[Review] Pentesting With BackTrack (PWB) & Offensive Security Certified Professional (OSCP)
The views and opinions expressed on this site are those of the author. Any claim, statistic, quote or other representation about a product or service should be verified with the seller, manufacturer or provider. Up until a month or so ago, everything I've learnt was done by using various free resources online. Last month however, I became an "offsec" student. I enrolled on the "Pentesting with BackTrack" (PWB) course, currently version 3 (syllabus). I wanted to do it for a few reasons:The challenge. We all learn differently and do so at different speeds. After looking at the syllabus, I set myself the goal of "getting into the admin network". In the last couple of days of lab time, I was ready to throw in the towel. My next mistake was to book the exam so soon after the Lab time ended. I should of known better than to go into an exam feeling so tired. There were a few "starting" problems to begin with - but there was an admin on hand in the IRC channel (as there seems to always be!)
rtl-sdr.com - RTL-SDR (RTL2832U) and software defined radio news and projects. Also featuring Airspy, HackRF, FCD and more.
Vulnserver
Originally introduced here , Vulnserver is a Windows based threaded TCP server application that is designed to be exploited. The program is intended to be used as a learning tool to teach about the process of software exploitation, as well as a good victim program for testing new exploitation techniques and shellcode. What’s included? The download package includes the usual explanatory text files, source code for the application as well as pre compiled binaries for vulnserver.exe and its companion dll file. Running Vulnserver To run vulnserver, make sure the companion dll file essfunc.dll is somewhere within the systems dll path (keeping it in the same directory as vulnserver.exe is usually sufficient), and simply open the vulnserver.exe executable. The program supports no other command line options. Is there anything to be aware of when I run Vulnserver? Vulnserver doesn't actually do anything other than allow exploitation - there is no useful functionality. Exploiting Vulnserver
Infections par supports amovibles
Ce billet commence à être obsolète, je vous invite à consulter la mise à jour disponible sur ce lien. Les infections se propageant par les supports amovibles : USB, Flash, etc. Note : un post synthétique est disponible ici. De quoi s'agit-il ? La nature même de ces infections est classiqueAdobeR.exe, Ravmon.exe, Copy.exe, Host.exe, Svchost.exe, etc.Tous ces noms vous évoquent quelque chose ? Vers disques amovibles[/list]Il est proposé des méthodes de désinfection en autonomie complète. , mais de reformuler autrement ce qui a déja été dit afin mieux saisir pour ceux qui n'auraient pas compris, et donner quelques astuces personnelles (cliquez sur la roue dentée) : Infection sur disques amovibles[/list] Schéma de propagationUn schéma vous permettra d'y voir plus clair. Explications. Suivant les variantes, ces fichiers ne sont pas les mêmes, mais il y aura presque systématiquement un fichier Autorun.inf qui est ce qui lui permettra de se propager et qui fera l'objet de toute notre attention.
Main Page
Hidden Wiki - HiddenWiki.org
Update - Comment cracker un mot de passe windows
Il y a quelques temps j'ai fait un screencast sur Youtube, où je présentais comment cracker un mot de passe windows avec Offline Empty Password Registry Editor. Valable pour la série, windows XP/Vista et 7. Depuis, la vidéo tourne bien et Romain, lecteur du blog, m'a contacté pour me dire que le soft était maintenant compatible windows 10. Du coup, pour tous ceux qui ont la mémoire qui flanche au moment de rentrer leurs mdp, je vous propose un petit flashback. J'avais réalisé l'opération sous windows 7 mais son utilisation ne change pas pour les versions windows 8 et windows 10. kiss ;) Rejoignez les 60094 korbenautes et réveillez le bidouilleur qui est en vous Suivez KorbenUn jour ça vous sauvera la vie..
Gibberbot: Free Secure Chat
Free unlimited messaging with your friends over Facebook Chat, Google Chat & more! Works with Android, iPhone, Mac, Linux or PC. PC Mag “100 Best Android Apps of 2013.” ★ COMPLETELY FREE, UNLIMITED MESSAGING: No charges, ever. Chat all day with your friends across the street or across the ocean. ★ CHAT WITH ANYONE, ANYWHERE: Chat with your friends on Google Chat (GChat), Facebook Chat, VKontakte, Yandex, Hyves, Odnoklassniki, StudiVZ, Livejournal, Jabber, and more! ★ WORKS ON EVERY PLATFORM: Android with Gibberbot, iPhone with ChatSecure, Mac with Adium, Linux with Jitsi, Windows with Pidgin, and more! ★ UNBEATABLE PRIVACY: We keep your messages 100% private using state of the art Off-The-Record (OTR) encryption. Don’t see your language? ***Disclaimer*** The Guardian Project makes apps that are designed to protect your security and anonymity.
Blocking Unwanted Parasites with a Hosts File
What it does ... You can use a modified HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers and possibly unwanted programs. This is accomplished by blocking the connection(s) that supplies these little gems. The Hosts file is loaded into memory (cache) at startup, so there is no need to turn on, adjust or change any settings with the exception of the DNS Client service (see below). Example - the following entry 0.0.0.0 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. Using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. In case you're wondering ... this all happens in microseconds, which is much faster than trying to fetch a file from half way around the world. Special Note: new Windows 10 users ... the MVPS Hosts file installs just fine, no need to make any changes. Important!
