- « Sekurity

Ew0k

-

In Uncategorized on January 15, 2010 at 11:26 am

Like this:

Be the first to like this post.

▶ No Responses

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

- InfoSec News
  - Webmasters of infected sites 'usually unaware of a problem'
    Many businesses have no idea that they have been hacked until they receive a warning from their protection technology.
  - BYOD is being deployed as CISOs name malware as main mobile threat
    Despite nearly three-quarters of enterprises discussing the deployment of custom mobile applications, half admit that mobility is challenging.
  - Juniper trumpets £50m acquisition of Mykonos Software
    Juniper has announced the acquisition of intrusion deception and prevention vendor Mykonos Software.
  - Enhanced privileged user management technology to be launched by Cyber-Ark
    Cyber-Ark is to launch real-time session monitoring capabilities that enable the immediate termination of suspicious activity.
  - A third of US and UK organisations have suffered a DDoS attack
    A third of organisations in the US and UK have suffered a distributed denial-of-service (DDoS) attack in the last 12 months.
  - GCHQ-backed penetration testing lab opens
    A 'dirty lab' has been established in Malvern, Worcestershire with the support of GCHQ, to help businesses stress-test their networks against attacks.
  - AlienVault introduces threat intelligence forum
    Open-source security information and event management (SIEM) vendor AlienVault has launched a system for sharing threat intelligence.
  - Webroot delivers business edition of SecureAnywhere
    Webroot has launched the business edition of its SecureAnywhere product to offer cloud-based protection for endpoints.
  - Halon Security unveils virtual firewall
    Halon Security has announced the launch of a next-generation firewall and security router as a virtual appliance.
  - ForeScout combines mobile device management with network access control
    ForeScout has launched plug-in modules to enable management of Android and iOS devices, and a plug-in module for mobile device management (MDM) integration.
- SecTool Database
  - New vDNA WebService : CVSS v2 Calculator
    The main goal of vDNA © is to provide to third party system/program/website an easy way to integrate full documented CVE Alert. Any tool integrating the XML vDNA © scheme will be able to consume, identify and report all data related to a specific vulnerability. Today, we have update our vDNA API (Vulnerability API) and add a new service : the CVSS v2 Calcula […]
  - Security-Database OVAL Repository Update
    OVAL Repository downloads include Data Files of all vulnerability, compliance, inventory, and patch definitions for supported platforms. Data Files are intended for use with the Reference OVAL Interpreter, while both Data Files and the Bulk Content download (i.e., all definitions and schemas for all platforms) may be used with Products and Services Using OVA […]
  - Security-Database vDNA API Documentation
    vDNA © (Security Database Vulnerability DNA) are API based / Web-Services that provide a ready-to-use platform through comprehensive Rich CVE XML Correlated feeds. It includes most common Open Standards: CVSS, CPE, CWE, CAPEC, OVAL, OSVDB, and specific feeds as well as Milw0rm, Metasploit and Saint. vDNA © is suitable for integrators, security software vendo […]
  - Security-Database is proud to bring you this new service : vDNA
    Call for Beta tester - SD Papers / vDNA
  - Complemento v0.7.6 - Collection of Tools
    A collection of tools, just for fun. It includes LetDown, ReverseRaider and Httsquash. LetDown is a tcp flooder I have programmed after reading Fyodor article "TCP Resource Exhaustion and Botched Disclosure" (you can read it at http://insecure.org/stf/tcp-dos-attack-explained.html). It has an (experimental) userland TCP/IP stack, and supports multi […]
  - MetaGoofil v1.4b released
    Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites. It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web appli […]
  - Suricata v0.9 RC1 released
    The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. Version 0.9 RC1 New Features Support for the http_headers keyword was added libhtp was updated to version 0.2.3 Priv […]
  - Xplico v0.5.7 released
    The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn't a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT). […]
  - iScanner v0.5 released - Malicious codes scanner
    iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically. This tool is programmed by iSecur1ty using Ruby programming language and it's released under the terms of GNU Affero General Public License 3.0. Features Detect malicious codes in web pages, this includ […]
  - WebTest 1.2.1 - Testing Web Application with Python
    WebTest helps you test your WSGI-based web applications. This can be any application that has a WSGI interface, including an application written in a framework that supports WSGI (which includes most actively developed Python web frameworks – almost anything that even nominally supports WSGI should be testable). With this you can test your web applications w […]
- InfoSec Jobs
  - Are You a Hacker? The Australian Government Wants You!
    Hi all, How cool is that! The Australian government is hiring “hackers” to protect our beloved nation! The job add goes like that: Technical... Visit our website for more! Visit our website for more!
  - New Section – Share Your Opinion #1 – Antivirus and Endpoint Protection
    Hi there, I believe most of you security professionals face the same challenge as I do: an increasing number of problems to solve, and with it an increasing number... Visit our website... Visit our website for more!
  - 6 Reasons Why You Should NOT Work With Information Security
    This article does not mean to be demeaning to the career I chose to follow, but rather a humorous rundown of facts about being a security professional that cannot be... Visit... Visit... Visit our website for more!
  - Security Challenge #2 – PCI DSS
    Hi all, For all of you asking me for a PCI DSS specific scenario, I’ve prepared a challenge depicting a situation I faced a couple of years ago. The process is... Visit... Visit... Visit our website for more!
  - New Section! Security Challenges!
    Hi all! After a long while, I was finally able to start swimming and avoid being drowned by things to do at work! The new job is awesome, but the first couple of... Visit our website for more!
  - Information Security Management in a “Cloudy” Environment
    Hi all, As you know, My Infosec Job is an open space for you to send your articles and reach thousands of Infosec professionals worldwide, leveraging your exposure... Visit our... Visit our... Visit our website for more!
  - Best Companies to Work For in The Information Security Field
    Hi all, Even if the world is still recovering from the worst economic downturn since the Great Depression, information security is still a burgeoning field with plenty... Visit... Visit our website for more!
  - Startup guide to become an Information Security Consultant
    Hi all, I was browsing the net for some inspiration to my new article when I found an article that certainly adds up to what I’ve said before about starting... Visit... Visit our website... Visit our website for more!
  - Jobs Listing
    Hi! This page is used by your Job Manager plugin as a base. Feel free to change settings here, but please do not delete this page. Also note that any content you enter... Visit our... Visit... Visit our website for more!
  - Risk – Solution Architect – Canada
    TITLE: Solution Architect (With Risk Management experience) LOCATION: Toronto, Canada RELOCATION/VISA: NO SALARY: On request COMPANY: On request KEY... Visit our website for... Visit... Visit our website for more!
- Xploitz
  - The Uploader 2.0.4 (Eng/Ita) Remote File Upload February 24, 2012
    This Metasploit module exploits various flaws in The Uploader to upload a PHP payload to target system. When run with defaults it will search possible URIs for the application and exploit it automatically. Works against both English and Italian language versions. Notably it disables pre-emptive email warnings before uploading the payload, though it leaves lo […]
  - TrendMicro Control Manager 5.5 Buffer Overflow February 24, 2012
    This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC […]
  - Sun Java Web Start Plugin Command Line Argument Injection (2012) February 24, 2012
    This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santam […]
  - Orbit Downloader URL Unicode Conversion Overflow February 24, 2012
    This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." optio […]
  - e-Rapido 3.3.2 SQL Injection February 24, 2012
    e-Rapido version 3.3.2 suffers from a remote SQL injection vulnerability.
  - Redtienda E-Commerce 2.0 SQL Injection February 24, 2012
    Redtienda E-Commerce version 2.0 suffers from a remote SQL injection vulnerability.
  - Mobile MP3 Search Engine 2.0 HTTP Response Splitting February 24, 2012
    Mobile MP3 Search Engine version 2.0 suffers from a HTTP response splitting vulnerability.
  - phpDenora 1.4.6 SQL Injection February 24, 2012
    phpDenora versions 1.4.6 and below suffer from multiple remote SQL injection vulnerabilities.
  - YVS Image Gallery SQL Injection February 24, 2012
    YVS Image Gallery version 0.0.0.1 suffers from a remote SQL injection vulnerability.
  - D-Link DSL-2640B Authentication Bypass February 23, 2012
    The D-Link DSL-2640B ADSL router suffers from a simple authentication bypass vulnerability by spoofing the MAC address of a logged in administrator.
- more Xploitz
  - iptoolsex.pl
    IpTools(0.1.4) - Rcmd Remote Crash PoC
  - p_cve-2011-4362.c
    Primitive Lighttpd Proof of Concept code for CVE-2011-4362 vulnerability
  - enumerator_asterisk_nat_peers.rb
    SIP Username Enumerator for Asterisk (UDP) Security Advisory AST-2011-013, CVE-2011-4597
  - https://twitter.com/#!/w3bd3vil/status/148454992989261824
    causes a BSoD on win 7 x64 via Safari
  - 7350roaringbeastv3.zip
    FreeBSD ftpd/ProFTPD remote exploit
  - oracleocepoc.php
    Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC (*.oce)
  - zftpex.py
    zFTP Server "cwd" Remote Denial-of-Service
  - knftpd_exploit.py
    KnFTPd FTP Server v1.0.0 Multiple Command Remote Buffer Overflow Exploit
  - bwocxrun_1.zip
    BroadWin WebAccess Client bwocxrun.ocx PoC
  - killapache.pl
    Apache httpd Remote Denial of Service (memory exhaustion)
- InfoSec Toolz
  - Samhain File Integrity Checker 3.0.2a
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections […]
  - Packet Fence 3.2.0
    PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activi […]
  - Dark D0rk3r 0.6
    Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
  - Xenotix KeylogX Keylogger For Firefox
    Xenotix KeylogX is a keylogger add-on for Mozilla Firefox. It captures and logs keystrokes sent to the browser and you simply type alt-X to retrieve the data from the logfile.
  - Red Hat Security Advisory 2012-0324-01
    Red Hat Security Advisory 2012-0324-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially-crafted message to an XML service could result in longer processing time, which could lead […]
- SecDocs
  - Samhain File Integrity Checker 3.0.2a
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections […]
  - Oracle JD Edwards Security Kernel Information Disclosure
    Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), then it would be possible to validate arbitrary (USER, ROLE, ENVIRONMENT) tuples, in order to detect valid ones.
  - Oracle JD Edwards SawKernel SET_INI Configuration Modification
    Onapsis Security Advisory - If a specially crafted message is sent to the JDENET service (specifically to the SAW Kernel), a user can remotely change the JDE.INI configuration file. This situation might help the attacker to perform complex attacks that would lead in a full compromise of the system.
  - The Uploader 2.0.4 (Eng/Ita) Remote File Upload
    This Metasploit module exploits various flaws in The Uploader to upload a PHP payload to target system. When run with defaults it will search possible URIs for the application and exploit it automatically. Works against both English and Italian language versions. Notably it disables pre-emptive email warnings before uploading the payload, though it leaves lo […]
  - TrendMicro Control Manager 5.5 Buffer Overflow
    This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC […]
  - Sun Java Web Start Plugin Command Line Argument Injection (2012)
    This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santam […]
  - Orbit Downloader URL Unicode Conversion Overflow
    This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." optio […]
  - e-Rapido 3.3.2 SQL Injection
    e-Rapido version 3.3.2 suffers from a remote SQL injection vulnerability.
  - Oracle JD Edwards JDENET Large Packets Denial Of Service
    Onapsis Security Advisory - If a message containing packets of a specific size is sent to the JDENET service, a Denial of service condition is triggered, because the kernel in charge of dispatching those packets uses all the available CPU time.
  - Packet Fence 3.2.0
    PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activi […]
- Security Videos
  - Another methods for bypass Antivirus
    bypass kasperky antivirus using simple xor. bypass ful proactive defensa bypass signature based engine
  - Armitage for Metasploit 4.2 - What's New?
    This video shows some of the new features in Armitage for Metasploit 4.2. The latest Armitage is a solid performer and works great for managing Metasploit in high latency situations. In this video, you'll see ten Armitage clients connected to a remote server managing post-exploitation against a remote network. At the end of this video, you'll see A […]
  - Backtrack 5 Killing Antivirus
    In this video im going to show you how to kill Antivirus in a Windows 7 machine with Backtrack 5 For more interesting tutorials visit my blog My Blog: http://deceptive-room.blogspot.com/
  - Free Threaded TCP SYN Port Scanner
    http://www.secpoint.com/Multi-Threaded-TCP-Port-Scanner.html Do you know if your device have unnecessary ports open to the internet? These days most of the people have multiple devices which are constantly connected to the internet and each and every device comes with many services with open ports running quietly in the background. The user might not even ha […]
  - Windows Pwn 7 OEM, Alex Plaskett - 44CON
    http://44con.com/ Video From http://www.youtube.com/user/44contv
  - USB Flash Drive Forensics, Philip Polstra
    http://44con.com/ Video From http://www.youtube.com/user/44contv
  - Systems Applications Proxy Pwnage, Ian De Villiers - 44CON
    http://44con.com/ Video From http://www.youtube.com/user/44contv
  - Communicating with the Boss, Steve Armstrong - 44CON
    http://44con.com/ Video From http://www.youtube.com/user/44contv
  - Trusteer Rapport, Neil Kettle - 44CON
    http://44con.com/ Video From http://www.youtube.com/user/44contv
  - User Access Control
    SafeSquid Access Restrictions Section, as the name suggests, allows you to specify access rights for users. It allows you to specify, who is allowed to access the proxy, and how. That is, from specific IPs or ranges? If the user should be authenticated? how should they be authenticated? etc. This tutorial explains about the various options of SafeSquid Acces […]

Ew0k

Sekurity_Matters

-

Like this:

Leave a Reply Cancel reply

InfoSec News

SecTool Database

InfoSec Jobs

Xploitz

more Xploitz

InfoSec Toolz

SecDocs

Security Videos

Follow “Sekurity_Matters”