Penetration Testing Mode:
(Page 3 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[TOOL] TOPERA v2 released 2013-05-07
cr0hn (cr0hn cr0hn com)
Hi everybody,

We just released TOPERA v2:

TOPERA is a new security tool for IPv6, with the particularity that their attacks can't be detected by Snort.

This new version of TOPERA include these improvements:

1 - Slow HTTP attacks (Slowloris over IPv6).
2 - Improved TCP port scanner.

New pr

[ more ]  [ reply ]
[HITB-Announce] #HITB2013KUL Call for Papers 2013-05-01
Hafez Kamal (aphesz hackinthebox org)
Hi everyone - This is a Call for Papers for the 11th annual HITB
Security Conference in Malaysia, #HITB2013KUL which takes place on the
16th and 17th of October in Kuala Lumpur.

Keynote speakers for the conference will be Joe Sullivan (Chief Security
Officer, Facebook) and Andy Ellis (Chief Securit

[ more ]  [ reply ]
Breakpoint 2013 Call For Papers 2013-04-30
cfp ruxcon org au
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from

[ more ]  [ reply ]
Arachni v0.4.2 has been released (Open Source Web Application Security Scanner Framework) 2013-04-29
Tasos Laskos (tasos laskos gmail com)
Hey folks,

This is just to let you know that there's a new version of Arachni.

Arachni is a modular and high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

The change-log is quite sizeable but the gist is:
* Brand new web interface -- allowing for team co

[ more ]  [ reply ]
TXDNS v2.4 released 2013-04-16
Arley Silveira (arleybls hotmail com)
TXDNS v 2.4 is out and available to download from
http://txdns.net/
 
This new version adds support for reverse grinding.

Ex:  
     txdns -r 10-20.1.60-70.1-254,192.168.15.0/24 

Cheers
Arley Silveira.
------------------------------------------------------------------------

This list i

[ more ]  [ reply ]
A survey on qunatifying severity of vulnerabilities in softwares 2013-04-17
Khalid Khan Afridi (khaf2732 student su se)
Hello!

I am currently performing my master thesis on the topic of quantifying the
severity of
software vulnerabilities.

As you have done significant work in this area, I would be glad if you
could spare a few
minutes of your time to answer a survey on the topic. It should not
require more than 1

[ more ]  [ reply ]
Hackersh 0.1 Release Announcement 2013-04-03
Itzik Kotler (xorninja gmail com)
Hi All,

I am pleased to announce the first version of Hackersh
(http://www.hackersh.org).

Hackersh ("Hacker Shell") is a free and open source shell (command
interpreter) written in Python with built-in security commands, and
out-of-the-box wrappers for various security tools, using Pythonect as
it

[ more ]  [ reply ]
NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France 2013-02-25
Jonathan Brossard (endrazine gmail com)
************************************************************************
*******

PARENTAL ADVISORY: 100% technical content
************************************************************************
*******

+--------------------------------------------------------------+
=

[ more ]  [ reply ]
Oracle Application Express / Password hashes 2013-02-20
Guillaume Lopes (isec gls gmail com) (1 replies)
Hello all,

I have to crack password hashes from an Oracle application (APEX). The
version is APEX 4.0.

I have found documentation saying that password hashes are the
concatenation of the username, the password and the security groupd id
since APEX 3.0.

Do you know a tool or another way to retriev

[ more ]  [ reply ]
Re: Oracle Application Express / Password hashes 2013-02-20
Per Thorsheim (per thorsheim net)
Choosing an Independent Penetration Testing Firm 2013-02-07
Remi Broemeling (remi broemeling org) (4 replies)
Hi all,

I'm currently in the process of sizing up/comparing various
Penetration Testing firms, and am having a bit of trouble finding
distinguishing characteristics between them. I've looked at a fair
few, but they all seem to offer very similar services with little to
recommend one over another.

[ more ]  [ reply ]
Re: Choosing an Independent Penetration Testing Firm 2013-02-07
Eric Schultz (fire0088 gmail com)
Re: Choosing an Independent Penetration Testing Firm 2013-02-07
Owen Connolly (ojconnolly gmail com)
Re: Choosing an Independent Penetration Testing Firm 2013-02-07
Anders Thulin (anders thulin sentor se)
Re: Choosing an Independent Penetration Testing Firm 2013-02-07
Justin Rogosky (jrogosky gmail com) (1 replies)
Re: Choosing an Independent Penetration Testing Firm 2013-02-07
Sergey Soldatov (votadlos gmail com)
OWASP Zed Attack Proxy 2.0.0 2013-01-30
psiinon (psiinon gmail com)
Hi folks,

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.

It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to p

[ more ]  [ reply ]
[HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb 2013-01-22
Hafez Kamal (aphesz hackinthebox org)
Happy belated 2013 everyone! This is a gentle reminder that the The
Call for Papers for #HITB2013AMS (the fourth annual HITBSecConf in
Amsterdam) closes on the 8th of February. We're looking for talks that
are highly technical, but most importantly, material which is new and
cutting edge. In short,

[ more ]  [ reply ]
SAP ERP Audits 2013-01-08
cribbar (crib bar hotmail co uk)

If any of you utilise SAP ERP (ECC6 specifically) applications in your
network, or if you have come up against them in your external assessments,
are there any common vulnerabilities you come across which you could detail
or would recommend looking ojut for? Also to check for weak or default
passwo

[ more ]  [ reply ]
ShakaCon 2013 - Call for Papers 2013-01-02
Shakacon (info shakacon org)
----++++++++++++++++++++++++++++++++++++----
Shakacon IV - Honolulu Hawaii

"Sun, Surf, and C Shells"

CALL FOR PAPERS

www.shakacon.org/2013CFP.html
----++++++++++++++++++++++++++++++++++++----

Who: Shakacon Crew
What: Shakacon IV
When: June 25-28 2013
Where: Paradise -

[ more ]  [ reply ]
[TOOL] Topera: invisible IPv6 scanner to Snort 2012-12-09
cr0hn (dani madesyp com)
Hello,

We have just released, and uploaded to google code, the tool "Topera". It is a tool that Rafa Sanchez and me (cr0hn) present at security II conferences "Navaja Negra" ("Black Knife" in english) in Albacete, Spain.

The peculiarity of "Topera" is that it is capable to do IPv6 scanning that ar

[ more ]  [ reply ]
Fwd: winAUTOPWN v3.2 Released 2012-12-04
QUAKER DOOMER (quakerdoomer inbox lv)
Dear all,

This is to announce release of winAUTOPWN version 3.3

++++++++++++++++++++
About winAUTOPWN:

winAUTOPWN is an auto (hacking) shell gaining tool. It can also be used to test IDS, IPS and other monitoring
sensors/softwares.Autohack your targets - even if you have consumed and holding

[ more ]  [ reply ]
Re: nmap in Virtualbox weirdness 2012-11-10
Andy Meyers (andy meyers hushmail com)
What are the specs on your host machine? I'm thinking it may be a resource problem.

Bog Witch <iambogwitch (at) gmail (dot) com [email concealed]> wrote:

>Hi All,
>
>The setup:
>Host: Ubuntu 12.04 / 12.10
>Virtualbox Guest: Ubuntu 12.04 / 12.10
>
>The issue:
>
>From the guest OS, running nmap with anything greater than T2, t

[ more ]  [ reply ]
nmap in Virtualbox weirdness 2012-11-10
Bog Witch (iambogwitch gmail com) (1 replies)
Hi All,

The setup:
Host: Ubuntu 12.04 / 12.10
Virtualbox Guest: Ubuntu 12.04 / 12.10

The issue:

From the guest OS, running nmap with anything greater than T2, the NIC
becomes 'stuck' a simultaneous ping of a local box will start
reporting 'Destination host unreachable'
If the nmap scan is set abo

[ more ]  [ reply ]
Re: nmap in Virtualbox weirdness 2012-11-10
Jon Kibler (jon r kibler gmail com)
TXDNS v2.2.1 released 2012-11-05
Arley Silveira (arleybls hotmail com)
TXDNS v 2.2.1 is out and available to download from
http://txdns.net/
 
Some new features:
 
* You can now rotate country code second level domains (ccSLD) along with TLDs:
  --inc-sld;
 
* You can now indicate a start point to the brute force algorithm:
  --start-at xyz;
 
* Option to force resolve

[ more ]  [ reply ]
[HITB-Announce] #HITB2013AMS Call For Papers Now Open 2012-11-05
Hafez Kamal (aphesz hackinthebox org)
The Call for Papers for the fourth annual HITBSecConf in Europe is now
open! Taking place on the 8th till 11th of April at the Okura Hotel, Amsterdam, #HITB2013AMS will be a triple track conference (with HITB Labs) and features keynotes by Eddie Schwartz, Chief Information Security Officer at RSA an

[ more ]  [ reply ]
Burp Suite Free Edition v1.5 released 2012-11-02
PortSwigger support (support portswigger net)
Burp Suite Free Edition v1.5 is now available to download from
http://portswigger.net/

This is a significant upgrade with a wealth of new features added since
v1.4, most notably:

* Completely new user interface with numerous usability enhancements.

* Several new Proxy listener options, to deal wi

[ more ]  [ reply ]
Bypassing WAF via HTTP Pollution 2012-10-03
Danux (danuxx gmail com)
By playing CSAW CTF you always learn something new (at least myself).

Hope you enjoy it:

http://danuxx.blogspot.com/2012/10/bypassing-waf-via-http-parameter.html

--
DanUx

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Ce

[ more ]  [ reply ]
winAUTOPWN v3.2 Released 2012-10-03
QUAKER DOOMER (quakerdoomer inbox lv)
Dear all,

This is to announce release of winAUTOPWN version 3.2

A complete list of all Exploits in winAUTOPWN is available inside MISC\CHANGELOG.TXT
A complete list of User Interface changes is available in MISC\UI_CHANGES.txt

BSDAUTOPWN has been compiled, like always for various flavour

[ more ]  [ reply ]
(Page 3 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus