Penetration Testing Mode:
(Page 6 of 637)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Ruxcon 2012 Call For Papers 2012-04-19
cfp ruxcon org au
Ruxcon 2012 Call For Papers

The Ruxcon team is pleased to announce the call for papers for the 2012 annual Ruxcon conference.

This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the

[ more ]  [ reply ]
Passwords^12 : Call for Presentations 2012-04-15
Per Thorsheim (per thorsheim net)
For the third time I am happy to announce a Call for Presentations for
Passwords^12.

Passwords^12 will be held at the University of Oslo (Norway) on December
3-4, 2012. The 2-day conference will be free and open for anyone to
attend. Please do note that our primary audience will be academics and
se

[ more ]  [ reply ]
Backtrack 5 R2 priv escalation 0day found in CTF exercise 2012-04-11
Adam Behnke (adam infosecinstitute com) (1 replies)
wicd Privilege Escalation 0Day
Tested against Backtrack 5, 5 R2, Arch distributions

Spawns a root shell. Has not been tested for potential remote exploitation
vectors.

Discovered by a student that wishes to remain anonymous in the course CTF.
This 0day exploit for Backtrack 5 R2 was discovered b

[ more ]  [ reply ]
Re: Backtrack 5 R2 priv escalation 0day found in CTF exercise 2012-04-12
Juan F. Campos - Computalleres.com (jfcampos computalleres com)
44Con 2012 CFP - London 5th - 7th September 2012-04-10
Steve (steve 44con com)
The 2nd annual 44Con is going to be held in London in September, 2012.
We're looking for speakers, workshops and training courses to make the
event even bigger and better than last year. If you fancy an
accomodation and travel covered trip to London while it's still warm and
sunny, this is the e

[ more ]  [ reply ]
Shakacon CFP - Extended Deadline: April 13, 2012 2012-04-05
Shakacon (info shakacon org)
Thanks to everyone for all the submissions received and the committee is
evaluating them for selection. If you are on the fence about submitting
remember - All selected speakers will receive compensation to cover
Airfare and 2 hotel nights in Honolulu, Hawaii. Not to mention you get
to hang out w

[ more ]  [ reply ]
OWASP ZAP 1.4.0 released 2012-04-08
psiinon (psiinon gmail com)
Hi folks,

I'm very pleased to announce that version 1.4.0 of the OWASP Zed
Attack Proxy (ZAP) has now been released.

This release adds the following main features:
* Syntax highlighting
* fuzzdb integration
* Parameter analysis
* Enhanced XSS scanner
* A port of some of the Watcher checks
* Plugab

[ more ]  [ reply ]
[Tool update] - Gason: sqlmap plugin for burpsuite proxy 2012-04-09
cr0hn (dani madesyp com)
Dear all,

I just released a new version of Gason: A plugin to run sqlmap into
burpsuite.

What's new?

- Bux fixes
- New GUI that allow you to run plugin stand alone, as a sqlmap GUI
wrapper.

Project page:

http://code.google.com/p/gason/

Regards!

------------------------

[ more ]  [ reply ]
Cheap Software Defined Radio 2012-04-04
Justin Rogosky (jrogosky gmail com)
Saw this slashdot article about repurposing a tv tuner card as a poor
mans software defined radio. Since it was on slashdot, I can assume the
discovery was made sometime in 2005 and only recently posted.

Links below are to the article and the actual site for the radio...

http://hardware.slashdot.

[ more ]  [ reply ]
how to calculate hmac for esp packet? 2012-04-04
Jun Yin (hansyin gmail com)
Hi, I'm trying to craft a esp packet for ipsec test, I try to use
python to create the hmac, I tried this:

>>> key1="11111111111111111111111111111111"
>>> msg="000001340000000b46e66a9853b58a94492be70c535a72d5994c3fe54a7c69e6a43
3c5a1a24b2c207e28f240b6d51e7b8711daa2b2ec39461dfa246ae23265fcd3c20f4bb1d

[ more ]  [ reply ]
Medusa 2.1 Release 2012-04-03
jmk (jmk foofus net)
Fellow Pen-Testers:

Medusa 2.1 is now available for public download.

http://www.foofus.net/?page_id=51
http://www.foofus.net/jmk/tools/medusa-2.1.tar.gz

This release does not introduce any major changes to the core of the
application. However, it does include two years worth of bug-fixes
through

[ more ]  [ reply ]
Hacking AutoUpdate by Injecting Fake Updates 2012-04-03
Adam Behnke (adam infosecinstitute com)
We all know that hackers are constantly trying to steal private information
by getting into the victim's system, either by exploiting the software
installed in the system or by some other means. By performing routine
updates for their software, consumers can protect themselves, patching known
vulner

[ more ]  [ reply ]
Windows Credentials Editor (WCE) v1.3beta 64bit release 2012-03-29
Amplia Security Research (research ampliasecurity com)
WCE (Windows Credentials Editor) v1.3beta 64bit released.

Download link: http://www.ampliasecurity.com/research/wce_v1_3beta_x64.tgz

Additional information:
http://www.ampliasecurity.com/research/wcefaq.html

------------------------------------------------------------------------

This list is s

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Danux (danuxx gmail com) (1 replies)
Hi Yiannis,

The intent was to share a script as a result of a pen-test, since when
I was trying to use sqlmap and sqlninja does tools did not work for
me, and I was spending more time trying to figure out how to make them
work (possibly due to the lack of expertise on those tools). I did not
find a

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Yiannis Koukouras (ikoukouras gmail com) (1 replies)
Re: Time based Blind SQL injection 2012-03-30
martin mngoma gmail com (1 replies)
Re: Time based Blind SQL injection 2012-03-30
Danux (danuxx gmail com)
Pentesting on databases? 2012-03-21
stayp0s (stayp0s sec gmail com) (4 replies)
Hi list,

I'm planning do a pen testing to ensure running databases(mysql,
postgreSQL, and so on) are secure.
Anyone has useful reference guidelines about that?

Thank you!

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Cert

[ more ]  [ reply ]
Re: Pentesting on databases? 2012-03-21
Danux (danuxx gmail com)
RE: Pentesting on databases? 2012-03-21
Ziots, Edward (EZiots Lifespan org)
Re: Pentesting on databases? 2012-03-21
Ramiro Caire (ramiro caire gmail com)
Re: Pentesting on databases? 2012-03-21
Eric Schultz (fire0088 gmail com) (2 replies)
RE: Pentesting on databases? 2012-03-21
Ziots, Edward (EZiots Lifespan org)
Re: Pentesting on databases? 2012-03-21
Ahmed S. Shibani (sheipani gmail com)
Time based Blind SQL injection 2012-03-13
Danux (danuxx gmail com) (1 replies)
Nothing new, just a different approach to automated the process of
blind injection based on time.

http://danuxx.blogspot.com/2012/03/time-based-blind-sql-injection.html

Hope you find it useful.

--
DanUx

------------------------------------------------------------------------

This list is sponso

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Yiannis Koukouras (ikoukouras gmail com)
Windows Credentials Editor (WCE) v1.3beta 32bit release 2012-03-09
Amplia Security Research (research ampliasecurity com) (1 replies)
WCE v1.3beta 32bit released.

Download link: http://www.ampliasecurity.com/research/wce_v1_3beta.tgz

Changelog:

version 1.3beta:
March 8, 2012
* Bug fixes
* Extended support to obtain NTLM hashes without code injection
* Added feature to dump login cleartext passwords stored by the Digest
Authenti

[ more ]  [ reply ]
Re: Windows Credentials Editor (WCE) v1.3beta 32bit release 2012-03-10
Jeffrey Walton (noloader gmail com)
[HITB-Announce] HITB2012AMS SIGINT - Call for Submissions 2012-03-08
Hafez Kamal (aphesz hackinthebox org)
This is a call for submissions for the HITB SIGINT sessions at
HITB2012AMS - The third annual HITB conference in Amsterdam taking place
at the Okura from the 21st - 25th of May.

The HITB SIGINT (Signal Intelligence/Interrupt) sessions are designed to
provide a quick 15 - 30 minute overview for mate

[ more ]  [ reply ]
(Page 6 of 637)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus