Yaptest Update: v0.2.1
Version 0.2.1 of yaptest is now available. Download it here. This is quite a major update. The most notable improvements are support for running Nessus and/or OpenVAS. At present Nessus and OpenVAS...
View ArticleYaptestFE Update: v1.1
Version 1.1 of the Yaptest Frontend is now available. Download it here. There are three main improvements to the interface: The “Ports” page now displays Nmap version and service information when it’s...
View Articleexploit-suggester Update: v0.3
Minor update to exploit suggester. It now suggests the raptor sploits for Netscape Portable Runtime vulnerability. Download it here.
View ArticleCross-Site Request Forgery For POST Requests With An XML Body
I recently had cause to create a proof-of-concept for a site that seemed to be vulnerable to Cross-Site Request Forgery (CSRF). I say “seemed” because there was no CSRF protection, but I was finding...
View ArticleClik here to view.
New Web Application Scanner: Netsparker
I’ve been involved in the beta testing of Netsparker for some time now. Now that it’s publicly available, I wanted to write a brief blog post to recommend that you try it out… If you can’t be bothered...
View ArticleThe Ultimate Unix Cheat Sheet
I just stumbled across Rosetta Stone for Unix, a brilliant page that lists how to do a large number of tasks in a variety of unix-like operating systems. I wish I’d found this years ago. It should be...
View ArticleClik here to view.
Exploiting A Tricky SQL Injection With sqlmap
Like many pentesters, I’m a fan of sqlmap. It’s often the first and last tool I reach for when exploiting boolean or time-based SQL injection vulnerabilities. I wanted to briefly document a slightly...
View Article“Hackers for Charity” Needs You
This is a quick post to draw attention to the request for donations from Hackers for Charity. They need to raise about 785 USD / month to fund the good work they’re doing in Uganda. Netsparker recently...
View ArticleThe Science of Safely Finding an Unused IP Address
During pentests you’re often allocated an IP by the client or can get one via DHCP. There are times, however when the client might expect you find a free IP on your own. Or you might want to check that...
View Articlemimikatz: Tool To Recover Cleartext Passwords From Lsass
I meant to blog about this a while ago, but never got round to it. Here’s a brief post about very cool feature of a tool called mimikatz. I’m very grateful to the tool’s author for bringing it to my...
View Article
