A good framework is a great resource for any pentester .
Here are some of the best I found :
If you enjoyed this post, make sure you subscribe to my RSS feed!
The following column was published on SecurityFocus today:
PHP apps: Security’s Low-Hanging Fruit
by Kelly Martin
published 2007-01-08
PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here’s how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.
http://www.securityfocus.com/columnists/427
If you enjoyed this post, make sure you subscribe to my RSS feed!
I’d like to announce the availability of a free security reconnaissance/firewall bypassing tool called 0trace written by Michal Zalewski. This tool enables the user to perform hop enumeration (”traceroute”) within an established TCP connection, such as a HTTP or SMTP session. This is opposed to sending stray packets, as traceroute-type tools usually do.
The important benefit of using an established connection and matching TCP packets to send a TTL-based probe is that such traffic is happily allowed through by many stateful firewalls and other defenses without further inspection (since it is related to an entry in the connection table)
The tool is available here (Linux version):
http://lcamtuf.coredump.cx/soft/0trace.tgz
If you enjoyed this post, make sure you subscribe to my RSS feed!
The draft NIST Special Publication 800-101, Guidelines on Cell Phone Forensics, is available for public comment. The guide outlines general principles and provides technical information intended to aid organizations evolve appropriate policies and procedures for preserving, acquiring, and examining digital evidence found on cell phones. Computer forensic specialists and members of the law enforcement community are encouraged to provide feedback on all or part of the document.
Get this document here : http://csrc.nist.gov/publications/drafts.html#sp800-101
If you enjoyed this post, make sure you subscribe to my RSS feed!
Robert Auger (www.qasec.com) has written an excellent article about how the Quality Assurance phase of the development cycle can incorporate security testing into a standard test plan, and make it part of the regular testing cycle.
From the article :
"Part of software testing involves replicating customer use cases against a given application. These use cases are documented in a test plan during the quality assurance phase in the development cycle to act as a checklist ensuring common use cases aren’t missed during the testing phase. People within the quality assurance community are starting to understand that checking an application for security issues (defects) isn’t just the responsibility of the security department (if one exists), or the software architects"
Check the whole article here : http://www.qasec.com/cycle/securitytestcases.shtml
If you enjoyed this post, make sure you subscribe to my RSS feed!
SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. More info:
http://www.gomor.org/sinfp .
SinFP has now 140 signatures. You can download it via CPAN, or via SourceForge:
https://sourceforge.net/projects/sinfp
Also, two benchmarks versus Nmap have been done:
http://www.phocean.net/index.php/post/2006/12/17/SinFP
http://www.computerdefense.org/?p=173
This new release has been tested under Solaris 8/SPARC, and Mac OS X/PPC.
If you enjoyed this post, make sure you subscribe to my RSS feed!
Jeremiah Grossman, RSnake and Robert Augerand have put together an interesting collection of web application hacks discovered in 2006.
Top 10
1. Web Browser Intranet Hacking / Port Scanning - (with JavaScript and with HTML-only and the improved model)
2. Internet Explorer 7 “mhtml:” Redirection Information Disclosure
3. Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning
4. Web Browser History Stealing - (with CSS, evil marketing, JS login-detection, and authenticated images)
5. Backdooring Media Files (QuickTime, Flash, PDF, Images, Word [2], and MP3’s)
6. Forging HTTP request headers with Flash
7. Exponential XSS
8. Encoding Filter Bypass (UTF-7, Variable Width, US-ASCII)
9. Web Worms - (AdultSpace, MySpace, Xanga)
10. Hacking RSS Feeds
Check out the original post here
If you enjoyed this post, make sure you subscribe to my RSS feed!
Philipp Haupt and Matthias Hürlimann have developed an excellent open source VOIP security test tool called SIP Proxy. This tool can be used both as a proxy and as a VOIP fuzzing source.
Great tool ! SIP Proxy homepage on Sourceforge.
If you enjoyed this post, make sure you subscribe to my RSS feed!
Telemachus is a companion utility for the well-known web proxy Odysseus, allowing further analysis and manipulation of the HTTP transactions that have passed
through Odysseus.
Telemachus can communicate with the currently active instance of Odysseus,or alternately load a previously saved Odysseus activity log file.
Although primarily designed to be used in conjunction with Odysseus,Telemachus can be used as stand-alone utility.
If you enjoyed this post, make sure you subscribe to my RSS feed!
Pete Herzog from ISECOM has compiled a list of funny computer security incidents most likely to happen in 2007.
My favourite :
Your computer will probably crash a lot or at least reboot for no apparent reason but most likely due to some patch you got through an automated update which you are told to do for security reasons because apparently security and stability are incompatible.
Check the rest of them here
If you enjoyed this post, make sure you subscribe to my RSS feed!
Free Security Magazines Hot Security News Security Articles and Tips 24/7 Malware Mix
