Archive by Author

Ubuntu and AntiVirus

January 14, 2012 • Categories: Tools by

Does Ubuntu need anti-virus? This is a question posed by many of the legions of new users who try out Ubuntu Linux everyday. New users dive into Linux booting up the massively popular Ubuntu Linux. Now for a quick background check; Ubuntu is stable, easy to use and a rock solid desktop. I have been [...]

0 Comments

SQL Injection Recap

January 6, 2012 • Categories: Security Breaches by

During the Christmas break the Internet Storm Center had good coverage on the latest MSSQL based sql injection worm that appears to have infected over 1 million Microsoft based web pages. Recall back in November last year when we published a history of sql injection attacks, and followed that up with a sql injection tutorial. [...]

0 Comments

Top 100K Sites WordPress Usage Infographic

August 22, 2011 • Categories: Site Updates by

WordPress.org have a post up detailing the “state of the word”. Around the same time we have been putting a wordpress infographic that highlights some of the findings from our analysis of wordpress usage among the top 100K sites (as rated by Alexa). WordPress Usage in the Top 100K Infographic

1 Comment

SQL Injection Scanner List

July 22, 2011 • Categories: Tools by

Coresec.org has an excellent summary of the wide range of SQL Injection scanning tools available from detection to automated exploitation and shells on a plate. Hit the link for the full list – SQL Injection Scanners

1 Comment

Security Testing WordPress

July 19, 2011 • Categories: Tools by

A couple of wordpress security assessment tools have popped up over the past couple of months, this has to be a good thing with the number of WordPress installations sky-rocketing. First of course there is the HackerTarget.com scan, externally facing and coming in at a fairly high level. The system downloads some of your pages, [...]

0 Comments

Backdoor Corporate Networks with Metasploit

Backdoor Corporate Networks with Metasploit

July 15, 2011 • Categories: Security News, Tools by

HD Moore recently announced a new post exploitation tool offering Meterpreter sessions over HTTPS (HTTP) that will traverse the corporate proxy. Variations on this have been available previously but have been for a number of reasons been not so stable. Let’s first look at a common locked down Corporate Network. Then we will show how [...]

0 Comments

Winter Updates

July 13, 2011 • Categories: Site Updates by

Being mid-winter down here in Sydney, its been a time to hunker down and drink copious amounts of coffee. While doing that we have also pushed out many changes and updates to the scanning system and site. If you find any bugs, drop us a line.

0 Comments

Data Breaches Visualized

July 11, 2011 • Categories: Security Breaches by

Nathan from Flowing data has put together an excellent graphical representation of the largest data breaches of all time. Data was sourced from Dataloss DB. Sony has been having all sorts of data breach problems lately — namely a million passwords from the Sony Pictures site, 77 million accounts from the PlayStation Network, and nearly [...]

0 Comments

Hydra 6.4 Password Brute Forcer

June 16, 2011 • Categories: Tools by

The latest version of Hydra has been released with some bug fixes. Problems noted in my post comparing hydra with ncrack and medusa have been addressed and after testing I can confirm these issues are no longer present. CHANGELOG for 6.4 ================= * Update SIP module to extract and use external IP addr return from [...]

2 Comments

Installing OpenVas 4.0 on Ubuntu 10.04

June 3, 2011 • Categories: Tools by

OpenVas 4.0 was released at the end of March, I have been busy and have not had a chance to fire up the production release. Today I built it from source using one of my test VPS servers. What follows is a quick summary of the process. I think I covered all the steps, however [...]

3 Comments

Older Entries »