«
Expand/Collapse
19 items tagged "open source tools"
Related tags:
mantra [+],
owasp [+],
beta [+],
using open source tools [+],
read [+],
web application development [+],
usa [+],
security [+],
sagan [+],
kismet [+],
ids [+],
hacking [+],
coldfusion [+],
chris eng [+],
brandon creighton [+],
application development platform [+],
application [+],
Wireless [+],
Tools [+],
web scanner [+],
waste time [+],
vulnerability assessment [+],
tutorial [+],
time [+],
scanners [+],
review [+],
plainsight [+],
pasco [+],
night dragon [+],
network [+],
msp430 [+],
msp [+],
minute [+],
microcontrollers [+],
malware [+],
louis [+],
lifehacks [+],
forensics [+],
forensic security [+],
eclipse [+],
dan paluska [+],
computer forensics [+],
computer [+],
code [+],
cannot [+],
browser [+],
aurora [+],
accusation [+],
abu dhabi [+],
source [+],
web application developers [+],
web [+],
penetration testers [+]
-
-
8:43
»
Packet Storm Security Recent Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the source code release.
-
8:43
»
Packet Storm Security Misc. Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the source code release.
-
-
21:41
»
SecDocs
Authors:
Christiaan Beek Tags:
malware intelligence malware analysis Event:
Black Hat Abu Dhabi 2011 Abstract: Over years the use of malware has dramatically changed. Ranging from programmers exploring the malicious possibilities of their programming code, copycats trying to combine code snippets, to organized crime and governments using custom made malware for their purposes. Where financial gratification is the main drive for cybercrime, it seems that the hunger for secrets and intellectual property is taking over. Some examples of cases are: Operation Aurora, Night-Dragon and recently Shady-RAT. These are examples of investigations that started with the detection of unknown customized malware, hiding on corporate networks and ended in large investigations regarding Data Loss. So how is it possible that this malware was undetected? How can you detect hidden malware on your network using open-source tools, what patterns to look for? What countermeasures can you take? How to build a layered malware defense to keep unknown malware out of your network. In my talk I will give some demo's how you can use Wireshark to investigate networkdata for traces of malware, how to filter for suspicious connections.
-
-
6:22
»
Packet Storm Security Recent Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
6:22
»
Packet Storm Security Tools
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
6:22
»
Packet Storm Security Misc. Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
-
5:11
»
Packet Storm Security Recent Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
5:11
»
Packet Storm Security Tools
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
5:11
»
Packet Storm Security Misc. Files
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
-
-
13:05
»
SecDocs
Authors:
Brandon Creighton Chris Eng Tags:
ColdFusion Event:
Black Hat USA 2010 Abstract: ColdFusion is a somewhat forgotten but still very prevalent web application development platform. This presentation is a technical survey of ColdFusion security that will be of interest mostly to code auditors, penetration testers, and developers. In the talk, we’ll cover the history of the ColdFusion platform and its relevance to today’s security landscape. We’ll describe basics of ColdFusion markup, control flow, functions, and components and demonstrate how to identify common web application vulnerabilities in the source code. We’ll also delve into ColdFusion J2EE internals, showing what CFML pages and components look like when compiled down to Java, and describing some of the unusual behavior we’ve observed at that level. Included in the talk is a detailed description of the WAR/EAR structure for compiled ColdFusion apps. We'll release open-source tools to aid reverse engineers in working with ColdFusion's proprietary classfile format.
-
-
5:52
»
SecDocs
Authors:
Brandon Creighton Chris Eng Tags:
ColdFusion Event:
Black Hat USA 2010 Abstract: ColdFusion is a somewhat forgotten but still very prevalent web application development platform. This presentation is a technical survey of ColdFusion security that will be of interest mostly to code auditors, penetration testers, and developers. In the talk, we’ll cover the history of the ColdFusion platform and its relevance to today’s security landscape. We’ll describe basics of ColdFusion markup, control flow, functions, and components and demonstrate how to identify common web application vulnerabilities in the source code. We’ll also delve into ColdFusion J2EE internals, showing what CFML pages and components look like when compiled down to Java, and describing some of the unusual behavior we’ve observed at that level. Included in the talk is a detailed description of the WAR/EAR structure for compiled ColdFusion apps. We'll release open-source tools to aid reverse engineers in working with ColdFusion's proprietary classfile format.
-
-
14:02
»
Hack a Day
[Springuin] just posted a tutorial about debugging MSP430 projects using Eclipse. He read our feature about debugging under IAR, a proprietary IDE which TI offers as a code-limited freebie with the TI Launchpad. In that writeup we wondered if anyone would put together a tutorial using open source tools like DDD and GDB to make [...]
-
-
21:25
»
SecDocs
Authors:
Louis Nyffenegger Tags:
web application vulnerability assessment Event:
Ruxcon 2010 Abstract: More and more organisations think an automatic web scanner can replace pentesters. Even if it may be true in some cases, I will demonstrate that most web scanners don't do a decent job and cannot be used to ensure that a website is secure. Most arguments against web scanners are based on the fact that these scanners cannot understand the business logic behind applications however, we will see that scanners are not even able to properly find vulnerabilities like SQL injections or command injection vulnerabilities. Based on commercial and open source tools, this presentation will take some examples of web vulnerabilities and go through each scanners results for good lulz.
-
-
15:00
»
Hack a Day
It’s easy to throw around the accusation that you waste time throughout the day. Now you can prove it by reviewing everything you did on your computer, all in just one minute. [Dan Paluska] ground out some code to take screenshots and assemble them into a video.
His script ties together the open source tools FFmpeg, [...]
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution