think Tank
You’ve already got it! It is laying on your PC and it is called the shell. The shell was designed to start/strop and control process with ease so why do we need yet another universal pen-testing framework, which does what another tool is already doing for us and it comes by default? In this post we are going to delve in the world of advanced shell programming for penetration testing purposes.
The shell is defacto the interface to your operating system. [...]
We just released a new version of dnsmap. dnsmap is a subdomain bruteforcer for stealth enumeration.
Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. [...]
In my last post I showed my own implementation of n HTTPS Man-in-the-middle proxy written from scratch in Python. I’ve spent great deal of time to make the proxy as programmer-friendly as possible. In this post I am planning to show how you can use the code to write your own proxies in the spirit of Burp, Paros, WebScarab, RatProxy, etc.
Why is this interesting? Well, it is interesting to Python developers/hackers only. [...]
Lately I’ve been busy with putting together a python module which allows me to create man-in-the-middle (MITM) HTTP Proxies with a programmer-friendly extension interface and support for SSL. This kind of proxies can be used for many things ranging from creating your own tampering proxies to hijacking network traffic via a transparent proxy connection.
I am quite pleased with the end result! [...]
Work with the system rather against it. I have always been a big fan of this approach as it proved to be successful every time it was put into practice.
So you receive one of these phone calls. The girl on the other end presents herself as Jessica Smith. The company has to do something with financing. The conversation goes as usual. [...]
Jeremiah is calling all security researchers and hobbyists to submit their favorite Web hacking techniques released during 2008. There are some nice perks too. I say Sure!.
Although I don’t like the fact that there are judges appointed to select which one is the best one. Where did the democracy go? With all the vastly expressive, social technologies that we have today, we are still stuck with juries.
In a similar fashion, The Pwnie Awards lacks any reality, imho. [...]
…and there are a lot of privacy concerns too.
IMHO, the way the Twitter folks designed their system, is totally wrong. The one and only major concern is that 3rd-part software is allowed to communicate with Twitter’s API by using the user’s login credentials. This is a bit insane as you can imagine. Why would you want to share your username and password with someone you certainly don’t trust? [...]
I found myself a new online toy. It is called Pipl and it is all about finding people online. Obviously, the concept behind the tool is not new. There are other tools that does the same, but this one is incredible accurate and verbose. It is a must toy in the arsenal of any serious penetration tester/attacker.
Of course, I went ahead and looked up several people I know and various security researchers, etc. [...]
Most of us are familiar with several techniques that allow us to bypass web filtering gateways like CS MIMESweeper.
The following are some of them:
access the desired site via IP address rather than domain name
access cached content rather than live data. i.e.: using Google’s cache: command
using proxies. i.e.: anonymouse, Google translator, etc
using alternative connections. [...]
2008 is gone! Let’s welcome the brand new 2009. Happy New Year!
The GNUCITIZEN team wishes everybody a happy new year full of happiness and laughter. To all the security community we wish a successful and productive new 2009.