WPA2 security hole discovered

Monday, July 26th, 2010

Security experts at AirTight Networks have discovered a hole in the WPA2 Wi-Fi security protocol. The security hole was named as Hole 196 after the number of the relevant page in the IEEE 802.11 (2007) standard document:. Right at the bottom of this page, the IEEE introduces the keys used ...

NMAP 5 Cheatsheet

Tuesday, February 23rd, 2010

Here's a nice little cheatsheet for NMAP 5 making it's rounds today on the internet: http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf Very handy.

Taking Screenshots Of The Victim’s Computer With Metasploit

Saturday, January 30th, 2010

Here's a quick example of grabbing a screenshot of a compromised system using meterpreter's espia module.  Start with a basic exploit to gain a meterpreter session.  You'll need to make sure you migrate to a process that has access to Active Desktop or else you will get nothing but blank ...

Using Metasploit’s Incognito To Impersonate User Tokens

Saturday, January 30th, 2010

I just wanted to show a quick example of using Incognito to impersonate user tokens on a compromised system.  You can think of tokens as a web "cookie" which is just an object that holds your security information for the entire login process so that you don't have to re-authenticate ...

Bing Web Server Probe

Thursday, January 28th, 2010

This is a tool for security researchers. It allows you to search for either an IP address or a DNS name and display all associated domain names known to Bing. Download: http://bingprobe.codeplex.com/