You might want to look into using a networked printer that has not
been properly secured (which is often).

>
> On Mon, Nov 30, 2009 at 2:16 PM, Yiannis Koukouras <ikoukouras (at) gmail (dot) com [email concealed]> wrote:
>>
>> Hi,
>>
>> Scripting netcat to do a connect only scan worked for my team.
>>
>> You can use time del

[ more ]  [ reply ]

Hello

Since you've decided to create a GUI for your program, I've decided to
make an installer.

Written with NSIS, this encapsulates all that is included in your
latest (2.1) release.

Installer: http://www.mediafire.com/?3mz1nmviyvl

Best Regards,

Chip D. Panarchy

PS: If you'd like me to includ

[ more ]  [ reply ]

Hi John
only through personal
experience and not to be taken as fact, acutetix may be a good bet for
commercial use. The ones you mentioned may have problems with permutating
the parameter values for complex scenarios which is of great importance
most of the time. Examples may be provided o

[ more ]  [ reply ]

I completely agree with Aleph - Burp is the way to go if you are
looking for the best of breed, but for the zero-to-report type
scanner, please see the aforementioned list.

--
Rob Fuller | Mubix
Room362.com | Hak5.org | TheAcademyPro.com

On Mon, Nov 30, 2009 at 3:51 PM, Aleph One <al3ph.one@gmail

[ more ]  [ reply ]

Hello

Here is the site's newsletter "Security Database Tools Watch"
(http://www.security-database.com/toolswatch).
This letter summarizes the articles and news items published since 7 days.

We also announce 3 new features :

- Vulnerability Dashboard is fully integrated the OSVDB API. Now with eac

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear colleague,

The first volume of the Onapsis' SAP Security In-Depth publication has been released.

SAP Security In-Depth is a free technical publication leaded by the Onapsis Research Labs with the purpose of providing specialized information about

[ more ]  [ reply ]

I'm currently evaluating some commercial scanners and wanted to get a
feel for others experiences with appscan/cenzic/webinspect. Any
gotcha's with any of these products and can anybody recommend one over
the other?

thanks,
John

-----------------------------------------------------------------

[ more ]  [ reply ]

Hi,

I dont know if people on this list know this, that's why I am mailing
it to know if you had such experience. I got this email from PayPal
(below). This is new way to SPAM, where the spammer sends you a eCheck
through PayPal, then later cancels the payment. The value on eCheck is
very small. But

[ more ]  [ reply ]

What are the different ways of port scanning the target when an IPS in placed.

Some of the methods I used are:

1. Delay the scan prob (nmap --scan-delay)

2. Integrating the scanner with TOR

Regards
Vimal

web   : http://www.maestro-sec.com

-------------------------------------------------------

[ more ]  [ reply ]

Videojak is IP Video Hijacking tool which can be used to hijack IP Video calls and streams from video surveillance camera. It supports SIP, SCCP and RTP protocols and can decode H264 media streams.
Videojak can play fake video content on IP video phones and cameras.
Please visit http://Videojak.sf.n

[ more ]  [ reply ]

Hi

We are using linux-based servers as firewalls for PCI compliant
infrastructure. During audits it has been AOK so far but security
people internally have suggested that maybe a commercial product would
be better suited for PCI infrastructure (as it is pretty critical).

I'm personally very happy

[ more ]  [ reply ]

Hi,

Not sure what happened to my last post, so I'll just reiterate it!

Of many anti-malware software I've tried, MalwareBytes (free) seems to
be the best.

However, I haven't tested the latest ones, so I'd recommend (if you
have the time) to test out as many of the different free/trial malware
det

[ more ]  [ reply ]