Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Metasploit Framework, Part 2
Newly updated. This article provides insight into the Metasploit Framework, a very useful tool for the penetration tester. Part two of three.
Metasploit Framework, Part 1
This article provides an elaborate insight into the Open Source exploit framework, the Metasploit Framework, which is meant to change the future of penetration testing once and for all. Part one of three.
Wireless Attacks and Penetration Testing (part 2 of 3)
This is the second of a three part series on penetration testing for wireless networks. This installment looks at how a nefarious user cracks the WEP key, scans for servers and services, and then exploits vulnerabilities to gain system access.
Wireless Attacks and Penetration Testing (part 1 of 3)
This is the first of a three part series on penetration testing for wireless networks. This installment will detail common styles of attacks against wireless networks, introduce WEP key-cracking, and then discuss some recent developments in wireless security.
Common Security Vulnerabilities in e-commerce Systems
This article discusses common attacks and vulnerabilities in e-commerce shopping cart systems, with reference to SecurityFocus vulnerability reports where relevant.
Nessus, Part 3: Analysing Reports
This article, the last in the series about Nessus, will endeavor to explain a Nessus report and how to analyze it. Nessus is a vulnerability scanner, a program that looks for security bugs in software.
Nessus, Part 2: Scanning
This article, the second in the series, provides direction through the scanning process with Nessus, a powerful open source vulnerability scanner.
Exploiting Cisco Routers: Part 2
This is the second of a two-part series that focuses on identifying and then exploiting vulnerabilities and poor configurations in Cisco routers. This article will look at what we can do once we've gotten in.
Introduction to Nessus
This article describes the installation, configuration and features of the latest version of Nessus, a powerful and free client-server based security scanner.
Demonstrating ROI for Penetration Testing (Part Four)
The last article in this series discusses the Penetration Testing process and makes final assertions about how ROSI (Return on Security Investment) can be shown.