Maintaining a website can be a large task. On the security side of the day to day tasks for the site you usually patch the web server and check the logs for potential issues. There are many automated tools that are out there scanning the internet for vulnerable web servers to compromise. Typically a compromised web server is turned into a spam serving server. What about your web application that you use to serve your content? Can you trust that it does not allow the attacker access to your web server? This is where w3af comes in. w3af attempts to find vulnerabilities in your web application using known attack methods. Continue reading
Penetration Testing… What is it? To most companies, that either choose or are forced to get one, the image of Uber-hackers defiling their business critical systems comes to mind. Yes, an Uber-hacker should be expected but this isn’t always the case. There are a number of disreputable firms out there that run a Nessus scan on your network and give you a pretty report and call it a pentest. This is where the PTES comes in. It is the goal of the PTES to create a standard for both Pentesters and businesses to follow/expect from a security audit or pentest. This in turn increases the quality of a pentest. Visit PTES and check out the massive amount of information on how to carry out a true and thorough pentest.
Netcat has been called the TCP/IP swiss army knife and rightfully so. It can act as a service by listening for a connection, a client and connect to open ports, a port scanner, a tool used to fingerprint a connectable service, and much more. In this article I will touch on handful of these abilities.
Continue reading →
So you have done some recon on your potential target and now you are on the exploitation phase of your pentest. Metasploit can connect to a database to keep track of the recon you collected on your targets. You can import an xml report from your Nmap scan or you can use the db_nmap command in Metasploit. That is jumping the gun a little. We will first need to bring up Metasploit and then create a database connection to your database of choice. All examples and commands will be done through Backtrack 4 R2. Continue reading →
Nmap was created by Gordon “Fyodor” Lyon. Nmap is an extremely versatile network scanning tool. It has a vast user base from System Administrators to Penetration Testers to malicious hackers. In this article I hope to get you, the reader, more comfortable with using Nmap as well as inspire you to really check out this tool a little more in depth. We will go over scanning a local network to see what targets are available as well as issues you may run into with newer operating systems. We will also go over detecting open ports and how to detect the services that are running on them. Check out the Nmap website, Nmap.org, for examples and a higher level look at this great tool. Continue reading →
Cree.py is an interesting and simple to use program that highlights the dangers of using geolocation while using social networking. All that is needed is a target’s twitter account or flicker account username and you can map out their movements based on the time and location of their tweet or image.