Browser Exploitation with Metasploit and Ettercap
This is my first video tutorial so be kind. The purpose of this video tutorial is to demonstrate browser exploitation during pentesting. The use of Ettercap helps us to force the user to our attack...
View ArticleForensics Links
I had been working this week on a tutorial involving Memoryze and an image of the volatile memory from a Windows 2003 Server captured with Mantech’s MDD. However, when looking around I found an article...
View ArticleMandiant Audit Viewer for Memoryze
Last time I posted links to resources for memory acquisition/analysis and data recovery. Memoryze was mentioned, and it is a very good open source, command line tool for acquiring and analyzing...
View ArticleNcat – Bypassing the Firewall
In the above diagram, I have illustrated a common DMZ setup with one web server in the DMZ and one internal MySQL database server on the protected network. We will say for arguments sake that the Web...
View ArticleNetwork Forensics Puzzle Contest
A few months ago, I submitted an answer to the SANS Network Forensics Puzzle Contest. I have been waiting for them to post the results before I posted my submission to the blog. They have recently...
View ArticleLouisville InfoSec CTF Event – 2nd Place
Image from http://www.louisvilleinfosec.com On October 8th, I attended the 7th Annual Louisville InfoSec Conference @ Churchill Downs in Louisville, KY. During the conference I participated in the 1st...
View ArticleProgress of US CyberSecurity Program in the past 6 years
How is the progress of US CyberSecurity Program in the past 6 years? GAO just issued a report on 7/25/2011 on “DOD Faces Challenges In Its Cyber Activities” (http://www.gao.gov/new.items/d1175.pdf)....
View ArticleSome problems I see in addition to CyberSecurity in US Gov.
Some problems I see in addition to CyberSecurity How would terrorist organizations target and recruit talents they really need? Look at Monster or Linkedin and see who listed themselves with Top Secret...
View ArticleWill major hacking attacks hide behind the next “Solar Flare”…
Will major hacking attacks hide behind the next “Solar Flare”… We just had a solar flare event a few days ago: http://www.pcmag.com/article2/0,2817,2390826,00.asp Solar Flare, if NASA is right on their...
View ArticleNashville InfoSec 2011 CTF
Those in the Nashville, TN area who are planning on attending Nashville InfoSec 2011 should consider attending the Capture-The-Flag event there this year. My colleague and I have been working on it...
View Article
More Pages to Explore .....