Penetration Testing Mode:
(Page 7 of 639)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
Re: web form filling bots 2012-06-28
TAS (p0wnsauc3 gmail com)
Burp Suite should help.



-----Original Message-----

From: Anwar Khan <anwarrhce (at) gmail (dot) com [email concealed]>

Sender: listbounce (at) securityfocus (dot) com [email concealed]

Date: Thu, 28 Jun 2012 21:47:51

To: <security-basics (at) securityfocus (dot) com [email concealed]>; <pen-test (at) securityfocus (dot) com [email concealed]>

Subject: web form f

[ more ]  [ reply ]
web form filling bots 2012-06-28
Anwar Khan (anwarrhce gmail com)
Dear All,

Can anyone please suggest any web form filling tool, which automate
the form filling process and write bogus entries.
I have a website which i want to test against this, i just want to see
how things work without capthca, if i rely on POST and Connect.

Please suggest any tool or script.

[ more ]  [ reply ]
[Tool update] UCSniff 3.20 is released 2012-06-19
Mostyn, William Thomas \(Tom\) (tmostyn viperlab net)
UCSniff 3.20 IP Video sniffer is released

* Added support for Ubuntu 12.04
* Realtime Video monitoring using latest libvlc library (2.0.1 - Twoflower)
* Support for iSAC audio codec from Google's WebRTC
* Added support for Cisco 9971

[ more ]  [ reply ]
was SharePoint Audit Bruteforce 2012-06-10
Jerome Athias (athiasjerome gmail com)


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test.

[ more ]  [ reply ]
Scanner & BaseLine Report Diff? 2012-06-07
D G (dege sv gmail com) (1 replies)
Hi guys!

I am looking for a product/solution that can help me with an external
IP/Resource scan for ports, vulnerabilities and resource
identification. I don't really have the time to make it in Python with
Nmap etc. I need a solid product that I don't have to maintain.

The big trick is to get thi

[ more ]  [ reply ]
Re: Scanner & BaseLine Report Diff? 2012-06-09
Anthony Cicalla (anthony cicalla gmail com) (3 replies)
Re: Scanner & BaseLine Report Diff? 2012-06-18
Adrián Puente Z. (seclists hackarandas com)
Re: Scanner & BaseLine Report Diff? 2012-06-10
Jerome Athias (athiasjerome gmail com)
FW: Scanner & BaseLine Report Diff? 2012-06-09
Hardy Mansen (Hardy Mansen UNIBET com)
EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15 2012-06-05
Dragos Ruiu (dr kyx net)
EUSecWest 2012, Amsterdam, September 19/20, Featuring Mobile PWN2OWN
CALL FOR PAPERS - Deadline June 15 2012

   AMSTERDAM, Nederland -- The seventh annual EUSecWest
   applied technical security conference - where the eminent
   figures in the international security industry get
   together share b

[ more ]  [ reply ]
Re: Info about attack trees 2012-05-25
Federico De Meo (demeof gmail com)
Thank you very much. You give me some interesting starting points.
Hope this can lead me to something :)

I have a question about the "Exploiting software" book. I made a search and
found on amazon "Exploiting software how to break code" by Greg Hoglund and Gary McGraw
is it the correct one? I would

[ more ]  [ reply ]
Re: Securing Citrix 2012-05-25
Paul Craig (paul ha cked net)
Ok, as a pen-tester who has spent a fair amount of time breaking
Citrix, and as the author of iKAT (which seems to always get used to
break Citrix), i thought it would only be fair to offer my 10cents,
and suggestions for securing Citrix.

Securing Citrix installations really comes down to defense

[ more ]  [ reply ]
Info about attack trees 2012-05-24
Federico De Meo (demeof gmail com) (1 replies)
Hellp everybody, I'm new to this malinglist and to pen-testing.
I'm here to learn and I'm starting with a question :)

I'm looking for some informations about attack trees usage in web application analysis.

For my master thesis I decided to study the usage of this formalism in order to reppresent a

[ more ]  [ reply ]
Re: Info about attack trees 2012-05-28
Yiannis Koukouras (ikoukouras gmail com)
Re: Securing Citrix 2012-05-23
Marco Ivaldi (raptor mediaservice net) (1 replies)

On Wed, 16 May 2012, utf-8?Q? Adri=C3=A1n_Puente_Z. ?= wrote:

> Hi everyone!
> I am looking for a good reference to secure a Citrix server to avoid a user
> to gain acces to the operating system. So far I have some ideas like
> restricting the execution of the cmd.exe and (maybe) expl

[ more ]  [ reply ]
FW: Securing Citrix 2012-05-25
Ross Dawson (ross ramraidersoftware com)
Securing Citrix 2012-05-16
Adrián Puente Z. (seclists hackarandas com)
Hi everyone!

I am looking for a good reference to secure a Citrix server to avoid a user to gain acces to the operating system. So far I have some ideas like restricting the execution of the cmd.exe and (maybe) explorer.exe from with a group policy in the domain.

If you know about any document I

[ more ]  [ reply ]
sslcaudit 1.0 released 2012-05-11
Alexandre Bezroutchko (abb gremwell com)

I would like to announce the release of sslcaudit 1.0.

The goal of sslcaudit project is to develop a utility to automate
testing SSL/TLS clients for
resistance against MITM attacks. It is useful for testing thick clients,
mobile applications,
appliances, pretty much anything communicating

[ more ]  [ reply ]
Question of Likelihood 2012-05-14
Pen Testar (pentestar ymail com) (2 replies)
I'm testing an app with sensitive information that is full of holes. Reflected and persisted XSS, CRSF, various injection attacksâ?¦ you name it.

You also have a bunch of vulns that arenâ??t typically of high likelihood, but in the presence of the other vulns above (Iâ??ll call them the â??enabli

[ more ]  [ reply ]
Re: Question of Likelihood 2012-05-16
Pete Herzog (lists isecom org)
Re: Question of Likelihood 2012-05-14
Justin Rogosky (jrogosky gmail com)
t2'12: Call for Papers 2012 (Helsinki / Finland) 2012-05-11
Tomi Tuominen (tomi tuominen t2 fi)
Hash: SHA1

# t2'12 - Call For Papers #
Helsinki, Finland
October 25 - 26, 2012

We are pleased to announce the annual t2'12 infosec conference, which
will take place in Helsinki, Finland, from October 25

[ more ]  [ reply ]
A survey on web application attacks 2012-05-10
Hannes Holm (Hannes Holm ics kth se)
Hi pen-test subscribers,

I am researching the domain consensus regarding the effectiveness of different web application firewalls (WAF)s and would be glad if you could spare a few minutes of your time to answer a survey on the topic.

By completing this survey you will:

  * Help build valuable do

[ more ]  [ reply ]
Announce: Italian Hacker Game Cracca al Tesoro - Crack A Treasure 2012-05-03
Aspy (aspy solution it)
It is the 6 th edition of the game.

It 's very much like a treasure hunt but more... hight tech!
The team need to find five hidden access point within a city, crack
them, then find the servers behind them, hack them to find clues to
the next target ...

Next date: Genoa, Italy, May 12
Joining is

[ more ]  [ reply ]
nullcon Delhi 2012 Call for Paper/Call for Event 2012-05-02
nullcon (nullcon nullcon net)
Hi All,

For the very first time nullcon now comes to Delhi - to showcase cutting
edge security technologies and discuss new attack vectors and security
threats among the  Corporate world and the Government sector. The event
brings together thought leaders,Corporates, Government and security

[ more ]  [ reply ]
xSQL Scanner 1.6 - Released 2012-04-30
Rodrigo Matuck (rodrigomatuck globo com)


New version of xSQL Scanner is available with following features:

- PostgreSQL support added;
- SQL PortScan updated;
- Exceptions fixed;
- Progressbar bug fixed;
- MSSQL 7 DoS module added.
- MSSQL Empty password exploit module added.
- Session support added
- Visual modified
- Minor

[ more ]  [ reply ]
[Tool update] VoIP Hopper 2.04 released 2012-04-29
Jason Ostrom (justiceguy pobox com)
VoIP Hopper 2.04 security tool is released:

New Avaya, Alcatel-Lucent, and LLDP-MED spoofing support. Thanks to Nicolas Roux of France for his Alcatel source contribution and debugging help. The Alcatel support has only been partially tested on a production netw

[ more ]  [ reply ]
Anti-fingerprinting techniques 2012-04-25
cr0hn (dani madesyp com)
Hello everybody!

I just released the slides of a course about anti-fingerprinting
techniques. The course talking about:
? A brief introduction of FreeBSD.
? How fingerprinting works.
? How defeat the fingerprinting test.
? Practical examples for evade the test for some services:
+ Web server.

[ more ]  [ reply ]
[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) 2012-04-23
Hafez Kamal (aphesz hackinthebox org)
The 8th issue of the HITB Quarterly Magazine is now available for download!

This edition is a little bit 'lighter' than previous issues as the
editorial team is busy working on an extra special release for our 10th
year anniversary conference in October, HITBSecConf2012 -

[ more ]  [ reply ]
[New tool] - Exploit Pack - Web Security 2012-04-23
noreply (at) exploitpack (dot) com [email concealed] (noreply exploitpack com)
Exploit Pack - Web Security Edition

This tool allows you to take control of remote browsers, steal social
network credentials, obtain persistence on it, DDoS and more.

Main features:
- Hacking of Gmail, Yahoo, Facebook, Live, Linkedin
- Session pers

[ more ]  [ reply ]
(Page 7 of 639)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


Privacy Statement
Copyright 2010, SecurityFocus