Blog
mimikatz: Tool To Recover Cleartext Passwords From Lsass
Tuesday, December 20th, 2011
I meant to blog about this a while ago, but never got round to it. Here’s a brief post about very cool feature of a tool called mimikatz. I’m very grateful to the tool’s author for bringing it to my attention. Until that point, I didn’t realise it was possible to recover the cleartext passwords [...]
Posted in: Blog
The Science of Safely Finding an Unused IP Address
Sunday, October 2nd, 2011
During pentests you’re often allocated an IP by the client or can get one via DHCP. There are times, however when the client might expect you find a free IP on your own. Or you might want to check that the client hasn’t assigned you an IP address that’s already in use. I’m sure we’ve [...]
Tags: ipstackquirks
Posted in: Blog
“Hackers for Charity” Needs You
Saturday, September 3rd, 2011
This is a quick post to draw attention to the request for donations from Hackers for Charity. They need to raise about 785 USD / month to fund the good work they’re doing in Uganda. Netsparker recently tweeted that they’re donating 785 USD. Rapid7 are giving 5000 USD. There are many more on the Donate [...]
Posted in: Blog
Exploiting A Tricky SQL Injection With sqlmap
Sunday, August 21st, 2011
Like many pentesters, I’m a fan of sqlmap. It’s often the first and last tool I reach for when exploiting boolean or time-based SQL injection vulnerabilities. I wanted to briefly document a slightly tricky SQL injection issue I encountered recently and a few of the sqlmap features that impressed me most. I initially noticed that [...]
Tags: pentest, sqlmap
Posted in: Blog
The Ultimate Unix Cheat Sheet
Sunday, August 14th, 2011
I just stumbled across Rosetta Stone for Unix, a brilliant page that lists how to do a large number of tasks in a variety of unix-like operating systems. I wish I’d found this years ago. It should be very handy for pentesting or auditing those less familiar unix flavours. I’ll definitely taking a copy with [...]
Tags: audit, cheatsheet, unix
Posted in: Blog
New Web Application Scanner: Netsparker
Saturday, December 12th, 2009
I’ve been involved in the beta testing of Netsparker for some time now. Now that it’s publicly available, I wanted to write a brief blog post to recommend that you try it out… If you can’t be bothered reading this post, make sure you at least check out the videos of Netsparker in action (particularly [...]
Tags: netsparker, pentest
Posted in: Blog
Cross-Site Request Forgery For POST Requests With An XML Body
Sunday, December 6th, 2009
I recently had cause to create a proof-of-concept for a site that seemed to be vulnerable to Cross-Site Request Forgery (CSRF). I say “seemed” because there was no CSRF protection, but I was finding the XML POST body really hard to forge (It was a SOAP / XMLRPC type request). Eventually Sid from notsosecure.com pointed [...]
Tags: csrf, pentest
Posted in: Blog
exploit-suggester Update: v0.3
Saturday, December 20th, 2008
Minor update to exploit suggester. It now suggests the raptor sploits for Netscape Portable Runtime vulnerability. Download it here.
Tags: exploit-suggester, pentest
Posted in: Blog
YaptestFE Update: v1.1
Wednesday, November 26th, 2008
Version 1.1 of the Yaptest Frontend is now available. Download it here. There are three main improvements to the interface: The “Ports” page now displays Nmap version and service information when it’s available. The “Windows Info” page displays a list of Windows hosts along with various information about each: Domain name, whether the host is [...]
Tags: pentest, yaptestfe
Posted in: Blog
Yaptest Update: v0.2.1
Wednesday, November 26th, 2008
Version 0.2.1 of yaptest is now available. Download it here. This is quite a major update. The most notable improvements are support for running Nessus and/or OpenVAS. At present Nessus and OpenVAS are automatically run against any open ports with Safe Checks enabled. As with any major update one or two bugs might have crept [...]
Tags: pentest, yaptest
Posted in: Blog
Categories
- Blog (78)
- Cheat Sheets (10)
- Shells (1)
- SQL Injection (7)
- Contact (2)
- Site News (3)
- Tools (17)
- Audit (3)
- Misc (7)
- User Enumeration (4)
- Web Shells (3)
- Uncategorized (3)
- Yaptest (15)
- Front End (1)
- Installing (2)
- Overview (2)
- Using (8)