The Open Web Application Security Project (OWASP) is dedicated to finding and fighting the causes of insecure software. Everything here is free and open source.
OWASP has released the Security Testing Guide v2 .At 270 pages, this guide is already a must-have for most developers and penetration/application testers, but we want to take it one step further and make sure that everything is 100%.
The team leaders of this project are Eoin Keary - Editor and Matteo Meucci - Autumn of Code Lead .

Get it here :
http://www.owasp.org/index.php/OWASP_Testing_Guide_v2_Table_of_Contents

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

I came across an ingenious way of breaking the same-origin policy by undermining dns-pinning : http://shampoo.antville.org/stories/1451301/ Voila, the intranet is wide open ! Good work.

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Guardian@JUMPERZ.NET is an open source application layer firewall for HTTP/HTTPS. It works as a reverse proxy server. It analyzes all HTTP/HTTPS traffic against rule-based signatures and protects web servers and web applications from attack. When unauthorized activity is detected, Guardian@JUMPERZ.NET can disconnect the TCP connection before the malicious request reach the web server.

Great tool ! http://guardian.jumperz.net/index.html

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

The Cross-site Request Forgery FAQ has been released to address some of the common questions and misconceptions regarding this commonly misunderstood web flaw. URL: The Cross-site Request Forgery FAQ http://www.cgisecurity.com/articles/csrf-faq.shtml

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

One of the best War Dialers I came across .
Current Features:

• Full and Normal logging: Full logging records all possible events during dialing (busy signals, no answers, carriers, etc). By default it only records things that we might find interesting (carriers, possible telco equipment).
• ASCII flat file and MySQL logging: You can log to a traditional ASCII flat file, and record information into a MySQL database.
• Dials randomly or sequentially.
• Remote system identification: When finding a remote modem and connecting, iWar will remain connected and attempt to identify the remote system type.
• Key stroke marking: When actively “listening” to iWar work, if you hear something interesting, you can manually “mark” it by hitting a key. You can also enter a “note” about something you find interesting.
• Multiple modem support, because… well, hey - this is “Unix”. iWar will support as many modems you can hook up
• Nice “curses” based display. This means that if you’re using iWar from a Linux console or a VT100 based terminal, it should work fine. It’s not a escape sequence kludge, but true “curses”.
• Full control over the modem: Unlike other ‘kludges’, iWar doesn’t just open the modem as a typical “file”. It controls the baud rate, parity, and CTS/RTS (Hardware flow control) DTR (Data terminal ready). This is important for controlling the modem and making it preform the way you want it to during scanning. For example, DTR hang ups.
• Blacklisted phone number support: For numbers the system should never dial.
• Save state: If within the middle of a “wardialing” session you want to quit, you can save the current state to a file. This allows you to come back later and restart iWar where you left off. (via the ‘-l’ option)
• Load pre-generated numbers: You can load a file (via the ‘-L’ option) of numbers that you want to dial. This is useful if you want to load numbers generated by another routine (perl/shell script/etc).
• Tone location, if your modem supports it. iWar uses two different methods. The traditional “ATDT5551212w;” (Toneloc) and “silence” detection.
• Records remote system banners on connection for later review
• iWar can be used to attack PBX’s and Voice mail systems
• Terminal window so you can watch modem interactions and carrier results in real time
• Support the IAX2 (Intra-Asterisk eXchange) “Voice over IP” (VoIP) protocol. This allows you to scan without the need of additional hardware! To my knowledge, iWar is the first war dialer with VoIP functionality
• In IAX2 mode, iWar acts as a “full blown” VoIP client. In this mode, key 0-9, * and # play there DTMF equivalents. In this mode, you can also directly “talk” (using a microphone) with the remote target if so desired.
• In IAX2 mode, if your VoIP provider supports it, you can “set” your caller ID number (caller ID spoofing).
• Comes with complete source code and is released under the GNU General Public License.

http://www.softwink.com/iwar/

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

SSA is a GUI that relies on OVAL Framework (see oval.mitre.org)
http://www.security-database.com/

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Here is a good resource on the good, the bad and the ugly of using NetBIOS NULL Sessions as attack target: http://www.brown.edu/Facilities/CIS/CIRT/help/netbiosnull.html

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Jeremiah Grossman (WhiteHat Security, Inc.) has written an interesting article on automated vulnerability scanners and the limitations of these tools in finding real life web application vulnerabilities .

The challenges of automated web application vulnerability scanning is a subject frequent debate. Specifically because most websites have vulnerabilities (a lot of them) and we need help finding them quickly. The point of contention revolves around what scanners are able to find, or not. Using the OWASP Top Ten as a foundation, I published a white paper describing in detail how scanners approach certain complex situations. There is some marketing-fu within the pages, but the majority of the is content rich. Enjoy! "Automated Scanner vs. The OWASP Top Ten" http://www.whitehatsec.com/home/assets/OWASPTop10ScannersF.pdf

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

A very good resource of wardialers
http://www.wyae.de/software/paw/

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

A good framework is a great resource for any pentester .
Here are some of the best I found :

• The mindmap written by Toggmeister (a.k.a. Kev Orrey) & Lee J Lawson http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
• OSSIG http://www.oissg.org/
• OSSTMM http://www.isecom.org/osstmm/
• OWASP http://www.owasp.org

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!