Archive for December, 2006

SinFP – New OS fingerprinting tool

SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. More info: http://www.gomor.org/sinfp . SinFP has now 140 signatures. You can download it via CPAN, or via SourceForge: https://sourceforge.net/projects/sinfp Also, two benchmarks versus Nmap have been done: http://www.phocean.net/index.php/post/2006/12/17/SinFP http://www.computerdefense.org/?p=173 This new release has been tested under Solaris 8/SPARC, and Mac OS […]

Top 10 Web Hacks of 2006

Jeremiah Grossman, RSnake and Robert Augerand have put together an interesting collection of web application hacks discovered in 2006. Top 10 1. Web Browser Intranet Hacking / Port Scanning – (with JavaScript and with HTML-only and the improved model) 2. Internet Explorer 7 “mhtml:” Redirection Information Disclosure 3. Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning […]

New Tool – SIP Proxy

Philipp Haupt and Matthias Hürlimann have developed an excellent open source VOIP security test tool called SIP Proxy. This tool can be used both as a proxy and as a VOIP fuzzing source. Great tool ! SIP Proxy homepage on Sourceforge.

New Tool Release – Telemachus & Odysseus

Telemachus is a companion utility for the well-known web proxy Odysseus, allowing further analysis and manipulation of the HTTP transactions that have passed through Odysseus. Telemachus can communicate with the currently active instance of Odysseus,or alternately load a previously saved Odysseus activity log file. Although primarily designed to be used in conjunction with Odysseus,Telemachus can […]

Page 1 of 212