Mitigating the BEAST attack on TLS | Qualys Security Labs Update (19 March 2013): This blog post advises to use RC4 to migitate the BEAST attack, but RC4 has recently been discovered to be weaker than previously known. At this point the attacks against RC4 are still not practical. The only fully safe choice at the moment is the AES-GCM suites supported only in TLS 1.2. You can find out more in this new blog post. During the summer rumours about a new attack against SSL started circulating. Then Opera released a patch, but made no comment about what it was patching. As it turns out, the attack itself was conceived years ago, deemed impractical, but it was nevertheless fixed in TLS 1.1. In terms of mitigation, I expect this problem will be largely addressed on the client side, despite a potential compatibility problem that may cause some TLS sites to stop working. Just as an example, here's one way to do the above in Apache: SSLHonorCipherOrder OnSSLCipherSuite RC4-SHA:HIGH:!
Penetration Testing Tools - IT Best Practice Penetration Testing is not a small task. Its required lots of practice and tools knowledge to get the right information and put all the information in Black & White. Tools here describe here are based on BackTrack Linux Version 5 Release 1. Directory Structure of BackTrack Linux Version 5 Release 1 A. Network Analysis 1. 1. dnsdict6 2. dnsenum 3. dnsmap 4. dnsrecon 5. dnstracer 6. dnswalk 7. fierce 8. ldb 9. maltego 10. reverseraider 2. 1. 0trace 2. alive6 3. arping 4. detect-new-ip6 5. fping 6. hping2 7. hping3 8. netdiscover 9. netifera 10. nmap 11. nping 12. pbnj 13. sctpscan 14. svwar 15. trace6 16. traceroute 17. zenmap 3. 1. fragroute 2. fragrouter 3. ftester 4. hexinject 5. sniffjoke 4. 1. autoscan 2. implementation6 3. implementation6d 4. netifera 5. nmap 6. scapy 7. zenmap 5. 1. 2. tcpdump 3. tshark 4. wireshark 6. 1. nmap 2. p0f 3. sctpscan 4. xprobe2 5. zenmap 7. 1. dmitry 2. netmask 3. scapy 4. tcptraceroute 8. 1. amap 2. dmitry 3. httprint 4. httsquash 5. miranda 6. nbtscan 7. ncat 8. nmap 9. sslscan 10. zenmap 9. 1. samrdump 10. 2. nmap
Security Tools and Exploits Here is a collection of coding samples, tools, and misc. other things that we have written over the past. All source code published on this website is considered copyrighted material and licensed under the FreeBSD licensing agreement found here: At the tail of of this page you can find the full copyright disclosure. BypassUAC – Attack that allows you to bypass Windows UAC in Windows Vista and Windows 7 both on x86 and x64 operating systems. This issue has still not been patched to-date and can still be exploited on the most recent operating systems. Download BypassUAC here. Download EgressBuster here. PowerShell_PoC – zip file containing a number of powershell samples including SAM database dumping, reverse shells, bind shells, all natively written in PowerShell Download PowerShell_PoC here. Download Metasploit_Modules here. Download Encrypted_http_shell here. Simple_py_shell – This is a simple reverse shell written in Python.
DigiNinja mitmproxy - home Ophcrack CESG Homepage CESG launches Certified Cyber Security Consultancy CESG is pleased to announce a new approach to providing cyber security consultancy services for government and industry. Published on Monday 01 Jun 2015 New Certified Cyber Security Consultancy The newsletter describes the new scheme in detail, including proposed membership requirements, benefits and fees. Published on Tuesday 19 May 2015 New guidance on securing Industrial Control Systems New ICS guidance has been released by CPNI and CESG. Published on Monday 18 May 2015 More Items GCHQ Certified Masters Degrees - Calling Notice Academic Briefing Event 14th January 2015 GCHQ Certified Master's Degrees - Calling Notice Academic Briefing Event 14th January 2015 Published on Monday 08 Dec 2014 IA Practitioners' Event - York Racecourse 2015 Agile IA: Breaking the Chains and Responding to Change - Call for Speakers Published on Wednesday 26 Nov 2014 ACE-CSR Annual Conference 2014
Attack Vector Hack and / - Password Cracking with GPUs, Part I: the Setup Bitcoin mining is so last year. Put your expensive GPU to use cracking passwords. When the Bitcoin mining craze hit its peak, I felt the tug to join this new community and make some easy money. Then Bitcoin tanked. Legitimate Reasons to Crack Passwords Before I get started, let's admit that there are some pretty shady reasons to crack passwords. That said, like with lock picking, there are legitimate reasons to crack passwords, particularly for a sysadmin or Webmaster: Test local users' password strength. In fact, many Linux systems will run a basic dictionary attack when you change your password to evaluate how weak it is. An Introduction to Password Hashes Password hashes were created to solve a particularly tricky problem. When you log in to a Linux system, the password you enter gets converted into a hash with the same algorithm originally used when you first set your password. How Password Cracking Works On a very basic level, password cracking works much like a regular login.
Cain & Abel Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users. The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks.
Is Security Awareness a Waste of Time? How do you know what devices are accessing your network? How do you detect a rogue device? What can you do to prevent a threat in your network and minimize the risk? With workforce mobility, bring your own device (BYOD) into the workplace, and guest access into your network, enterprises are realizing how important it is to track and monitor who and what is accessing the network. The panelists will look at how Network Access Control (NAC) or Endpoint Visibility, Access, and Security (EVAS) is being implemented by enterprises worldwide to address network security while continuing to support current infrastructure and the expanding mobile workforce. Topics of discussion will include: How to gain complete network visibility and control of all network devices from a cost effective, centralized deployment How to manage endpoints and deal with BYOD, Rouge Devices, and Corporate Mobile devices
SpiderLabs Anterior