Penetration Testing Mode:
(Page 3 of 638)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Re: failure notice 2014-07-25
Nikola Milosevic (nikola milosevic86 gmail com)
Well I believe the right answer is nothing. If you publicly disclose it,
you are risking being sued.

It is ethically to disclose it to them, as you did it. However, company is
not liable of giving you price or even do anything about the vulnerability
(I guess until it is too late). They don't even

[ more ]  [ reply ]
How to deal with the company that doesn't react on providing them information about serious security vulnerability? 2014-07-23
MichaÅ? RybiÅ?ski (fishmanos79 gmail com) (1 replies)
Hi all,

I believe this is the best place to ask such question because I would
imagine that most of people reading this list have something to do
with discovering vulnerabilities and reporting them to parties

On the beginning of the January I have discovered some security flaw
which al

[ more ]  [ reply ]
Ruxcon 2014 Final Call For Presentations 2014-07-15
cfp ruxcon org au
Ruxcon 2014 Call For Presentations
Melbourne, Australia, October 11th-12th
CQ Function Centre

The Ruxcon team is pleased to announce the Final Call For Presentations for Ruxcon 2014.

This year the conference will take place over the weekend of the 11th and 12th of October

[ more ]  [ reply ]
SmartPentester 1.0 released 2014-06-27
Smart Splat (smartpentester gmail com)
Hi All,

SmartPentester 1.0 is now available,Its an SSH based Penetration
Testing Framework for system like Kali and Backtrack
It provides a GUI for well known tools like
nmap,hping,tcpdump,volatility,hydra and etc. Consisting of modules
Penetration testing,
Malware Analysis, Forensic Analysis, Cybe

[ more ]  [ reply ]
[HITB-Announce] #HITB2014KUL round 1 CFP submission deadline in < 1 week 2014-06-24
Hafez Kamal (aphesz hackinthebox org)
The deadline to submit your papers for the the 12th and FINAL HITB
Security Conference in Malaysia is just around the corner! Paper
selection will be done in two rounds:

ROUND 1 DEADLINE: 30th June 2014
FINAL DEADLINE: 31st July 2014

HITBSecConf2014 - Malaysia takes place at Intercontinental Kuala

[ more ]  [ reply ]
Embedded Device Security Conference 2014 // CFP 2014-06-10
Michael Eddington (meddington gmail com)
EDSC is an annual security conference focusing on embedded systems,
hardware, and anything behind the silicon curtain. Embedded systems
testing is a rapidly expanding area of the security industry and
staying current is important for engineers, researchers, and testers
alike. EDSC brings the top t

[ more ]  [ reply ]
t2'14: Call for Papers 2014 (Helsinki / Finland) 2014-05-19
Tomi Tuominen (tomi tuominen t2 fi)
# t2'14 - Call For Papers (Helsinki, Finland) - October 23 - 24, 2014

Do you feel like Las Vegas is too hot, Berlin too bohème, Miami too humid, Singapore too clean and Pattaya just totally confusing ? No worries! Helsinki will be the perfect match for you â?? guaranteed low temperature, high

[ more ]  [ reply ]
Ruxcon 2014 Call For Papers 2014-05-05
cfp ruxcon org au
Ruxcon 2014 Call For Presentations
Melbourne, Australia, October 11th-12th

The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2014.

This year the conference will take place over the weekend of the 11th and 12th
of October at the CQ Function Cent

[ more ]  [ reply ]
SpiderFoot 2.1.4 released 2014-04-28
Steve Micallef (steve binarypool com)
Hi all,

SpiderFoot 2.1.4 is now available, and will be the last enhancement
release on the 2.1 branch as I focus on 2.2. SpiderFoot is an open
source footprinting and intelligence gathering tool, written in Python
and runs on Linux, *BSD and Windows.

Since 2.1.0 was announced here in January, t

[ more ]  [ reply ]
OWASP ZAP 2.3.0 2014-04-10
psiinon (psiinon gmail com)
Hi folks,

OWASP ZAP 2.3.0 is now available :

Quick summary of the main changes:

* A ZAP 'lite' version in addition to the existing 'full' version
* View, intercept, manipulate, resend and fuzz client-side (browser) events
* Enhanced authenticat

[ more ]  [ reply ]
c0c0n 2014 | The cy0ps c0n - Call For Papers & Call For Workshops 2014-03-24
c0c0n International Information Security Conference (c0c0n is-ra org)

            ___        ___          ___   ___  __ _  _   
           / _ \      / _ \        |__ \ / _ \/_ | || | 
       ___| | | | ___| | | |_ __      ) | | | || | || |_
      / __| | | |/ __| | | | '_ \    / /| | | || |__   _|
     | (__| |_| |

[ more ]  [ reply ]
Shakacon 2014: Call for Papers - Deadline April 11th 2014-03-20
Shakacon (info shakacon org)
==<Apologies for the cross posting but hope to see everyone at the

Shakacon VI - Honolulu, Hawaii

"Sun, Surf, and C Shells"


[ more ]  [ reply ]
SAP post exploitation 2014-03-14
Brian Milliron (Brian ECRSecurity com)
Recently I ran across some vulnerable AIX SAP servers on a test and
managed to get admin access on the Web GUI. However, I know very little
about SAP and was unable to leverage SAP admin to get access to the
Oracle DB (it uses a separate credential store) or root on the OS.
Looking through all the

[ more ]  [ reply ]
IMAP STARTTLS sniff tool 2014-03-07
Bob Ezrin (bezrin gmx com)
Hi all.
We managed succesfully to sniff inside POP3S, SMTPS, IMAPS & HTTPS tunnels using:


iptables -t nat -A PREROUTING -p tcp --dport ORIGIN_PORT -j REDIRECT --to-port REDIRECT_PORT


to make man-in-the-middle.

[ more ]  [ reply ]
IMAP STARTTLS sniff tool 2014-03-07
Bob Ezrin (bezrin gmx com)
Hi all.
We managed succesfully to sniff inside POP3S, SMTPS, IMAPS & HTTPS tunnels using arpspoof, iptables & sslsplit to make
Now we want to sniff inside STARTTLS tunnels (specifically IMAP) but unfortunately sslsplit doesn't supports STARTTLS.
Is there/do you know another SSL/TLS tool su

[ more ]  [ reply ]
[Tool] GoLismero 2.0 beta 3 2014-02-13
cr0hn (cr0hn cr0hn com)
Hello everybody,

From GoLismero project, we pleased to announce the new beta release of GoLismero: GoLismero 2.0 beta 3.

GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans. The most importa

[ more ]  [ reply ]
Damn Vulnerable IOS App v1.0 launched 2014-02-04
Prateek Gianchandani (prateek searchingeye gmail com)
Hi All,

It gives me great pleasure to announce v1.0 of Damn Vulnerable IOS =


Damn Vulnerable IOS App (DVIA) is an IOS application that is damn =

vulnerable. Its main goal is to provide a platform to mobile security =

enthusiasts/professionals or stu

[ more ]  [ reply ]
How To Import Nmap XML Results Into Nessus 2014-01-27
Travis Lee (eelsivart gmail com)
In a typical assessment, an initial port scan is performed on the network
with Nmap to discover hosts and to find open ports and services. This would
be followed by a scan with Nessus to determine if those services contain any
known vulnerabilities.

However, in a standard Nessus scan, Nessus will p

[ more ]  [ reply ]
Internship with the National CCDC Red Team 2014-01-23
Rob Fuller (jd mubix gmail com)
This year's National CCDC is mixing it up a bit and leaving one spot
on the Red Team for an "intern". If you don't what CCDC is, it's the
"Collegiate Cyber Defense Competition". Basically school at the state,
regional, and national levels complete in a contest where they are
dropped into a corporate

[ more ]  [ reply ]
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16
Hafez Kamal (aphesz hackinthebox org)
This is the FINAL CALL to submit your research papers for the 5th annual
HITB Security Conference in Amsterdam (#HITB2014AMS) taking place at De
Beurs van Berlage from the 27th - 30th of May 2014.

Initial round of selected CFP submissions:


[ more ]  [ reply ]
[HITB-Announce] HITB Magazine Issue 10 Out Now 2014-01-07
Hafez Kamal (aphesz hackinthebox org)
Issue #10 is now available!

Hello readers and welcome to the somewhat overdue Issue 010 of HITB
Magazine. As they say, better late than never!

Since the last issue, we've also changed the HITB Security Conference
Call for Papers submission guidelines to now require speakers to submit
a research 'w

[ more ]  [ reply ]
SpiderFoot 2.1.0 released 2014-01-07
Steve Micallef (steve binarypool com)
Hi everyone,

SpiderFoot 2.1.0 is now available, a major update over 2.0.5 which was
released back in September.

Major improvements are as follows:

- Identifies sites co-hosted on IPs of your target.
- Checks whether your target, affiliates or co-hosts have a bad
reputation (PhishTank, Google Sa

[ more ]  [ reply ]
Arachni v0.4.6-0.4.3 has been released (Open Source Web Application Security Scanner Framework) 2014-01-01
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, an Open Source, modular and
high-performance Web Application Security Scanner Framework written in Ruby.

Brief list of changes:

* Massively decreased RAM consumption.
* Amount of performed requests cut down by 1/3 -- and thus 1/3 d

[ more ]  [ reply ]
Release: Faraday Penetration Test IDE 2013-12-16
Francisco Amato (famato infobytesec com)
We are happy to announce our first release of Faraday (beta), an open
source collaborative Penetration Test IDE console that uses the same
tools you use every day.

Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment

We built a plugin system, where all the I/O from the te

[ more ]  [ reply ]
ShmooCon Epilogue CFP / CFT 2013-12-10
Rob Fuller (jd mubix gmail com)
Location: 2214 Rock Hill Rd, Herndon, VA 20170
Date: Jan 20, 2014 (MLK day) - 10 AM to 10 PM
Cost: $10 per meal (Lunch/Dinner)
Info Page:

Yup, we're doing it again. ShmooCon Epilogue 2014 is a go! What is
ShmooCon Epilogue? I

[ more ]  [ reply ] 2013-12-01
Rob Fuller (jd mubix gmail com)
Micah and I are merging the Post Exploitation Wiki with a few other
projects to include the following:

+ Kali Linux Documentation Project
+ WebApp Defaults Project
+ Q (Metasploit Repo)
+ (And of course the PwnWiki which has all the content of the Post
Exploitation Command Lists and wiki)

Into one

[ more ]  [ reply ]
[HITB-Announce] #HITB2014AMS Call for Papers Now Open 2013-11-27
Hafez Kamal (aphesz hackinthebox org)
Hi everyone - The Call for Papers for the 5th annual HITB Security
Conference in Amsterdam is now open. #HITB2014AMS takes place at the
Beurs van Berlage from the 27th - 30th of May 2014. The official
conference hotel for the event is the Hilton DoubleTree.

As always we start with 2-days of hands o

[ more ]  [ reply ]
WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
John Stamatakis (john stamatakis sunrisetech gr)
Sunrise is proudly announces WebSurgery v1.1!

WebSurgery is a suite of tools for security testing of web applications. It
is designed to address the ongoing needs of security auditors so to
facilitate them with web application planning and exploitation. Suite
currently contains a

[ more ]  [ reply ]
GoLismero 2.0 beta 2 released 2013-09-20
cr0hn (cr0hn cr0hn com)
Hi all,

We're pleased to announce the beta 2 version of GoLismero 2.0.

In this new version you can find a lot of changes, like:

- Integration with Nmap.
- Added IP address geolocation support.
- Added 22 new vulnerability types to the data model.
- Now vulnerabilities may be categorized

[ more ]  [ reply ]
(Page 3 of 638)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


Privacy Statement
Copyright 2010, SecurityFocus