Apologies for multiple copies of this announcement.

14th International Symposium on Recent Advances in Intrusion Detection
(RAID'2011)

September 20-21, 2011
SRI International, Menlo Park, CA
http://www.raid2011.org

Call for Participation

==========================================================

[ more ]  [ reply ]

Dear Penetration Testers,

I am looking for advice of an experienced penetration testers
regarding the certification path to choose. My goal and reason in
taking a certification exam is not a certification by itself but the
opportunity to learn from preparation materials, fill the gaps in
skill set

[ more ]  [ reply ]

What's the errors?

Sent from my Samsung smartphone on AT&T

macubergeek <macubergeek (at) comcast (dot) net [email concealed]> wrote:

>I'm having issues compiling some exploit code under Visual Studio Express 2010, particularly kicking up syntax errors. I first suspected that this was "lamer" code with deliberately inserted

[ more ]  [ reply ]

I'm having issues compiling some exploit code under Visual Studio Express 2010, particularly kicking up syntax errors. I first suspected that this was "lamer" code with deliberately inserted syntax errors, but I now suspect I'm having compiler compatibility issues.
Original coder indicated in the so

[ more ]  [ reply ]

Hi

May I ask - does there exist a (if at all possible - free) vulnerability
scanner specific to smartphones, namely blackberries/iPhones (various
models/versions of each)?

Aside from encryption on the device itself, if you have audited or pen
tested for a client their smartphone/smartphone infras

[ more ]  [ reply ]

Hi guys,

I'm doing a pentest on a friends website that he made for coursework at uni
and i've come to a stop. I've gained access to an administrator account and
have access to a file upload facility which allows me to upload a php file
as there are no checks on the file type but the php file goes

[ more ]  [ reply ]

NfSpy is a FUSE filesystem written in Python that automatically changes
UID and GID to give you full access to any file on an NFS share. Use it
to mount an NFS export and act as the owner of every file and directory.

Other features:
* Use filehandles from packet captures instead of asking mountd.

[ more ]  [ reply ]

Dear all,

This is to announce release of winAUTOPWN version 2.7
This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well.

This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), -
mailFROM (smtpsender) an

[ more ]  [ reply ]

Hi,

Those of you in the position of getting non-sec people to understand
what they're doing wrong in security might find this article useful:

The ABZs of Cybersecurity

<If we want people to be safer with their information we can't go the
"just say no" route since people just won't do that. Abst

[ more ]  [ reply ]

So this is an opinion/poll/question piece by cktricky. By posting to
both the websecurity and pentest list hopefully there will be a good
discussion on all sides:

http://www.novainfosecportal.com/2011/07/07/netsec-breaking-apps-better-
than-appsec/

--
Rob Fuller | Mubix
Certified Checkbox Unchecker

[ more ]  [ reply ]

Hi guys,

This is just to let you know that there's a new version of Arachni.

Arachni is a high-performance (Open Source) Web Application Security
Scanner Framework written in Ruby.

The main focus of this release has been on bug-fixing and implementing a
few feature requests.

Details at: http:/

[ more ]  [ reply ]

The current security model is crazy. And the current crazy testing
methods actually make it look like it's not. I think that's why so
many people fail to see how broken the current consumer-ready security
model is. Look at the current attacks and how security companies, even
HUGE ones with their

[ more ]  [ reply ]