Penetration Testing Mode:
(Page 4 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Stealing Wireless Password with fake ap 2012-07-19
Mat TimeofWheel (matanddie gmail com)
Hi everyone;

I have an interesting (at least for me) question.

ESSID of my real AP is test
BSSID of my real AP: 1F:X:X:X:X:X
Password of my real AP: 12345678 (WPA2)

I have created a fake AP with ESSID test and BSSID 1F:X:X:X:X:X

1. From my netbook, i first connected to my real AP and i can c

[ more ]  [ reply ]
confidentiality agreement 2012-07-10
Daniel Calvo Castro (daniel calvo kernelsecurity es) (1 replies)
Hi all list,

I would ask to pentesters if someone could send me or point me to get
a good Spanish confidentiality agreement model between the parties,
client and company to perform a pentest.

Thanks in advance,

Cheers !

------------------------------------------------------------------------

T

[ more ]  [ reply ]
Re: confidentiality agreement 2012-07-11
Juan F. Campos - Computalleres.com (jfcampos computalleres com)
Malicious Code Execution in PCI Expansion ROM 2012-07-02
Adam Behnke (adam infosecinstitute com)
The malicious code in x86/x64 firmware can potentially reside in many
places. One of them is in the PCI expansion ROM. In the past, the small
amount of memory during PCI expansion ROM execution acted as a hindrance to
malicious code. The limited space for code and data limited the possible
tasks tha

[ more ]  [ reply ]
Reconfiguring cmdshell 2012-06-30
Smiling Buddha (smilngbuddha gmail com) (2 replies)
Hi,

I am on a pentest assignment and have encountered an sql injection
vulnerability with an SQL Server 2005 in the background, complete with
dbo level access. I have successfully retrieved DB values and have
already presented as evidence. Now, i am directed to take the attack
to the next level and

[ more ]  [ reply ]
Re: Reconfiguring cmdshell 2012-07-02
Yiannis Koukouras (ikoukouras gmail com)
Re: Reconfiguring cmdshell 2012-07-01
596 (infosecurity email gmail com)
AW: (In)Secure Citrix Configs 2012-06-29
!s3grim (persephane gmx eu)
Hi Lefteris,

this is an amazing, a nice bunch of links. Seems I'll have some nice reading
time and some cups of coffee to get through all of them.
Thanks alot, to you and also to all other, too.

!s3grim

________________________________

Von: lefteris panos [mailto:lefterispanos (at) gmail (dot) com [email concealed]]
Gese

[ more ]  [ reply ]
RE: web form filling bots 2012-06-28
Sandeep Cheema (51l3n7 live in)
Here you go

http://userscripts.org/scripts/review/39313

Regards,
Sandeep

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of Rob
Sent: Thursday, June 28, 2012 10:22 PM
To: Anwar Khan; listbounce (at) securityfocus (dot) com [email concealed];
security-basics@secur

[ more ]  [ reply ]
(In)Secure Citrix Configs 2012-06-28
!s3grim (persephane gmx eu) (1 replies)
Hi guys,

does anyone know any ressources about the security of citrix environments?
Anything like the basic security model, like configuration places and usual
'misconfigurations'?
Maybe there is also a hardening guide or something about config caveats?

I'd appreciate any useful information.

!s

[ more ]  [ reply ]
Re: (In)Secure Citrix Configs 2012-06-29
Ryan Graves (rgraves22 gmail com) (1 replies)
Re: (In)Secure Citrix Configs 2012-06-29
Ivan .Heca (ivanhec gmail com)
Re: web form filling bots 2012-06-28
TAS (p0wnsauc3 gmail com)
Burp Suite should help.

-

TAS

http://twitter.com/p0wnsauc3

-----Original Message-----

From: Anwar Khan <anwarrhce (at) gmail (dot) com [email concealed]>

Sender: listbounce (at) securityfocus (dot) com [email concealed]

Date: Thu, 28 Jun 2012 21:47:51

To: <security-basics (at) securityfocus (dot) com [email concealed]>; <pen-test (at) securityfocus (dot) com [email concealed]>

Subject: web form f

[ more ]  [ reply ]
web form filling bots 2012-06-28
Anwar Khan (anwarrhce gmail com)
Dear All,

Can anyone please suggest any web form filling tool, which automate
the form filling process and write bogus entries.
I have a website which i want to test against this, i just want to see
how things work without capthca, if i rely on POST and Connect.

Please suggest any tool or script.

[ more ]  [ reply ]
[Tool update] UCSniff 3.20 is released 2012-06-19
Mostyn, William Thomas \(Tom\) (tmostyn viperlab net)
UCSniff 3.20 IP Video sniffer is released

http://ucsniff.sourceforge.net

NEW DEVELOPMENTS IN UCSNIFF 3.20:
* Added support for Ubuntu 12.04
* Realtime Video monitoring using latest libvlc library (2.0.1 - Twoflower)
* Support for iSAC audio codec from Google's WebRTC
* Added support for Cisco 9971

[ more ]  [ reply ]
was SharePoint Audit Bruteforce 2012-06-10
Jerome Athias (athiasjerome gmail com)
https://github.com/blackfoundry/shareforce

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test.

[ more ]  [ reply ]
Scanner & BaseLine Report Diff? 2012-06-07
D G (dege sv gmail com) (1 replies)
Hi guys!

I am looking for a product/solution that can help me with an external
IP/Resource scan for ports, vulnerabilities and resource
identification. I don't really have the time to make it in Python with
Nmap etc. I need a solid product that I don't have to maintain.

The big trick is to get thi

[ more ]  [ reply ]
Re: Scanner & BaseLine Report Diff? 2012-06-09
Anthony Cicalla (anthony cicalla gmail com) (3 replies)
Re: Scanner & BaseLine Report Diff? 2012-06-18
Adrián Puente Z. (seclists hackarandas com)
Re: Scanner & BaseLine Report Diff? 2012-06-10
Jerome Athias (athiasjerome gmail com)
FW: Scanner & BaseLine Report Diff? 2012-06-09
Hardy Mansen (Hardy Mansen UNIBET com)
EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15 2012-06-05
Dragos Ruiu (dr kyx net)
EUSecWest 2012, Amsterdam, September 19/20, Featuring Mobile PWN2OWN
CALL FOR PAPERS - Deadline June 15 2012

   AMSTERDAM, Nederland -- The seventh annual EUSecWest
   applied technical security conference - where the eminent
   figures in the international security industry get
   together share b

[ more ]  [ reply ]
Re: Info about attack trees 2012-05-25
Federico De Meo (demeof gmail com)
Thank you very much. You give me some interesting starting points.
Hope this can lead me to something :)

I have a question about the "Exploiting software" book. I made a search and
found on amazon "Exploiting software how to break code" by Greg Hoglund and Gary McGraw
is it the correct one? I would

[ more ]  [ reply ]
Re: Securing Citrix 2012-05-25
Paul Craig (paul ha cked net)
Ok, as a pen-tester who has spent a fair amount of time breaking
Citrix, and as the author of iKAT (which seems to always get used to
break Citrix), i thought it would only be fair to offer my 10cents,
and suggestions for securing Citrix.

Securing Citrix installations really comes down to defense

[ more ]  [ reply ]
Info about attack trees 2012-05-24
Federico De Meo (demeof gmail com) (1 replies)
Hellp everybody, I'm new to this malinglist and to pen-testing.
I'm here to learn and I'm starting with a question :)

I'm looking for some informations about attack trees usage in web application analysis.

For my master thesis I decided to study the usage of this formalism in order to reppresent a

[ more ]  [ reply ]
Re: Info about attack trees 2012-05-28
Yiannis Koukouras (ikoukouras gmail com)
Re: Securing Citrix 2012-05-23
Marco Ivaldi (raptor mediaservice net) (1 replies)
Adrian,

On Wed, 16 May 2012, utf-8?Q? Adri=C3=A1n_Puente_Z. ?= wrote:

> Hi everyone!
>
> I am looking for a good reference to secure a Citrix server to avoid a user
> to gain acces to the operating system. So far I have some ideas like
> restricting the execution of the cmd.exe and (maybe) expl

[ more ]  [ reply ]
FW: Securing Citrix 2012-05-25
Ross Dawson (ross ramraidersoftware com)
Securing Citrix 2012-05-16
Adrián Puente Z. (seclists hackarandas com)
Hi everyone!

I am looking for a good reference to secure a Citrix server to avoid a user to gain acces to the operating system. So far I have some ideas like restricting the execution of the cmd.exe and (maybe) explorer.exe from with a group policy in the domain.

If you know about any document I

[ more ]  [ reply ]
(Page 4 of 636)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus