«
Expand/Collapse
23 items tagged "test"
Related tags:
hacks [+],
tool [+],
txt [+],
signal interface [+],
read [+],
penetration test [+],
penetration [+],
mac os x [+],
mac os [+],
linux freebsd [+],
honggfuzz [+],
fuzzer [+],
engine [+],
digest authentication [+],
cyber [+],
ARM [+],
wep key cracking [+],
web application security [+],
web [+],
vulnerability [+],
voltage test [+],
voltage [+],
variable voltage [+],
usb test [+],
tin [+],
time [+],
test beds [+],
test authors [+],
stress test [+],
stress [+],
sparkfun [+],
skill [+],
security [+],
sean coyne [+],
script kiddies [+],
scope [+],
savsoft [+],
ryan kazanciyan [+],
rocket [+],
repetitive elements [+],
real time clock [+],
ray [+],
radiation test [+],
radiation [+],
rack mount [+],
rack [+],
purpose interface [+],
pogo pins [+],
pogo [+],
physics experiments [+],
perf board [+],
pentagon [+],
penetration testers [+],
pcbs [+],
pcb [+],
packet [+],
org uk [+],
nintendo controller [+],
nintendo [+],
newton [+],
network segmentation [+],
mount usb [+],
mount ics [+],
misc [+],
microcontrollers [+],
metasploitable [+],
metasploit [+],
martin [+],
manual web [+],
manager [+],
liquid oxygen [+],
liquid fuel rocket [+],
lamer [+],
kilo newton [+],
ira winkler [+],
injection [+],
ibm t61 [+],
huawei [+],
hacking [+],
gpib hardware [+],
gpib [+],
general purpose interface bus [+],
gear [+],
gas discharge tubes [+],
foes [+],
file upload [+],
equipment [+],
electronics projects [+],
dual channel [+],
day [+],
darknet [+],
cybersecurity [+],
cyber security [+],
cyber attacks [+],
copenhagen [+],
chris downing [+],
chris [+],
cat [+],
case [+],
cant remeber [+],
box [+],
audio [+],
attacks [+],
application [+],
advansed [+],
adafruit [+],
Wireless [+],
Tools [+],
Pentesting [+],
ExploitsVulnerabilities [+]
-
-
10:30
»
Hack a Day
This is a device which [Limpkin] has been developing at his day job. It’s a high-speed testing interface for use with Physics experiments. We find it interesting because it uses an ARM microcontroller to implement CDC and MSD over USB. The design is in two parts to make it work in a rack-mount situation. That [...]
-
-
8:01
»
Hack a Day
It seems like [Chris Downing] is always up to something new. If he’s not keeping busy by creating slick portable iterations of previous-gen gaming consoles, he is dreaming up ways to make his modding life a bit easier. Recently while working on a Nintendo controller designed to control three different consoles, [Downing] found his desk buried [...]
-
-
6:00
»
Hack a Day
Last April, we caught wind of a very impressive rocket engine being built by Copenhagen Suborbitals. That engine was on the test pad this weekend, and the video is incredible (skip to 20:30 for the actual test). The Copenhagen Suborbitals team pulled off a successful test firing of their 65 kilo Newton alcohol and liquid Oxygen-fueled [...]
-
-
12:30
»
Hack a Day
Dust off that old GPIB hardware and hook it up to your modern computing platform using either of these two solutions. If you haven’t a clue what we’re talking about you probably don’t own any fifty-year-old test equipment. But the General Purpose Interface Bus (aka IEEE-488) was fairly common on 1960′s era test equipment like multimeters and [...]
-
-
12:30
»
Hack a Day
[Martin] had been using standard perf board for most of his electronics projects, but as he was starting to utilize more surface mount ICs, he quickly realized that it was time to start making his own PCBs. Having never etched any PCBs using the toner transfer method, he figured it was as good a time [...]
-
9:39
»
Hack a Day
This is a multifunction too for measuring radiation (translated). The measurements center around gas discharge tubes that react when ionizing particles pass through them. After reading about the counting circuit for the pair of tubes used in this handheld it’s easy to understand why these are tricky to calibrate. The handheld features a real-time clock [...]
-
-
11:01
»
Hack a Day
[Chris] recently finished building a miniscule AV Test Box, capable of fitting inside a standard Altoids tin. It is a revision of a project he constructed a few years ago. His previous test box worked well, but was large and cumbersome – definitely not something you would want to carry around from place to place [...]
-
-
6:02
»
Carnal0wnage
One of my favorite talks from this year's BlackHat DC was Ryan Kazanciyan's & Sean Coyne's "The Getaway" talk on data exfiltration.
whitepaper:
https://media.blackhat.com/bh-dc-11/Coyne/BlackHat_DC_2011_Coyne_Gateway-wp.pdfslides:
https://media.blackhat.com/bh-dc-11/Coyne/BlackHat_DC_2011_Coyne_Gateway-Slides.pdfEveryone should check out the slides and the whitepaper although the slides are better with the case studies and the diagrams. When you check out the slides I encourage you to think about your last pentest and:
1. could your pentest shop emulate an attacker of the level in the case studies.
2. did you or they try to scope the test in order to test things like this...aka do a Full Scope test.
3. if you aren't letting your pentesters go after your network like this how do you think YOUR network will hold up against someone that knows what they are doing?
If you ARE a pentester when was the last time you got the time and scope to do something on the order of these attacks and post exploitation activities from the case studies?
We are getting great at
catching our penetration testers (
video) but still horrible at catching bad guys. Rather than draining your corporate bank account to have some shop come in and help you clean up your mess and you've discovered someone stealing everything you own... 1. pick a Full Scope shop that can emulate advanced attackers and not just
script kiddies with a checkbook and 2. train like you fight, open the scope for your test, give your testers time to conduct a REAL test, and let your pentesters go after it like a real bad guy would.
Instead of making your testers "test' that same 500 hosts out of 10,000 hosts with no client-sides or user interaction allowed...ask, make, force, them to conduct an end-to-end test of the expensive black boxes you have sitting in the rack, your user education, your network segmentation, and your NOC/SOC's ability to test and respond to attacks. Better to find out you suck during your test instead of when someone is stealing everything that makes you money.
Train like you fight.
-
-
5:11
»
Packet Storm Security Recent Files
Honggfuzz is a general-purpose, easy-to-use fuzzer with interesting analysis options. Given a starting corpus of test files, Honggfuzz supplies and modifies input to a test program and utilizes the ptrace() API/POSIX signal interface to detect and log crashes. It works on Linux, FreeBSD and Mac OS X.
-
5:11
»
Packet Storm Security Misc. Files
Honggfuzz is a general-purpose, easy-to-use fuzzer with interesting analysis options. Given a starting corpus of test files, Honggfuzz supplies and modifies input to a test program and utilizes the ptrace() API/POSIX signal interface to detect and log crashes. It works on Linux, FreeBSD and Mac OS X.
-
-
6:22
»
Hack a Day
Pogo pins – spring-loaded pin contacts are pretty fun to play with and even cooler when they get used in electronic devices like Adafruit and SparkFun’s test jigs. Check after the break for how these two companies have created their own production hacks. At Adafruit, they build up from an Arduino with a proto shield. [...]
-
-
15:09
»
remote-exploit & backtrack
I am looking at doing some wep key cracking on my own system because I do small networking jobs and have a lot of people ask me about the wep crack difficulty and security. I am mostly just looking to broaden my horizon a little. I have read it is really not that difficult and I have watched people do it via youtube and I have scanned this forum and the other backtrack forums. I have the steps down pretty good but I am unable to get it to work correctly and I do beleive I know the problem but not sure...
When I run a aireplay -ng --test I get a "packet Injection is working" and it will give me a percent, i am usually getting around a 50%. I am using a IBM t61 lenovo ( I cant remeber but i think it is a 4965?) thinking maybe possibly a driver problem??
Should I be getting a 100% on the test.. I usually install Netgear routers but I have installed a couple Linksys's also..
Thanks for you help in advance I hope that this an informative and fun place to be.. My luck on the other backtrack forum was not so fun..
nathan
-
-
12:00
»
Packet Storm Security Recent Files
During a penetration test, RedTeam Pentesting discovered that the GNCaster software has multiple bugs in its implementation of HTTP Digest Authentication. Versions 1.4.0.7 and below are affected.
-
12:00
»
Packet Storm Security Advisories
During a penetration test, RedTeam Pentesting discovered that the GNCaster software has multiple bugs in its implementation of HTTP Digest Authentication. Versions 1.4.0.7 and below are affected.