Penetration Testing Mode:
(Page 7 of 639)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
winAUTOPWN v3.2 Released 2012-10-03
QUAKER DOOMER (quakerdoomer inbox lv)
Dear all,

This is to announce release of winAUTOPWN version 3.2

A complete list of all Exploits in winAUTOPWN is available inside MISC\CHANGELOG.TXT
A complete list of User Interface changes is available in MISC\UI_CHANGES.txt

BSDAUTOPWN has been compiled, like always for various flavour

[ more ]  [ reply ]
Arachni v0.4.1 has been released (Open Source Web Application Security Scanner Framework) 2012-10-03
Tasos Laskos (tasos laskos gmail com)
Hey folks,

This is just to let you know that there's a new version of Arachni.

Arachni is a modular and high-performance (Open Source) Web Application
Security Scanner Framework written in Ruby.

The change-log is quite sizable but the gist is:
* License change, Apache License v2.
* Additio

[ more ]  [ reply ]
[Onapsis Research Labs] New Onapsis Bizploit release 2012-09-27
Onapsis Research Labs (research onapsis com)
Hash: SHA1

Dear colleague,

We?re happy to announce the release of a new version of Onapsis Bizploit - the open-source ERP Penetration Testing framework.
Bizploit is a free command-line application to perform proof-of-concept penetration tests of the technical lay

[ more ]  [ reply ]
MagicTree 1.2 released 2012-09-27
Alla Bezroutchko (alla gremwell com)
MagicTree 1.2 is released and available for download at

MagicTree is data management tool for penetration testers. It allows
bringing together data from different sources, analyzing and re-using it
and generating custom reports.

New features in this release:


[ more ]  [ reply ]
Fuzzing Like A Boss with Pythonect 2012-09-17
Itzik Kotler (xorninja gmail com)
Hi All,

I wanted to share with you a post I wrote about how to fuzz with Pythonect:

Pythonect is a new, experimental, general-purpose dataflow programming
language based on Python.

It aims to combine the intuitive feel of shel

[ more ]  [ reply ]
[Onapsis Research Labs] New SAP Security In-Depth issue: "Securing the Gate to the Kingdom: Auditing the SAProuter" 2012-09-13
Onapsis Research Labs (research onapsis com)
Hash: SHA1

Dear colleague,

We are happy to announce a new issue of the Onapsis SAP Security In-Depth publication.

SAP Security In-Depth is a free publication led by the Onapsis Research Labs with the purpose of providing specialized information about the current

[ more ]  [ reply ]
[Rooted CON 2013] CFP starts! 2012-09-05
Román Ramírez (rramirez rootedcon es) (1 replies)
Hash: SHA1

Hello all,

Here you've attached all the necessary information for any potential
speakers willing to have a talk at Rooted CON 2013.

Kind regards to all and thanks in advance

______ _ _ ____ ___ _ _
/ / _ \ ___ ___

[ more ]  [ reply ]
Hack3rCon 2012-09-14
Justin Rogosky (jrogosky gmail com)
nullcon Goa 2013 Call For Papers/Events 2012-09-05
nullcon (nullcon nullcon net)

Hello! Aloha! Namaskar! Ni Hau! Guten Tag! Privet! Salam-wale-kum!
Hej! Ahoj! Bonjour! Terve! Ciao! Konnichiva! Selamat! Barev! Jum Reap
Sour! Selamat! ahnnyeong ha se yo! Salvete! Moien! Selamat datang!
Bonswa! sain baina uu! K

[ more ]  [ reply ]
WebApp Pentest: Tool-Chain / Best Practice 2012-08-27
André Schaller (an schall googlemail com)
Hey there,

I know there are a lot of guidelines on how to perform a decent web
application pentest (like the owasp guide). However, most of these
documents give recommendations regarding the things that need to be
investigated and the tools to use at which stage in the process.
From a business poin

[ more ]  [ reply ]
OISSG 2012-08-23
sagat boxnotes net
Anyone know what happened to the project OISSG?

I can not access the site a few days ago already.

Att ..



This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and

[ more ]  [ reply ]
iKAT 2012 Release - Interactive Kiosk Attack Tool 2012-08-12
Paul Craig (paul ha cked net)
iKAT 2012 - Interactive Kiosk Attack Tool
Beating Heart Edition

It is with great pleasure that i would like to release this years
edition of iKAT - The Interactive Kiosk Attack Tool.


[ more ]  [ reply ]
[HITB-Announce] HITB Magazine Issue 009 - Call for Submissions 2012-08-09
Hafez Kamal (aphesz hackinthebox org)
This is a call for article submissions for Issue 009 of HITB's quarterly
magazine - which will be released alongside
#HITB2012KUL - The 10 year anniversary of the HITB Security Conference
series in Malaysia.

HITB Magazine is a deep-knowledge technical publication and we ar

[ more ]  [ reply ]
ZeroNights 2012 in Russia. CFP Now Open! 2012-07-31
Alexey GreenDog Tyurin (agrrrdog gmail com)
ZeroNights 2012, 19-20 November, Moscow, Russia (

Call for papers //

If you wish to share your experience, knowledge and skills, it is
easy: send us the description of your paper and the desired
presentation format. Our program committee (https

[ more ]  [ reply ]
Stealing Wireless Password with fake ap 2012-07-19
Mat TimeofWheel (matanddie gmail com) (1 replies)
Hi everyone;

I have an interesting (at least for me) question.

ESSID of my real AP is test
BSSID of my real AP: 1F:X:X:X:X:X
Password of my real AP: 12345678 (WPA2)

I have created a fake AP with ESSID test and BSSID 1F:X:X:X:X:X

1. From my netbook, i first connected to my real AP and i can c

[ more ]  [ reply ]
Re: Stealing Wireless Password with fake ap 2012-07-19
Nathan V (nathan v gmail com)
confidentiality agreement 2012-07-10
Daniel Calvo Castro (daniel calvo kernelsecurity es) (1 replies)
Hi all list,

I would ask to pentesters if someone could send me or point me to get
a good Spanish confidentiality agreement model between the parties,
client and company to perform a pentest.

Thanks in advance,

Cheers !



[ more ]  [ reply ]
Re: confidentiality agreement 2012-07-11
Juan F. Campos - (jfcampos computalleres com)
Malicious Code Execution in PCI Expansion ROM 2012-07-02
Adam Behnke (adam infosecinstitute com)
The malicious code in x86/x64 firmware can potentially reside in many
places. One of them is in the PCI expansion ROM. In the past, the small
amount of memory during PCI expansion ROM execution acted as a hindrance to
malicious code. The limited space for code and data limited the possible
tasks tha

[ more ]  [ reply ]
Reconfiguring cmdshell 2012-06-30
Smiling Buddha (smilngbuddha gmail com) (2 replies)

I am on a pentest assignment and have encountered an sql injection
vulnerability with an SQL Server 2005 in the background, complete with
dbo level access. I have successfully retrieved DB values and have
already presented as evidence. Now, i am directed to take the attack
to the next level and

[ more ]  [ reply ]
Re: Reconfiguring cmdshell 2012-07-02
Yiannis Koukouras (ikoukouras gmail com)
Re: Reconfiguring cmdshell 2012-07-01
596 (infosecurity email gmail com)
AW: (In)Secure Citrix Configs 2012-06-29
!s3grim (persephane gmx eu)
Hi Lefteris,

this is an amazing, a nice bunch of links. Seems I'll have some nice reading
time and some cups of coffee to get through all of them.
Thanks alot, to you and also to all other, too.



Von: lefteris panos [mailto:lefterispanos (at) gmail (dot) com [email concealed]]

[ more ]  [ reply ]
RE: web form filling bots 2012-06-28
Sandeep Cheema (51l3n7 live in)
Here you go


-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of Rob
Sent: Thursday, June 28, 2012 10:22 PM
To: Anwar Khan; listbounce (at) securityfocus (dot) com [email concealed];

[ more ]  [ reply ]
(In)Secure Citrix Configs 2012-06-28
!s3grim (persephane gmx eu) (1 replies)
Hi guys,

does anyone know any ressources about the security of citrix environments?
Anything like the basic security model, like configuration places and usual
Maybe there is also a hardening guide or something about config caveats?

I'd appreciate any useful information.


[ more ]  [ reply ]
Re: (In)Secure Citrix Configs 2012-06-29
Ryan Graves (rgraves22 gmail com) (1 replies)
Re: (In)Secure Citrix Configs 2012-06-29
Ivan .Heca (ivanhec gmail com)
Re: web form filling bots 2012-06-28
TAS (p0wnsauc3 gmail com)
Burp Suite should help.



-----Original Message-----

From: Anwar Khan <anwarrhce (at) gmail (dot) com [email concealed]>

Sender: listbounce (at) securityfocus (dot) com [email concealed]

Date: Thu, 28 Jun 2012 21:47:51

To: <security-basics (at) securityfocus (dot) com [email concealed]>; <pen-test (at) securityfocus (dot) com [email concealed]>

Subject: web form f

[ more ]  [ reply ]
web form filling bots 2012-06-28
Anwar Khan (anwarrhce gmail com)
Dear All,

Can anyone please suggest any web form filling tool, which automate
the form filling process and write bogus entries.
I have a website which i want to test against this, i just want to see
how things work without capthca, if i rely on POST and Connect.

Please suggest any tool or script.

[ more ]  [ reply ]
[Tool update] UCSniff 3.20 is released 2012-06-19
Mostyn, William Thomas \(Tom\) (tmostyn viperlab net)
UCSniff 3.20 IP Video sniffer is released

* Added support for Ubuntu 12.04
* Realtime Video monitoring using latest libvlc library (2.0.1 - Twoflower)
* Support for iSAC audio codec from Google's WebRTC
* Added support for Cisco 9971

[ more ]  [ reply ]
(Page 7 of 639)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


Privacy Statement
Copyright 2010, SecurityFocus