Penetration Testing Mode:
(Page 6 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
how to calculate hmac for esp packet? 2012-04-04
Jun Yin (hansyin gmail com)
Hi, I'm trying to craft a esp packet for ipsec test, I try to use
python to create the hmac, I tried this:

>>> key1="11111111111111111111111111111111"
>>> msg="000001340000000b46e66a9853b58a94492be70c535a72d5994c3fe54a7c69e6a43
3c5a1a24b2c207e28f240b6d51e7b8711daa2b2ec39461dfa246ae23265fcd3c20f4bb1d

[ more ]  [ reply ]
Medusa 2.1 Release 2012-04-03
jmk (jmk foofus net)
Fellow Pen-Testers:

Medusa 2.1 is now available for public download.

http://www.foofus.net/?page_id=51
http://www.foofus.net/jmk/tools/medusa-2.1.tar.gz

This release does not introduce any major changes to the core of the
application. However, it does include two years worth of bug-fixes
through

[ more ]  [ reply ]
Hacking AutoUpdate by Injecting Fake Updates 2012-04-03
Adam Behnke (adam infosecinstitute com)
We all know that hackers are constantly trying to steal private information
by getting into the victim's system, either by exploiting the software
installed in the system or by some other means. By performing routine
updates for their software, consumers can protect themselves, patching known
vulner

[ more ]  [ reply ]
Windows Credentials Editor (WCE) v1.3beta 64bit release 2012-03-29
Amplia Security Research (research ampliasecurity com)
WCE (Windows Credentials Editor) v1.3beta 64bit released.

Download link: http://www.ampliasecurity.com/research/wce_v1_3beta_x64.tgz

Additional information:
http://www.ampliasecurity.com/research/wcefaq.html

------------------------------------------------------------------------

This list is s

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Danux (danuxx gmail com) (1 replies)
Hi Yiannis,

The intent was to share a script as a result of a pen-test, since when
I was trying to use sqlmap and sqlninja does tools did not work for
me, and I was spending more time trying to figure out how to make them
work (possibly due to the lack of expertise on those tools). I did not
find a

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Yiannis Koukouras (ikoukouras gmail com) (1 replies)
Re: Time based Blind SQL injection 2012-03-30
martin mngoma gmail com (1 replies)
Re: Time based Blind SQL injection 2012-03-30
Danux (danuxx gmail com)
Pentesting on databases? 2012-03-21
stayp0s (stayp0s sec gmail com) (4 replies)
Hi list,

I'm planning do a pen testing to ensure running databases(mysql,
postgreSQL, and so on) are secure.
Anyone has useful reference guidelines about that?

Thank you!

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Cert

[ more ]  [ reply ]
Re: Pentesting on databases? 2012-03-21
Danux (danuxx gmail com)
RE: Pentesting on databases? 2012-03-21
Ziots, Edward (EZiots Lifespan org)
Re: Pentesting on databases? 2012-03-21
Ramiro Caire (ramiro caire gmail com)
Re: Pentesting on databases? 2012-03-21
Eric Schultz (fire0088 gmail com) (2 replies)
RE: Pentesting on databases? 2012-03-21
Ziots, Edward (EZiots Lifespan org)
Re: Pentesting on databases? 2012-03-21
Ahmed S. Shibani (sheipani gmail com)
Time based Blind SQL injection 2012-03-13
Danux (danuxx gmail com) (1 replies)
Nothing new, just a different approach to automated the process of
blind injection based on time.

http://danuxx.blogspot.com/2012/03/time-based-blind-sql-injection.html

Hope you find it useful.

--
DanUx

------------------------------------------------------------------------

This list is sponso

[ more ]  [ reply ]
Re: Time based Blind SQL injection 2012-03-29
Yiannis Koukouras (ikoukouras gmail com)
Windows Credentials Editor (WCE) v1.3beta 32bit release 2012-03-09
Amplia Security Research (research ampliasecurity com) (1 replies)
WCE v1.3beta 32bit released.

Download link: http://www.ampliasecurity.com/research/wce_v1_3beta.tgz

Changelog:

version 1.3beta:
March 8, 2012
* Bug fixes
* Extended support to obtain NTLM hashes without code injection
* Added feature to dump login cleartext passwords stored by the Digest
Authenti

[ more ]  [ reply ]
Re: Windows Credentials Editor (WCE) v1.3beta 32bit release 2012-03-10
Jeffrey Walton (noloader gmail com)
[HITB-Announce] HITB2012AMS SIGINT - Call for Submissions 2012-03-08
Hafez Kamal (aphesz hackinthebox org)
This is a call for submissions for the HITB SIGINT sessions at
HITB2012AMS - The third annual HITB conference in Amsterdam taking place
at the Okura from the 21st - 25th of May.

The HITB SIGINT (Signal Intelligence/Interrupt) sessions are designed to
provide a quick 15 - 30 minute overview for mate

[ more ]  [ reply ]
What They Don't Teach You in "Thinking Like the Enemy" Classes 2012-03-06
Pete Herzog (lists isecom org)
For those of you who are interested in taking a security class that
promises to teach you ethical hacking and how to think like the enemy,
let me save you some time and money on what you will learn:

http://www.infosecisland.com/blogview/20607-What-They-Dont-Teach-You-in-
Thinking-Like-the-Enemy-Cl

[ more ]  [ reply ]
Cookie based SQL Injection 2012-03-06
Adam Behnke (adam infosecinstitute com)

All data sent by the browser to a Web application, if used in a SQL query, can be manipulated in order to inject SQL code: GET and POST parameters, cookies and other HTTP headers. Some of these values â??â??can be found in the environment variables. The GET and POST parameters are typically entered

[ more ]  [ reply ]
A survey on web application security 2012-03-01
Hannes Holm (Hannes Holm ics kth se) (1 replies)
Hi all,

I would like to invite you to participate in a survey investigating the effort required to discover web application input validation vulnerabilities given different scenarios - a topic that needs further exploration. This survey is carried out by a research group from the Royal Institute of

[ more ]  [ reply ]
SV: A survey on web application security 2012-03-18
Hannes Holm (Hannes Holm ics kth se)
(Page 6 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus