Information security articles related to Backtrack Linux, information gathering, Windows, exploitation tools, OSX, reverse engineering, Ubuntu, maintaining access, CentOS, vulnerability assessments, etc.
Awhile back purehate and myself started writing articles related to Backtrack in an attempt to write a single article about each application available within Backtrack 4. Things came up and we never accomplished that goal so here we go again with a second attempt to write a single article for every Backtrack application. If you…
As you know we think that oclHashcat is one of the best password crackers available and along with Hashcat and John The Ripper are pretty much the only password crackers we use at this point. Earlier someone asked me to crack some OpenLDAP hashes which come in SHA and SSHA format and the below example…
If you are working with multiple Nexpose vulnerability scanners it makes sense to want to generate a bunch of Nexpose Scan Templates on one Nexpose Seurity Console and distribute to a bunch of other Nexpose Security Console’s. There is not much documentation I could find on doing this so luckily it is fairly easy. Follow…
Most people will likely find this on their own but since I couldn’t find a specific restart button within the Nexpose Security Console web interface I figured it would be worth noting in a short article. The below details describe how to restart the Nexpose Security Console via the Nexpose Security Console web interface.
Today I was having a discussion regarding wordlist size, the calculation to come up with the specific size the wordlist would be once generated, and various other items revolving around password cracking. Somehow the application crunch came up which in the past has been used to generate wordlists however its fairly slow compared to other…
Recently I needed to configure a solution for remote desktop on a Linux server. I decided to give XRDP a shot which uses TigerVNC Server by forwarding the standard RDP port of 3389 to a port VNC is listening on. The end result is to set up a SSH tunnel that forwards local port 3389…
In the past we have written a couple articles on using tshark to strip WPA capture files down to a specific ESSID or SSID but in some cases it can be more useful to strip the capture down by BSSID or MAC address of the WAP. Isolating packets by BSSID or WAP MAC address is…
If you are not hip to pfSense I suggest you check it out. It is an open source firewall that is making waves in InfoSec. The pfSense guys have a great howto for configuring IPSec VPN on the pfSense firewall as well as making connections via a freeware Windows IPSec VPN client called Shrew Soft…
Not sure if Fortinet makes it impossible to find the FortiClient SSL VPN application for Mac OSX on purpose or not but it appears to be free for the simple client version so I wanted to provide a location to download the client easily. On Windows you can bring up Internet Explorer and make a…
Well, I run with psymera a CTF game and we are constantly adding new VMWare machines and new tests just to keep on playing and not get bored. As part of a internal training where I work I started to create some videos on how to use SQLMap (I promise to upload here shortly in…