Dnsmap v0.30 is now out!

After working on dnsmap for a few months whenever time allowed, I decided there were enough additional goodies to make version 0.30 a new public release. Let me just say that a lot of the bugs that have been fixed, and features that have been added to this version would not be possible without the feedback from great folks such as Borys Lacki (www.bothunters.pl), Philipp Winter (7c0.org) and meathive (kinqpinz.info). Thanks guys, your feedback was highly valuable to me. [...]

more | comments | comments rss | posted by

New Version of dnsmap out!

We just released a new version of dnsmap. dnsmap is a subdomain bruteforcer for stealth enumeration.

Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. [...]

more | comments | comments rss | posted by

All your Metadata are belong to Us

Every penetration test consists of 90% enumeration and discovery and 10% of actual exploitation. Of course, these are the figures unless you are performing a vulnerability research where the situation is very different. I tend to believe that enumeration is essential if not critical for hacking into whatever system you may have in mind. [...]

more | comments | comments rss | posted by

Username Enumeration Vulnerabilities

We all know what username enumeration vulnerabilities are about. In this post, I will talk about them within the context of web application pentesting and will discuss some of the common issues I’ve come across during my experience while working at ProCheckUp.

So basically we have an application that will reveal to us when a username already exists on the system. [...]

more | comments | comments rss | posted by

WS Discovery

In the last couple of months I’ve been playing with Web Service and in the process I found several useful things. There are many discovery techniques but I would like to share the most recent ones (the ones that makes most sense to me today). You can check Massive Enumeration Toolset (MET) if you need tools to automate the discovery process.

Web Services are usually described with WSDL (Web Service Description Language) files. [...]

more | comments | comments rss | posted by

Massive Enumeration Toolset

Massive Enumeration Toolset (MET) is a collection of Python scripts designed to perform various passive information gathering attacks which can be useful when evaluating the security of public computer networks.

MET is constantly changing. There is a high chance that the latest version is not working in some situations. The problem is due to the fact that MSN, Google and other search engine vendors change the format of their results pages every so often. [...]

more | comments | comments rss | posted by