Welcome to The Professional Security Testers Warehouse for the GPEN GSEC GCIH GREM CEH QISP Q/ISP OPST CPTS
Search
Nickname Password Security Code Security Code Type Security Code  
Penetration Testing the way it was meant to be
You are certified but are your qualified? Become qualified today.

Video Library

Skimming for ID theft
5 / 2
Views: 179
Comments: 1
11-01-2008 00:18

Latest version of ATM skimmer hidden behind a speaker looking device
5 / 2
Views: 193
Comments: 0
11-01-2008 00:11

ATM Scam, do check your ATM machine before using it
5 / 1
Views: 180
Comments: 1
10-31-2008 23:59

CyberSecurity NBISE

Forums Posts

Methodologies

Recommended PodCasts

Recommended Sites

Security Blogs

Security Forums

Best Downloads

Best Web Links

Survey

Whic of the following certifications would you like to get?

GPEN
GCIH
CEH
QEH
GREM
GSEC
CISSP
Security+
Other (please leave a comment)



Results
Polls

Votes: 218
Comments: 0

Who's Online

There are currently, 66 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
The CCCure Family of Portals is strictly supported by our Sponsors below and Donations.

Core Impact your compliance best friend

Home of CORE Impact
Click Here to visit.

Leo Impact The Secrets of Hacking

 CLICK HERE
to get more details

FITSP the Federal Government Certification

 CLICK HERE
to get more details

Clement, Nathalie, and Alain the Portals administrators wishes you a warm welcome.


Great supplements to help you reach your certification goals


I am in need of good question writers
Posted by cdupuis on Friday, 03 September 2010 @ 22:34:02 EDT (53 reads)
Topic Quiz

Good day to all,

I am in dire need of good question writer who can produce some of the new scenario based questions that have been showing up on the CISSP exam. It is the new type that present a large scenario (a paragraph or a few) and then ask you a few questions related to that scenario.

I would also need help from people who are CEH to develop questions for that certification as well. Those are the same style as we have in the quiz engine right now.

If you are interested I would like you to contact me at:
Clement [dot]Dupuis[at]Gmail[dot]com

As you know me, I prefer quality over quantity. Even if you can commit only to writing a few question it is fine. I prefer a few that really tests skills and knowledge than a whole bunch of bad ones.

Please send me an email and tell me if you are willing to write question for the CEH or the CISSP Scenario based questions and how much you would like to be paid per question.

Thanks in advance

Clement

(Read More... | Score: 0)


2nd. OWASP Ibero-American Web-Applications Security conference 2010 (IBWAS 10)
Posted by cdupuis on Friday, 03 September 2010 @ 14:32:58 EDT (71 reads)
Topic Training

2nd. OWASP Ibero-American Web-Applications Security conference 2010 (IBWAS’10)
ISCTE – Lisbon University Institute
25th – 26th November 2010
Lisboa, Portugal
http://www.ibwas.com

Call for Papers

Introduction
There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use.
As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core.
This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.

Conference Topics
Suggested topics for papers submission include (but are not limited to):
• Secure application development
• Security of service oriented architectures
• Security of development frameworks
• Threat modelling of web applications
• Cloud computing security
• Web applications vulnerabilities and analysis (code review, pen-test, static analysis etc.)
• Metrics for application security
• Countermeasures for web application vulnerabilities
• Secure coding techniques
• Platform or language security features that help secure web applications
• Secure database usage in web applications
• Access control in web applications
• Web services security
• Browser security
• Privacy in web applications
• Standards, certifications and security evaluation criteria for web applications
• Application security awareness and education
• Security for the mobile web
• Attacks and Vulnerability Exploitation

Paper Submission Instructions
Authors should submit an original paper in English, carefully checked for correct grammar and spelling, using the on-line submission procedure (http://www.easychair.org/conferences/?conf=ibwas10). Please check the paper formats so you may be aware of the accepted paper page limits (12 pages, in accordance to a supplied template: ftp://ftp.springer.de/pub/tex/latex/llncs/word/LNCS-Office2007.zip).
The guidelines for paper formatting provided at the conference web site must be strictly used for all submitted papers. The submission format is the same as the camera-ready format. Please check and carefully follow the instructions and templates provided.
Each paper should clearly indicate the nature of its technical/scientific contribution, and the problems, domains or environments to which it is applicable.
Papers that are out of the conference scope or contain any form of plagiarism will be rejected without reviews.
Remarks about the on-line submission procedure:
1. A "double-blind" paper evaluation method will be used. To facilitate that, the authors are kindly requested to produce and provide the paper, WITHOUT any reference to any of the authors. This means that is necessary to remove the author’s personal details, the acknowledgements section and any reference that may disclose the authors identity
2. Papers in ODF, PDF, DOC, DOCX or RTF format are accepted
3. The web submission procedure automatically sends an acknowledgement, by e-mail, to the contact author.

Paper submission types

Regular Paper Submission
A regular paper presents a work where the research is completed or almost finished. It does not necessary means that the acceptance is as a full paper. It may be accepted as a "full paper" (30 min. oral presentation), a "short paper" (15 min. oral presentation) or a "poster".
Position Paper Submission
A position paper presents an arguable opinion about an issue. The goal of a position paper is to convince the audience that your opinion is valid and worth listening to, without the need to present completed research work and/or validated results. It is, nevertheless, important to support your argument with evidence to ensure the validity of your claims. A position paper may be a short report and discussion of ideas, facts, situations, methods, procedures or results of scientific research (bibliographic, experimental, theoretical, or other) focused on one of the conference topic areas. The acceptance of a position paper is restricted to the categories of "short paper" or "poster", i.e. a position paper is not a candidate to acceptance as "full paper".

Camera-ready
After the reviewing process is completed, the contact author (the author who submits the paper) of each paper will be notified of the result, by e-mail. The authors are required to follow the reviews in order to improve their paper before the camera-ready submission.

Publications
All accepted papers will be published in the conference proceedings, under an ISBN reference. Conference proceedings will be published by Springer in the Communications in Computer and Information Science (CCIS) series.

Web-site:  http://www.ibwas.com

Secretariat:  E-mail: secretariat@ibwas.com

Important Dates
Submission of papers and all other contributions due: 8th October 2010
Notification of acceptance: 22nd October 2010
Camera-ready version of accepted contributions: 29th October 2010
Conference: 25th – 26th November 2010

Conference Chairs
Vicente Aguilera Días, Internet Security Auditors, OWASP Spain, Spain
Carlos Serrão, ISCTE-IUL Instituto Universitário de Lisboa, OWASP Portugal, Portugal

Organization Committee
Fabio Cerullo, OWASP Global Education Committee, Ireland
Dinis Cruz, OWASP Board Member, UK
Paulo Coimbra, OWASP Project Manager, UK
Miguel Correia, Universidade de Lisboa, Portugal
Paulo Sousa, Universidade de Lisboa, Portugal
Lucas C. Ferreira, Câmara dos Deputados, Brasil
Arturo Busleiman, OWASP Argentina, Argentina
Martin Tartarelli, OWASP Argentina, Argentina
Paulo Querido, Portugal

Conference Program Committee
André Zúquete, Universidade De Aveiro, Portugal
Candelaria Hernández-Goya, Universidad De La Laguna, Spain
Carlos Costa, Universidade De Aveiro, Portugal
Carlos Ribeiro, Instituto Superior Técnico, Portugal
Eduardo Neves, OWASP Education Committee, OWASP Brazil, Brazil
Francesc Rovirosa i Raduà, Universitat Oberta de Catalunya (UOC), Spain
Gonzalo Álvarez Marañón, Consejo Superior de Investigaciones Científicas (CSIC), Spain
Isaac Agudo, University of Malaga, Spain
Jaime Delgado, Universitat Politecnica De Catalunya, Spain
Javier Hernando, Universitat Politecnica De Catalunya, Spain
Javier Rodríguez Saeta, Herta Security, Spain
Joaquim Castro Ferreira, Universidade de Lisboa, Portugal
Joaquim Marques, Instituto Politécnico de Castelo Branco, Portugal
Jorge Dávila Muro, Universidad Politécnica de Madrid (UPM), Spain
Jorge E. López de Vergara, Universidad Autónoma de Madrid, Spain
José Carlos Metrôlho, Instituto Politécnico de Castelo Branco, Portugal
José Luis Oliveira, Universidade De Aveiro, Portugal
Kuai Hinojosa, OWASP Global Education Committee, New York University, United States
Leonardo Chiariglione, Cedeo, Italy
Leonardo Lemes, Unisinos, Brasil
Manuel Sequeira, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Marco Vieira, Universidade de Coimbra, Portugal
Mariemma I. Yagüe, University of Málaga, Spain
Miguel Correia, Universidade de Lisboa, Portugal
Miguel Dias, Microsoft, Portugal
Nuno Neves, Universidade de Lisboa, Portugal
Osvaldo Santos, Instituto Politécnico de Castelo Branco, Portugal
Panos Kudumakis, Queen Mary University of London, United Kingdom
Paulo Sousa, Universidade de Lisboa, Portugal
Rodrigo Roman, University of Malaga, Spain
Rui Cruz, Instituto Superior Técnico, Portugal
Rui Marinheiro, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Sérgio Lopes, Universidade do Minho, Portugal
Tiejun Huang, Pekin University, China
Víctor Villagrá, Universidad Politécnica de Madrid (UPM), Spain
Vitor Filipe, Universidade de Trás-os-Montes e Alto Douro, Portugal
Vitor Santos, Microsoft, Portugal
Vitor Torres, Universitat Pompeu Fabra, Spain
Wagner Elias, OWASP Brazil Chapter Leader, Brazil

(Read More... | Score: 0)


New NBISE Cyber Security Certifications will set HIGH BAR for Security Pros
Posted by cdupuis on Thursday, 02 September 2010 @ 10:20:22 EDT (125 reads)
Topic NBISE

As seen Published on threatpost (http://threatpost.com):

New Cyber Security Certifications from NBISE Will Set High Bar for IT Security Pros

By Paul Roberts
Created 08/05/2010 - 9:53am

National Board of Information Security Examiners

[1]A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation.

The National Board of Information Security Examiners (NBISE) [2] is a new, not-for-profit corporation headed by former NERC (North American Electric Reliability Corporation) CSO Mike Assante and overseen by a board of luminaries in the world of information security and critical infrastructure.  The group will be designing certification exams to test the knowledge, practical skill and professionalism of IT security practitioners, with an eye to weeding out the information technology world’s equivalent of quacks and hucksters.

The new tests are designed to supplant a hodge podge of private and industry certifications for IT security practitioners, including the CISSP and certificate programs run by the SANS Institute and other industry and private groups. NBISE claims that too many of those tests test knowledge, rather than hands-on skills required of practitioners.

“This is about a higher level of testing,” said NBISE Director and SANS Institute Director of Research Alan Paller. “Its about having confidence that the person you hired doesn’t just know the answer, but can do the job.”

NBISE Chief Operating Officer Kelly Ziegler likens the exams to those required by the National Board of Medical Examiners for aspiring physicians.

Paller said that the group is working with top practitioners in a variety of disciplines to design exams that test practical knowledge, not just book knowledge. Scenario testing – akin to the now famous “Capture the Flag” tournaments at DEFCON and other hacking conferences -- will be an important component of the NBISE exams, he said.

“If you look at (penetration) testing, you can have multiple choice questions about the correct approach when pen testing, but that’s very different than having an actual set of systems and having to find a flag, rather than just answer questions about how to find it,” Paller said.

NBISE plans to release its first exam in the next 30 days. That test will be an adaptation of the UK’s Council of Registered Ethical Security Testers (CREST) [3] exam for penetration testing. The group is working with the UK government’s CESG – the British equivalent of the U.S.’s National Security Agency – to adapt that exam for use in North America, according to Ziegler.

In other areas, such as the operation of control systems and secure coding, computer forensics and incident response and handling, NBISE is forming national boards of experts to get to work developing exams. The group is also being advised by the National Board of Medical Examiners on ways to devise certification exams that test practical knowledge.

Paller said the new emphasis on certification is a response to an aching skills gap in the IT security space [4]. That gap has been underscored by a series of studies and reports that have pointed to the need to develop IT security expertise within the public and private sectors. Most recently, in June, the Center for Strategic and International Studies issued a report warning of a “human capital crisis” in cyber security.

Paller said that the profusion of different certifications has allowed legions of poorly trained IT professionals to falsely claim expertise in cyber security. Often, their lack of training only becomes evident once they’ve been hired.  

NBISE will also provide more focused instruction than initiatives like the U.S. Departments of Defense’s Directive 8570 (DOD 8570), which provides training and certification guidance for government employees who work in Information Assurance, but give employees a menu of different certifications to choose from in fulfilling the directive, say NBISE organizers.

The NBISE exams, once instituted, will serve as a threshold exam for work in areas like government and financial services, separating those with technical knowledge of a subject from those with both knowledge and hands on experience to perform a job. Paller said that the exams, once adopted, could take business away from certification organizations like The SANS Institute, but that those organizations might merely shift to fulfill a role similar to that of medical schools today: teaching students a body of material and hands on skills necessary to pass the NBISE certification exam.

 

Source URL: http://threatpost.com/en_us/blogs/new-certification-group-aims-set-high-bar-it-security-pros-080510

Links:
[1] http://threatpost.com/en_us/blogs/new-certification-group-aims-set-high-bar-it-security-pros-080510
[2] http://www.nbise.org/
[3] http://www.crest-approved.org/
[4] http://threatpost.com/en_us/blogs/new-cybersecurity-czar-faces-tough-road-060209
[5] http://www.twitter.com/home?status=New Certifications Will Set High Bar for IT Security Pros http://threatpost.com/en_us/c4B

(Read More... | Score: 0)


Insecure Magazine issue 27 has been released
Posted by cdupuis on Wednesday, 01 September 2010 @ 20:25:19 EDT (101 reads)
Topic Insecure Magazine

(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics.

DOWNLOAD ISSUE 27 HERE (September 2010)


Issue 27 has just been released. Download it from:
http://www.insecuremag.com

The covered topics include:

- Review: BlockMaster SafeStick secure USB flash drive
- The devil is in the details: Securing the enterprise against the cloud
- Cybercrime may be on the rise, but authentication evolves to defeat it
- Learning from bruteforcers
- PCI DSS v1.3: Vital to the emerging demand for virtualization and cloud security
- Security testing - the key to software quality
- A brief history of security and the mobile enterprise
- Payment card security: Risk and control assessments
- Security as a process: Does your security team fuzz?
- Book review: Designing Network Security, 2nd Edition
- Intelligent security: Countering sophisticated fraud
____________________________________________________

(IN)SECURE Magazine is supporting the following industry events:

SOURCE Barcelona 2010
Barcelona, Spain, 21-22 September 2010.
Use discount code SOURCEHN10 to get 15% off your ticket price.
http://www.sourceconference.com

Brucon 2010
Brussels, Belgium. 24-25 September 2010.
http://www.brucon.org

InfoSecurity Russia 2010
Moscow, Russia. 17-19 November 2010.
http://www.infosecurityrussia.ru

RSA Conference Europe 2010
London, United Kingdom. 12-14 October 2010.
http://bit.ly/rsa2010eu

__________________________________________________

Visit the (IN)SECURE Magazine web site at:
http://www.insecuremag.com

Subscribe to our RSS feed at:
http://feeds2.feedburner.com/insecuremagazine

Daily security news RSS feed:
http://feeds2.feedburner.com/HelpNetSecurity

Help Net Security on Twitter:
http://twitter.com/helpnetsecurity

Contact:

- For information on contributing to (IN)SECURE Magazine, please contact Chief Editor Mirko Zorz at editor( at )insecuremag.com
- For marketing inquiries do contact Marketing Director Berislav Kucan at marketing( at )insecuremag.com

(Read More... | Score: 0)


nullcon GOA Dwitiya (2.0) The Jugaad (hacking) Conference
Posted by cdupuis on Wednesday, 01 September 2010 @ 09:57:29 EDT (118 reads)
Topic Training

NOTE FROM CLEMENT:

GOA is a magical place with amazing beaches in the North.  You have miles and miles of beaches to yourself.  Not to mention that GOA is a hub for tourism and it is very inexpensive.   A great place at great price,  do entend your stay a bit to visit the area.  February is one of the best month of the year to visit as well.

nullcon Dwitiya (2.0)
The Jugaad(hacking) Conference

nullcon is an initiative by null - The open security community.

Website:  http://nullcon.net

Calling all Jugaadus(hackers)
It's the time of the year when we welcome research done by the community as paper submissions for nullcon.  So, sip your coffee, dust your debuggers, fire your tools, challenge your grey cells and shoot us an email.

Tracks:
---------------
- Bakkar:         1 Hr Talks
- Tez:              5-30 min Talks
- Karyashala:    2-4 Hrs Workshop
- Desi Jugaad    (Local Hack): 1 Hr

Submition Topics:
------------------------------
1. One of the topics of interest to us is "Desi Jugaad"(Local Hack) and has a separate track of it's own. Submissions can be any kind of local hacks that you have worked on (hints: electronic/mechanical meters, automobile hacking,  Hardware, mobile phones, lock-picking, bypassing procedures and processes, etc, Be creative  :-D)

2. The topics pertaining to security and Hacking in the following domains(but not limited to)
- Hardware (ex: RFID, Magnetic Strips, Card Readers, Mobile Devices, Electronic Devices)
- Tools (open source)
- Programming/Software Development
- Networks
- Information Warfare
- Botnets, Malware
- Web
- New attack vectors
- Mobile, VOIP and Telecom
- VM
- Cloud
- Critical Infrastructure
- Satellite
- Wireless
- Forensics
- Cyber Laws

Submission Format:
------------------------------
Email the cfp to: cfp(_at_)nullcon.net
Subject should be: CFP Dwitiya
Email Body:
- Name
- Handle
- Track & Time required
- Paper Title
- Country of residence
- Organization
- Contact no.
- Have you presented/submitted this talk at any other conference(s)?
- Why do you think your paper is different/innovative?
- Brief Profile ( <= 500 Words)
- Paper Abstract ( <= 3000 Words)

NOTE: The Abstract should clearly mention the techniques and hacks in
detail and merely mentioning that it works will not help in
understanding the research to it's full extent.


Important Dates:
------------------------------
CFP End Date:         30th November 2010
Speakers List Online: 10th December 2010
Conference Dates:     25th - 26th February 2011


Venue:
----------------
Goa, India
(Exact Venue TBD)


Speaker Benefits:
------------------------------

--
For Tracks "Bakkar", "Desi Jugaad" and "Karyashala"
1. Free Accommodation for 3 nights
2. Travel (One way or Return depending on the Sponsorships :-) )
3. Free access to the conference.
4. Invitation to Mehfil-E-Mausiqi (null party)

For Track "Tez"
1. Free access to the conference.
2. Invitation to Mehfil-E-Mausiqi (null party)

* Only one speaker will be eligible for the benfits in case there are two or more speakers for a talk.

(comments? | Score: 0)


September issue of Hakin9 magazine: Mobile Malware – the new cyber threat
Posted by cdupuis on Tuesday, 31 August 2010 @ 09:18:46 EDT (351 reads)
Topic Hakin9



Hakin9

September issue of Hakin9 magazine:
Mobile Malware – the new cyber threat

New issue of Hakin9 magazine already available!

Inside:

  • Mobile Malware – the new cyber threat
  • Botnet: The Six Laws And Immerging Command & Control Vectors
  • Hacking Trust Relationships – Part 2
  • Web Malware – Part 2
  • Defeating Layer-2 – A ttacks in VoIP
  • Armoring Malware: Hiding Data within Data
  • Is Anti-virus Dead? The answer is YES. Here’s why…


Download your copy NOW -- Click HERE

Mobile Malware – the new cyber threat
Julian Evans
Mobile phone malware first appeared in June 2004 and it was called Cabir. The mobile-phone features at most risk are text messaging (using social engineering), contacts list, video and buffer overflows. GSM, GPS, Bluetooth, MMS and SMS will indeed be some of the attack vector to expect this year and beyond.

Botnet: The Six Laws And Immerging Command & Control Vectors
Richard C. Batka
New BotNet communication vectors are emerging. The industry is not prepared. For the next 20 years, BotNets will be what viruses were for the last 20.

Hacking Trust Relationships – Part 2
Thomas Wilhelm
This is the second article in a series of six that covers the topic of hacking trust relationships. This article focuses specifically on Vulnerability Identification against a target system, in order to identify and exploit potential trust relationships.

Web Malware – Part 2
Rajdeep Chakraborty
In the previous section of the article Web Malwares (Part 1) we discussed various statistics that showed us the increase of Web Malware activity in recent years and why the focus of Malware authors has changed from creating havoc in the infrastructure to infecting the endpoints for various other henious purpose, we have seen it all. Once we are aware of these facts and figures, in the next section we will look into the technical Details of Web Malwares (Part 2).

Defeating Layer-2 – A ttacks in VoIP
Abhijeet Hatekar
ARP Poisoning and other Layer 2 attacks are present since many decades now and one may think that they are absolute. However, we still see them quite often on the network. The biggest advantage is easy access to sensitive information like passwords, credit card details, phone conversations etc.

Armoring Malware: Hiding Data within Data
Israel Torres
We are receiving malware daily via hundreds of facets that the Internet enables with various services; most common are via e-mail and web surfing. At any one time you can be sitting idly on the ‘net when you are presented with something that could be malicious either overtly or covertly. We’ll play through the scenario of where you’ve discovered a binary on your network and unsure of it’s purpose... and then reveal how it was done.

Is Anti-virus Dead? The answer is YES. Here’s why…
Gary Miliefsky
There have been billions of dollars in damages caused by exploiters on the Internet. These exploiters are intelligent cyber terrorists, criminals and hackers who have a plethora of tools available in their war chest – ranging from spyware, rootkits, trojans, viruses, worms, zombies and botnets to various other blended threats. From old viruses to these new botnets, we can categorize them all as malware.

Hakin9 magazine is also available in German.
Download here

Contacts Us

editors@hakin9.org
Editor-in-Chief
Karolina Lesińska
karolina.lesinska@hakin9.org

(Read More... | Score: 0)


New website announcement - www.itsecdb.com
Posted by cdupuis on Sunday, 29 August 2010 @ 22:02:45 EDT (166 reads)
Topic Vulnerabilities Database

Anonymous writes "Hi all,

As some of you may already know, I am the owner of http://www.cvedetails.com (I hope you already know about it) and I recently decided to add list of related OVAL definitions to CVE details page.

So I created a new web site, http://www.itsecdb.com , which collects OVAL (Open Vulnerability and Assessment Language) definitions from
several sources and allows users to view full details (not only comments) of OVAL definitions.

Using this site you will be able to :
- View exactly what you must do to verify a vulnerability, patch or compliance check.
- Browse OVAL definitions related to files, rpms, registry keys, patches etc.
- View OVAL definitions from several sources like Mitre, Redhat, Suse, NIST etc.
- It's fully integrated with www.cvedetails.com so you will be able to view/browse OVAL definitions related to products or CVE entries.

Samples :
- OVAL definition sample :
http://www.itsecdb.com/oval/definition/oval/org.mitre.oval/def/6253/
- CVE details with list of related OVAL definitions :
http://www.cvedetails.com/cve/CVE-2007-0994/
- Browse objects (files, rpms, patches etc) :
http://www.itsecdb.com/oval/oval-objects-index.php
- Links to OVAL definitions related to a product :
http://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452

Regards
Serkan Özkan
"

(Read More... | Score: 0)


FREE Cisco CCNP TSHOOT Webcast
Posted by cdupuis on Sunday, 29 August 2010 @ 09:29:36 EDT (145 reads)
Topic CISCO

Anonymous writes "

FREE Cisco CCNP TSHOOT Webcast August 31st, 2010 with expert trainer and best-selling Cisco Press author Kevin Wallace, see more info about Kevin and register now at:

hhttp://promo.pearsonitcertification.com/pages/start/plp-webcast-home/index.html?Campaign_Id=262&Activity_Id=212

Kevin Wallace, expert trainer and best-selling author of the CCNP TSHOOT 642-832 Official Certification Guide and Network Troubleshooting Video Mentor, takes you on a tour of a troubleshooting scenario that is typical of what you might see on the CCNP TSHOOT exam. Kevin walks you through an HSRP trouble ticket. You will review the theory of HSRP followed by a live troubleshooting demonstration and concluding with a Q&A session.

Join us for this Free Pearson IT Certification / Cisco Press Webcast to gain unique insight into what you can expect on the CCNP TSHOOT exam!  Register Now. Hope you can attend!

~Jamie

 

Jamie Adams, Senior Publicist

Representing technical brands of Pearson in networking technologies (IP Com, network security, storage), and all certifications including Cisco®, Microsoft and CompTIA.

Office: 317-428-3012

Twitter: @ciscopress, @pearsonitcert, and @jamieadams76

Facebook: facebook.com/ciscopress and other Pearson brands at informit.com/socialconnect.

LinkedIn: www.linkedin.com/in/msjamieadams.

"

(Read More... | Score: 0)


A new advanced security certification from CompTIA -- Fill the survey
Posted by cdupuis on Friday, 27 August 2010 @ 22:09:15 EDT (234 reads)
Topic Security+

Anonymous writes "

A New Advanced Security Certification is on the way!

To Security Professionals – Important Request:

In case you did not know, I am a Founding Member of the CompTIA Security+ Cornerstone Committee.  I am writing this blog to ask if you would complete an important survey because of your expertise in information security. CompTIA is developing a new advanced security certification exam to follow CompTIA Security+ (or equivalent experience) and we are seeking your input on the exam objectives. We hope you’ll appreciate how important your input is to the development of this certification, and ultimately to those who follow you in their security careers.  Personally, I am excited by the cutting-edge objective set of the intended certification:  It is up-to-date and pragmatic.  It includes (speak of the devil) objectives related to:

  • Security and Social Media
  • Virtualized Desktops (VDI)
  • Insider Threat
  • 802.1x
  • Fuzzing
  • And a plethora of deep, technical, scary stuff!

To begin this approximately ten-minute survey, please go here:  https://s-xut5m-345723.sgizmo.com
In appreciation for your time and participation, CompTIA is giving away a CompTIA T-shirt to every 10th person who completes the survey.

CompTIA values your privacy. Results are completely anonymous and the data will only be viewed in the aggregate. Please complete by September 8, 2010.
Thank you very much for your participation.

Please contact research_at_comptia.org if you experience any technical difficulties with the survey.

Go ahead:  support the community and get a free T-Shirt!

Barry Kaufman, CISSP, CEH, MCSE, ITILv3

"

(Read More... | Score: 0)


Air Force Lt. Gen. says: The enemy is banging away at our applications
Posted by cdupuis on Monday, 23 August 2010 @ 08:14:05 EDT (207 reads)
Topic Web Applications Security

Anonymous writes "

by Chuck Paone
66th Air Base Group Public Affairs

8/17/2010 - HANSCOM AIR FORCE BASE, Mass. (AFNS) -- It's critical to find the right balance between the security and utility of an information technology network, the Air Force's chief information officer said here Aug. 13.

Speaking at a Hanscom Representatives Association luncheon, Lt. Gen. William T. Lord described that balancing act as one of "yin and yang," a term from ancient Chinese philosophy that describes the interdependence of seemingly contrary forces.

Security without utility is of little value; and utility without security is far too dangerous, General Lord said.

In harmony, however, the two provide an optimal operating environment, he said.

"We have to be able to put new devices -- shiny new objects, as we're sometimes accused of using -- on a network that doesn't care what the end-user device is," the general said.

The key is to build a network that is flexible and resilient enough to handle whatever it's being used for.

It's also important to protect not only the network, but also the work being done on the Internet, he said, calling for efforts to broaden security concepts.

While network defense used to be focused almost exclusively on building and enhancing firewalls, he said more needs to be done.

"The enemy vector used to be banging away at our firewalls; they're not any longer," General Lord said. "The enemy is banging away at our applications."

"We have over 19,000 (information technology) applications in the Air Force," he said, noting that Electronic Systems Center's IT Center of Excellence at Maxwell Air Force Base-Gunter Annex, Ala., examined about 200 of them. "All of them had over 50 vulnerabilities."

General Lord encouraged industry vendors to bring their proposed solutions for detecting and protecting against such vulnerabilities to ESC officials, noting that the center is where solutions can effectively be put into Air Force systems.

Industry officials should continue to "bring us your shiny new objects," he said. "But when you do, make sure you also tell us how we can integrate them onto an old infrastructure."

And if that's not possible, he said, tell Air Force officials how to upgrade the old infrastructure without having to lose capability during a transition.

"We need the network to be ready for today's modern applications, but frankly one can't slow up for the other," he said. "When they do lane expansion out on I-95 here, they're still doing it with two rush hours a day. We need to do the same thing."

General Lord also implored industry officials to focus on what the Air Force return on its IT investment will be.

"Here's that bright, shiny object and here's what you get out of it, or here's what you can give up with it -- manpower, legacy applications that we have to maintain, etc.," he said.

Determining what that return is can help solve a lot of problems, including the risk of running behind a rapidly evolving technology curve, he said, stressing that we need to avoid buying "yesterday's technology tomorrow."

"There are probably acquisition things that need to be fixed," he said. "There are process things that need to be fixed. There are resource management things we need to fix.

"But I think when you bring the return on investment with new combat capability, that can be the catalyst that begins to help us fix things," he said.

"

(comments? | Score: 0)


HP To Acquire Code Security Software Maker Fortify
Posted by cdupuis on Monday, 23 August 2010 @ 07:43:18 EDT (170 reads)
Topic Web Applications Security

Anonymous writes "

HP To Acquire Code Security Software Maker Fortify

Fortify's products pick out exposures that result from errors in programming.

By Charles Bab*****,  InformationWeek
--> Aug. 18, 2010
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=226700431

Hewlett-Packard will acquire Fortify Software to gain possession of its ability to perform analysis on source code to detect security risks and exposures.

For example, Fortify 360 Static Application Security Testing technology can examine source code and pick out exposures that result from poor or hurried programming. If a programmer has created a form where a user is to enter a zip code, but leaves space for 32 characters to be entered instead of five, 360 SAST would detect that. If the zip code were to be loaded from the form into a database, a 32-character space would open the door to an SQL injection attack. A hacker could put an SQL statement where the zip code was supposed to go and the database would act on it, once the injection was uploaded.

HP and Fortify collaborated on Hybrid 2.0, a product to protect software both in composition and in use. In addition to analysis of software under development, software needs protection once it's running. The former is called static analysis; the latter, dynamic analysis, and Hybrid 2.0 does both.

The two companies began working together last year on the product. The second version, Hybrid 2.0, was issued Feb. 22. In addition, Fortify static analysis capabilities have been integrated into HP Application Security Center and HP Quality Center software. Upon completion of the deal, HP will initially continue Fortify as a stand-alone business unit.

"The big question is if HP will integrate this product smoothly and invest in it further, unlike what they did with WebInspect," said Mandeep Khera, chief marketing officer for Cenzic, supplier of Hailstorm, a testing system for software vulnerabilities and an HP competitor. WebInspect checks web applications and services for security exposures. HP acquired WebInspec with its acquisition of Spi Dynamics in 2007 and continues to offer the product.

Fortify products "absolutely will be continued," HP said in response to a question from InformationWeek.

After the purchase is completed, Fortify products will become part of the HP software and solutions' Business Technology Optimization Applications portfolio.

Static analysis and dynamic analysis products helps prevent security breaches in production systems. Use of the systems is one component of meeting sound operations compliance requirements.

When Fortify products are added to HP's existing capabilities, "organizations will have a best-in-class solution to improve the security of their applications and services," said Bill Veghte, executive VP, software and solutions, in the announcement of the acquisition move.

"Joining HP will allow us to further integrate our proven technology and security expertise," said John Jack, CEO of Fortify, in the announcement.

In related activity, IBM acquired Ounce Labs, maker of static security testing products for source code, in July 2009. It added the Ounce product line to its rational software division, supplier of a wide range of development and test tools.

"

(Read More... | Score: 0)


WhatWeb -- The next generation web scanner
Posted by cdupuis on Sunday, 22 August 2010 @ 18:33:03 EDT (228 reads)
Topic Web Applications Security

WhatWeb

website fingerprinting

Next generation web scanner. Identify what websites are running.

Download whatweb-0.4.5.tar.gz
Latest Version 0.4.5, 17th August 2010
License GPLv2
Author urbanadventurer aka Andrew Horton from Security-Assessment.com

Introduction

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these cues and reports what it finds.

WhatWeb has over 250 plugins and needs community support to develop more. Plugins can identify systems with obvious identifying hints removed by also looking for subtle clues. For example, a WordPress site might remove the tag but the WordPress plugin also looks for “wp-content” which is less easy to disguise. Plugins are flexible and can return any datatype, for example plugins can return version numbers, email addresses, account ID’s and more.

There are both passive and aggressive plugins, passive plugins use information on the page, in cookies and in the URL to identify the system. A passive request is as light weight as a simple GET / HTTP/1.1 request. Aggressive plugins guess URLs and request more files. Plugins are easy to write, you don’t need to know ruby to make them.

Example Usage

Using WhatWeb on a handful of websites. (This is a screenshot of an older version)

whatweb-examples

Help
HELP
WhatWeb - Next generation web scanner.
Version 0.4.5 by Andrew Horton aka urbanadventurer from Security-Assessment.com
Homepage: http://www.morningstarsecurity.com/research/whatweb

Usage: whatweb [options]

Enter URLs or filenames. Use /dev/stdin to pipe HTML
directly
--input-file=FILE, -i Identify URLs found in FILE, eg. -i /dev/stdin
--aggression, -a 1 passive - on-page
2 polite - unimplemented
3 impolite - guess URLs when plugin matches
(smart, guess a few urls)
4 aggressive - try guess URLs for every plugin
(guess a lot of urls like nikto)
--recursion, -r Follow links recursively. Only follows links under the
path (default: off)
--depth, -d Maximum recursion depth (default: 10)
--max-links, -m Maximum number of links to follow on one page
(default: 250)
--spider-skip-extensions Redefine extensions to skip.
(default: zip,gz,tar,jpg,exe,png,pdf)
--list-plugins, -l List the plugins
--run-plugins, -p Run comma delimited list of plugins. Default is all
--info-plugins, -I Display information plugins. Optionally specific a comma
delimited list.
--example-urls, -e Add example urls for each plugin to the target list
--colour=[WHEN],
--color=[WHEN] control whether colour is used. WHEN may be `never',
`always', or `auto'
--log-full=FILE Log verbose output
--log-brief=FILE Log brief, one-line output
--log-xml=FILE Log XML format
--user-agent, -U Identify as user-agent instead of WhatWeb/0.4.5.
--max-threads, -t Number of simultaneous threads. Default is 25.
--no-redirect Do not follow HTTP 3xx redirects.
--proxy Set proxy hostname and port
(default: 8080)
--proxy-user Set proxy user and password
--open-timeout Time in seconds
--read-timeout Time in seconds
--custom-plugin Define a custom plugin call Custom,
Examples: ":text=>'powered by abc'"
":regexp=>/powered[ ]?by ab[0-9]/"
":ghdb=>'intitle:abc "powered by abc"'"
":md5=>'8666257030b94d3bdb46e05945f60b42'"
"{:text=>'powered by abc'},{:regexp=>/abc [ ]?1/i}"
--url-prefix Add a prefix to target URLs
--url-suffix Add a suffix to target URLs
--url-pattern Insert the targets into a URL. Requires --input-file,
eg. www.example.com/%insert%/robots.txt
--help, -h This help
--verbose, -v Increase verbosity, use twice for debugging.
--version Display version information.
Verbose Output
./whatweb -v www.morningstarsecurity.com
www.morningstarsecurity.com/ [200]
http://www.morningstarsecurity.com [200] WordPress[3.0.1], Google-API[ajax/libs/jquery/1.3.2/jquery.min.js ],
Google-Analytics[GA][791888], HTTPServer[Apache], UncommonHeaders[x-pingback], JQuery[1.4.2], Title[MorningSt
ar Security], MetaGenerator[WordPress 3.0.1], RSSFeed[http://www.morningstarsecurity.com/wp-content/themes/py
rmont-v2-white/style.css], MD5[2b47722f6e9ad3add669f5a4d2267642], Tag-Hash[bce4fdbac307d13d570d3a0d2d45b078],
Header-Hash[dba021c0aa225c8eede02c7dcc45b0d8], Footer-Hash[bd8866bbab7e53b19e03131a041d451a]
Footer-Hash => hash
Google-API => google javascript API (version: ajax/libs/jquery/1.3.2/jquery.min.js )
Google-Analytics => pageTracker = ...UA-123-1231
HTTPServer => server string
Header-Hash => hash
JQuery => script (version: 1.4.2)
MD5 => md5 hash of html
MetaGenerator => meta generator tag
RSSFeed => rss link type, rss link
Tag-Hash => tag pattern hash
Title => page title
UncommonHeaders => headers
WordPress => wp-content (certainty: 75), meta generator tag (version: 3.0.1)
Log Output

There are currently 3 types of log output. They are:
–log-brief Brief logging. Default output
–log-full Full logging. Complete output from each plugin
–log-xml XML logging. Same information as default output but in XML format

You can output to multiple logs simulatenously by specifying muliple command line logging options.

Brief Logging

Example usage: whatweb –log-brief b.log digg.com

http://digg.com [200] Cookies[1337,PHPSESSID,ccc], X-Powered-By[PHP/5.2.9-digg8], HTTPServer[Apache], UncommonHe
aders[keep-alive], Title[Digg - The Latest News Headlines, Videos and Images], RSSFeed[/opensearch.xml], OpenSea
rch[/opensearch.xml], Tag-Hash[4b33049ce0f31283b90597352194c9be], MD5[2b624548bc61501dcdca9639f2f9f338], Header-
Hash[2df7eaaa4480f28013aaf48ae9266b84], Footer-Hash[6e2c99013c0f12a0b9493ad54d2db2da]
Full Logging (may be removed in future)

Example usage: whatweb –log-full f.log digg.com

Identifying: http://digg.com
HTTP-Status: 200
[["Cookies",
[{:probability=>100,
:name=>"cookie names",
:string=>["1337", "PHPSESSID", "ccc"]}]],
["Div-Span-Structure",
[{:probability=>100,
:name=>"div structure",
:string=>"828d809947c3c760d41c720c9203993b"}]],
["Footer-Hash",
[{:probability=>100,
:name=>"hash",
:string=>"ca2ffbc939969a2246cde196f0fc4841"}]],
["HTTPServer",
[{:probability=>100, :name=>"server string", :string=>"Apache"}]],
["Header-Hash",
[{:probability=>100,
:name=>"hash",
:string=>"2df7eaaa4480f28013aaf48ae9266b84"}]],
["MD5",
[{:probability=>100,
:name=>"page title",
:string=>"455e6da4264cc6334b78a72c083ced77"}]],
["Mailto",
[{:emails=>
["?subject=Digg Story: Jennifer Aniston,wins the battle of the bikini with Model 23&body=I wanted to share this story with you: http://digg.com/d31RvOK?ern --- rn"Jennifer Aniston,wins the battle of the bikini with Model 23"rnActresses peeled off to reveal a two-piece as they filmed romantic comedy Just Go With It in Hawaii.rn+156 people dugg this story."]
:probability=>100,
:name=>"mailto:"}]],
["Title",
[{:probability=>100,
:name=>"page title",
:string=>"Digg - The Latest News Headlines, Videos and Images"}]],
["UncommonHeaders",
[{:probability=>100, :name=>"headers", :string=>"keep-alive"}]],
["X-Powered-By",
[{:probability=>100,
:name=>"x-powered-by string",
:string=>"PHP/5.2.9-digg8"}]]]
XML Logging

The XML logging is currently naive and may change. Please contact me if you have suggestions.

Example usage: ./whatweb –log-full f.log –log-xml x.log digg.com

<target>
<uri>http://digg.com</uri>
<http-status>200</http-status>
<plugin>
<name>Cookies</name>
<string>1337</string>
<string>PHPSESSID</string>
<string>ccc</string>
</plugin>
<plugin>
<name>Div-Span-Structure</name>
<string>828d809947c3c760d41c720c9203993b</string>
</plugin>
<plugin>
<name>Footer-Hash</name>
<string>ca2ffbc939969a2246cde196f0fc4841</string>
</plugin>
<plugin>
<name>HTTPServer</name>
<string>Apache</string>
</plugin>
<plugin>
<name>Header-Hash</name>
<string>2df7eaaa4480f28013aaf48ae9266b84</string>
</plugin>
<plugin>
<name>MD5</name>
<string>455e6da4264cc6334b78a72c083ced77</string>
</plugin>
<plugin>
<name>Mailto</name>
</plugin>
<plugin>
<name>Title</name>
<string>Digg - The Latest News Headlines, Videos and Images</string>
</plugin>
<plugin>
<name>UncommonHeaders</name>
<string>keep-alive</string>
</plugin>
<plugin>
<name>X-Powered-By</name>
<string>PHP/5.2.9-digg8</string>
</plugin>
</target>
Plugins

Plugins are easy to make.

Matches are made with:
* Text strings (case sensitive)
* Regular expressions
* Google Hack Database queries (limited set of keywords)
* MD5 hashes
* URL recognition
* HTML tag patterns
* Custom ruby code for passive and aggressive operations

List Plugins ./whatweb -l
Plugins Loaded
------------------------------
360-Web-Manager,0.1
ANECMS,0.1
ASP-Nuke,0.2
AVTech-Video-Web-Server,0.1
AWStats,0.1
Aardvark-Topsites-PHP,0.1
Acclipse,0.2
AdobeFlash,0.1
Advanced-Guestbook,0.2
Alcatel-Lucent-Omniswitch,0.1
Allinta-CMS,0.1
Antiboard,0.1
Apache-Default,0.3
ArGoSoft-Mail-Server,0.1
Arab-Portal,0.1
AtomFeed,0.1
Axis-Network-Camera,0.1
BM-Classifieds,0.1
BXR,0.1
Barracuda-Spam-Firewall,0.1
Basilic,0.1
BeEF,0.1
Belkin-Modem,0.2
Bing-SearchEngine,0.1
Biromsoft-WebCam,0.1
BlogSmithMedia,0.2
Blogger,0.1
BlognPlus,0.1
BlueNet-Video-Server,0.1
Brother-Printer,0.1
Burning-Board-Lite,0.1
BusinessSpace,0.1
CGI Backdoor,0.1
CGIProxy,0.1
CMSQLite,0.1
CMScontrol,0.1
CMSimple,0.1
CPanel,0.2
Campsite,0.1
Canon-Network-Camera,0.1
Cisco-VPN-3000-Concentrator,0.1
Citrix-Metaframe,0.2
CodeIgniterProfiler,0.1
ColdFusion,0.1
Comersus,0.2
CommonSpot,0.1
Concrete5,0.2
Confluence,0.1
Cookies,0.1
Coppermine,0.2
CruxCMS,0.1
CruxPA,0.1
CushyCMS,0.2
D-Link-Network-Camera,0.1
DMXReady,0.1
DT-Centrepiece,0.1
DUclassified,0.1
DUforum,0.1
DUgallery,0.1
Dell-Printer,0.1
DiBos,0.2
DotCMS,0.2
DotNetNuke,0.3
Drupal,0.2
DublinCore,0.1
EMO-Realty-Manager,0.1
EarlyImpact-ProductCart,0.2
EazyCMS,0.1
Echo,0.2
Empire-CMS,0.1
Evo-Cam,0.1
ExpressionEngine,0.2
F3Site,0.1
FestOS,0.1
File-Upload-Manager,0.1
Flax-Article-Manager,0.1
FluentNET,0.1
FluxBB,0.3
FontFace,0.1
Footer-Hash,0.2
Forest-Blog,0.1
FormMail,0.2
FrogCMS,0.3
GoAhead-Webs,0.2
Google-API,0.1
Google-Analytics,0.2
Google-Hack-Honeypot,0.1
GuppY,0.1
HP-LaserJet-Printer,0.1
HTML5,0.2
HTTPServer,0.2
Header-Hash,0.1
IIS-SiteNotFound,0.2
IIS-UnderConstruction,0.2
IMGallery,0.1
IPCop-Firewall,0.1
IQeye-Netcam,0.1
ISPConfig,0.2
Index-Of,0.2
Intellinet-IP-Camera,0.1
Interspire-Shopping-Cart,0.1
InvisionPowerBoard,0.2
JAMM-CMS,0.1
JGS-Portal,0.1
JQuery,0.2
Jamroom,0.1
Jboss,0.1
Joomla,0.4
Kloxo Single Server,0.1
Liferay,0.1
Lightbox,0.2
Lime-Survey,0.1
Linksys-NAS,0.1
Linksys-Network-Camera,0.1
Linksys-USB-HDD,0.1
Linksys-Wireless-G-Camera,0.1
LocazoList-Classifieds,0.1
Loggix,0.1
Lucky-Tech-iGuard,0.1
MD5,0.2
MailSiteExpress,0.2
Mailman,0.1
Mailto,0.2
Mambo,0.2
MediaWiki,0.1
MetaGenerator,0.2
MetaPoweredBy,0.2
Microsoft-Sharepoint,0.1
MicrosoftODBCError,0.1
MikroTik,0.2
Minify,0.1
MnoGoSearch,0.2
Mobotix-Network-Camera,0.1
ModxCMS,0.2
Moodle,0.2
MovableType,0.2
My-PHP-Indexer,0.1
My-WebCamXP-Server,0.1
MyioSoft-Ajax-Portal,0.1
MysqlSyntaxError,0.1
NetBotz-Network-Monitoring-Device,0.1
Netious-CMS,0.1
Netsnap-Web-Camera,0.1
NovellGroupwise,0.2
Nukedit,0.1
ORCA-Platform,0.1
ORITE-301-Camera,0.1
OSCommerce,0.3
Oce,0.2
OkiPBX,0.2
Open-Blog,0.1
Open-Freeway,0.1
Open-Source-Ticket-Request-System,0.1
OpenCms,0.1
OpenGraphProtocol,0.1
OpenID,0.1
OpenSearch,0.1
PG-Roomate-Finder-Solution,0.1
PHP-Fusion,0.1
PHP-Layers,0.1
PHP-Link-Directory,0.1
PHP-Shell,0.1
PHPCake,0.2
PHPDirector,0.1
PHPEasyData,0.1
PHPError,0.2
PHPFM,0.1
PHPNuke,0.2
PHPraid,0.1
PageUp-People,0.1
Panasonic-Network-Camera,0.1
Parked-Domain,0.1
PasswordField,0.1
PhilBoard,0.1
Piwik,0.1
Pixel-Ads-Script,0.1
Pixie,0.1
Plesk,0.2
Pligg-CMS,0.1
Plone,0.2
PortalApp,0.1
PoweredBy,0.2
Pressflow,0.1
Prototype,0.2
QNAP-NAS,0.1
Quantcast,0.1
RSSFeed,0.1
RedirectLocation,0.2
RoundCube,0.2
RunCMS,0.1
SHOUTcast-Administrator,0.1
SMF,0.2
Saurus-CMS,0.1
Scriptaculous,0.2
SearchFitShoppingCart,0.2
SiemensSpeedStreamRouter,0.2
SilverStripe,0.2
SimpNews,0.1
Site-Sift,0.1
SkaLinks,0.1
SmodCMS,0.1
Snap-Appliance-Server,0.1
SnomPhone,0.2
Softbiz-Freelancers-Script,0.1
Softbiz-Online-Auctions-Script,0.1
Softbiz-Online-Classifieds,0.1
Sony-Network-Camera,0.1
Sony-Video-Network-Station,0.1
SquirrelMail,0.2
Star-Network,0.1
StarDot-NetCam,0.1
Stardot-Express,0.1
Subdreamer-CMS,0.1
Subrion-CMS,0.1
SyndeoCMS,0.1
TWiki,0.1
Tag-Hash,0.2
TaskFreak,0.1
Team-Board,0.1
Textpattern,0.1
The-PHP-Real-Estate-Script,0.1
Title,0.2
TomatoCMS,0.1
Tomcat,0.2
Toshiba-Network-Camera,0.1
ToshibaPrinter,0.2
Trac,0.1
Turbo-Seek,0.1
TypePad,0.2
TypoLight,0.2
Umbraco,0.1
UncommonHeaders,0.2
VBulletin,0.2
VP-ASP,0.2
VSNSLemon,0.2
Veo-Observer,0.1
VideoShareEnterprise,0.1
Virtualmin,0.1
VisionGS-Webcam,0.1
Vulnerable-To-XSS,0.1
WWWBoard,0.1
Web-Calendar-System,0.1
Web-Data-Administrator,0.1
WebDVR,0.1
WebEye-Network-Camera,0.1
WebGuard,0.2
WebPress,0.1
WhiteBoard,0.1
Winamp-Web-Interface,0.1
Windows-Internet-Printing,0.1
WindowsSBS,0.2
WoW-Raid-Manager,0.1
WordPress,0.2
WordPressSpamFree,0.2
WordPressSuperCache,0.3
X-ASPNetVersion,0.2
X-Powered-By,0.2
X7-Chat,0.1
XHP-CMS,0.1
Xerox-Printers,0.1
XtraBusinessHosting,0.2
Zen-Cart,0.1
Zeus-Cart,0.1
Zikula,0.1
Zoph,0.1
Zyxel-Vantage-Service-Gateway,0.1
anyInventory,0.1
boastMachine,0.1
coWiki,0.1
cpCommerce,0.1
eLitius,0.1
eSyndiCat,0.1
envezion~media,0.1
ezBOO-WebStats,0.1
i-Catcher-Console,0.1
iDVR,0.1
iRealty,0.1
iScripts-CyberMatch,0.1
iScripts-EasySnaps,0.1
iScripts-MultiCart,0.1
iScripts-ReserveLogic,0.1
iScripts-SocialWare,0.1
ispCP-Omega,0.2
jobberBase,0.1
mojoPortal,0.1
phPhotoAlbum,0.1
php-ping,0.1
phpBB,0.2
phpFreeChat,0.1
phpMyAdmin,0.1
phpPgAdmin,0.1
phpSysInfo,0.1
phpinfo,0.1
sabros.us,0.1
samPHPweb,0.1
syntaxCMS,0.1
uPortal,0.1
xGB,0.1
To view more detail about a plugin or plugins ./whatweb -I Joomla
Plugin Information
------------------------------
Joomla version 0.4 by Andrew Horton
[14] examples, [3] matches, [x] aggressive, [x] passive.
Description: Opensource CMS written in PHP. Homepage: http://joomla.org. Plugin can aggresively identify
version by comparing md5 hashes of 4 files. Valid up to version 1.5.15.
--------------------------------------------------------------------------------
Aggressive Plugins

There are currently aggressive plugins for Joomla, phpBB, FluxBB, OSCommerce and Tomcat.
With the passive plugin we know that ardentcreative.co.nz is running Joomla version 1.5

Be cafeful when using aggressive plugins with recursive site crawling. WhatWeb has no understanding of a website, instead it currently treats each URL separately. It also has no caching so if you use aggressive plugins with recursion you will fetch the same files multiple times.

Writing Plugins

View the tutorial on writing WhatWeb plugins at www.morningstarsecurity.com/downloads/How-to-develop-WhatWeb-plugins-1.1.txt.

A typical plugin looks like this:

There are 3 levels to a plugin. Simple matches, passive and agressive tests. You don’t need to know ruby to write plugins with simple matches. Passive and aggressive tests are written in ruby.

If you port a GHDB match, use :ghdb. I usually rewrite the GHDB matches with regular expressions, especially if they require inurl:

Example:

# http://johnny.ihackstuff.com/ghdb?function=detail&id=1840
{:name=>”GHDB: ”Powered by Vsns Lemon” intitle:”Vsns Lemon”",
:probability=>100,
:ghdb=>’”Powered by Vsns Lemon” intitle:”Vsns Lemon”‘}

Note the GHDB queries are case insensitive, as a Google query is. Support codes are intitle:, inurl: and filetype:.

Each plugin can access @body, @meta, @status and @base_uri variables.

Passive tests add matches to the m array, each match is a hash containing the name of the match, probability and more.
The entire hash is returned with Full output, Brief output returns just the match, :version and :string

To discover the regular expressions to match against, wget about 20-30 examples into the tests/ folder. Be aware that some software can have dramatic variations between versions.
First view the META data and HTML of a few examples.
The find-common-stuff tool can help discover unexpected similarities in the examples.

Recursive Spider

The recursion option is used to scan some or all of a website with whatweb. Recursive spidering will follow each link on a webpage if it is within the same website, then repeat the process on the followed pages.

The configurable settings for recursive spidering are:
–recursion, -r Follow links recursively. Only follows links under the path (default: off)
–depth, -d Maximum recursion depth (default: 3)
–max-links, -m Maximum number of links to follow on one page (default: 25)

Limitations of the spidering. This follows links in <a> tags, these are the HTML tags designed specifically for links. The spider does not obtain urls from other sources. Some good choices for future improvement are image tags, eg. <img src=”/images/boats.jpg”>, form tags, eg. <form action=”/vote.php”>, url paths in CSS files, etc.

Related Projects

WhatWeb is unique however there are some web projects with the same goal of identifying a website.

Blind Elephant
The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable.
http://blindelephant.sourceforge.net/

WAFP – Web Application Finger Printing
Wafp identifies systems by requesting a large quantity of URLs and comparing md5 sums of the results against a database. This method is reliable for known systems in the database and it is simple to add new ones. Unlike whatweb, this method is intrusive and will create a lot of webserver log entries.
http://www.mytty.org/wafp

Wappalyzer
This is the most similar project to WhatWeb.
Firefox plugin identifies sites using 1 regexp each. Only looks for obvious identifiers like meta generator tags. Sends all recognized urls to a DB. Has nice icons
https://addons.mozilla.org/en-US/firefox/addon/10229

w3af
http://w3af.sourceforge.net
Very slight overlap of features in the grep and discovery scripts section.

HTTPRecon
No feature overlap, fingerprints the HTTP Server
http://w3dt.net/tools/httprecon/

http://www.net-square.com/httprint/httprint_paper.html

http://www.darknet.org.uk/2007/09/httprint-v301-web-server-fingerprinting-tool-download/

Nmap version scan
Nmap shows some info about HTTP servers when using version scan, eg. nmap -sV -p80 treshna.com

THC’s Amap
This tool is an application fingerprint scanner which can identify an HTTP protocol server. It doesn’t identify types of HTTP servers.

What’s that web server running 1.0 (whatweb.exe)
This shares the same name and goal but is shit. It ONLY uses the HTTP Server string. For example ‘Apache/2.0.55 (Ubuntu) PHP/5.1.2′
http://www.spambutcher.com/whatweb.html

www.http-stats.com
Lots of info about HTTP server names

Funny & Unusual

Slashdot.org
X-Fry: You mean Bender is the evil Bender? I’m shocked! Shocked! Well not that shocked.

popurls.com
X-popurls-a: in the future every url will be popular for 1.5 seconds

reddit.com
HTTPServer:’; DROP TABLE servertypes; –

Notes

Version 0.3 Released at Kiwicon III (kiwicon.org), 2009.
Version 0.4, March 14th 2010
Version 0.4.1, April 28th 2010
Version 0.4.2, April 30th 2010
Version 0.4.3, May 24th 2010
Version 0.4.4, June 29th 2010

Credits

Written by urbanadventurer aka Andrew Horton from Security-Assessment.com
Homepage: http://www.morningstarsecurity.com
License: GPLv2

Anemone library (used for spidering) is written by Chris Kite
Homepage: http://anemone.rubyforge.org/
License: MIT

Community Plugins

Thank you to the following people who have contributed a plugin to WhatWeb.

Brendan Coles
Emilio Casbas
Louis Nyffenegger
Patrik Wallström

Thank you to Michal Ambroz for writing the Makefile and Man pages

(Read More... | Score: 0)


BinPack: Las Vegas Edition Release
Posted by cdupuis on Friday, 20 August 2010 @ 17:37:53 EDT (293 reads)
Topic Web Applications Security

BinPack: Las Vegas Edition Release

BinPack is a portable security environment for Windows.
With 100+ security tools in the repository, you can easily convert any system into a hacking platform in minutes.

For those weren’t able to score a BinPack disc, don’t worry we have setup a torrent of the iso. The disc contains a portable security environment customized for all the various Black Hat, DEFCON, and Security B-Sides attendees as well as the BinPack tool.

Here is the latest screenshot of the tool. There are several bugs to be worked out with this version, which is why there is two releases; one stable and one alpha.

20100726-gui-security 

Files:

We are also looking for mirrors of the software packages so please contact us if you can help.

And if you want to support this software through a donation, that would be much appreciated! We accept donations through paypal:

(Read More... | Score: 0)


Better Security Through Sacrificing Maidens
Posted by cdupuis on Friday, 20 August 2010 @ 04:39:46 EDT (252 reads)
Topic Web Applications Security

Hi,

I thought that this might be an interesting read for web developers. It outlines a major problem with modern security practice and suggests how to address it.

https://www.infosecisland.com/blogview/6646-Better-Security-Through-Sacrificing-Maidens.html

Sincerely,
-pete.

--
Pete Herzog - Managing Director - pete@isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org

(Read More... | Score: 0)


Hakin9 August Issue: Securing the cloud
Posted by cdupuis on Tuesday, 03 August 2010 @ 16:46:19 EDT (472 reads)
Topic Hakin9

Hakin9

August issue of Hakin9: Securing the Cloud

New issue of Hakin9 magazine already available!

Inside:

  • Prey: A New Hope by Mervyn Heng
  • An introduction to Reverse Engineering: Flash, .NET by Nilesh Kumar
  • Web Malware - Part 1 by Rajdeep Chakraborty
  • Cyber warfare with DNSbotnets by Francisco Alonso
  • Search Engine Security and Privacy by Rebecca Wynn
  • Securing the Cloud: Is it a Paradigm Shift in Information Security? by Gary Miliefsky
  • Radio Frequency-enabled Identity Theft by Julian Evans
  • Intelligence Monopolies by Matthew Jonkmann
  • Special Report: Capturing the New Frontier: How To Unlock the Power of Cloud Computing by Mike Armistead

Download

Is Prey: A New Hope
Mervyn Heng
Misplaced your laptop or had it stolen? You are not alone.Dell and the Ponemon Institute collaborated on a study with 106 United States airports as well as over 800 business travelers to ascertain the frequency with which laptops are lost in airports.

An introduction to Reverse Engineering: Flash, .NET
Nilesh Kumar
This article is about the demonstration of Reversing of Flash and .NET applications. This is an introductory article showing basics of decompiling/ disassembling. In the first I have chosen to show reversing of Flash files and .NET files and how to patch them.

Web Malware - Part 1
Rajdeep Chakraborty
The Internet has been plagued by a variety of Malware that use the Web for propagation and as these threats loom around in the Internet it can infect even the smartest and the most tech savvy computer users.

Cyber warfare with DNSbotnets
Francisco Alonso
Botnets aren’t just a fad or items being sold and purchased like items on ebay, but are becoming carefully designed tools used for cyber war. In this article we will discuss what a Botnet is, and the next generation of Botnets over DNS.

Search Engine Security and Privacy
Rebecca Wynn
It’s no secret that search engines like Google, Yahoo, Bing (MSN) retain search data and metadata regarding searches. They are open about doing so. What’s unsure, though, is to what extent this creates a long-term threat to information security and privacy. This article briefly reviews what data is retained and stored by these search engines and what readers can do to protect their information.

Securing the Cloud: Is it a Paradigm Shift in Information Security?
Gary Miliefsky
First let me start by saying No. There’s really nothing new in the Cloud except where risk appears to shift. But does it really? I would argue that it increases your risk and there can be no shift of blame for a successful Cloud attack and breach of confidential data stored in the Cloud. You are ultimately responsible.

Contacts Us

editors@hakin9.org
Editor-in-Chief
Karolina Lesińska
karolina.lesinska@hakin9.org

(Read More... | Score: 0)

Our Sponsors

Login

Nickname

Password

Security Code:
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Latest Windows Tools

Latest Linux Tools

Virtual Machines VM's

Hacker's Magazine

Web & Apps Security

Scanning Service

Reverse Engineering

Vulnerabilities Research

Big Story of Today

There isn't a Biggest Story for Today, yet.

Old Articles

Friday, July 23
· WebCruiser - Web Vulnerability Scanner V2.4.1
· WATOBO Open Source Web Vulnerability Scanner
Thursday, July 15
· Metasploit Framework 3.4.1 Released
· Call for Papers - Black Hat Abu Dhabi 2010
· Haking 9 SECURING VOIP July edition available for FREE download
Saturday, July 03
· 1st Open Backdoor Hiding & Finding Contest to be held at DEFCON 0x12
Tuesday, June 08
· Protect yourself against ARP Poisoning attacks
Monday, June 07
· iPhone leak is getting bigger - Latest Update
· US authorities file charges against three scareware authors
Friday, June 04
· New Open-Source OS Will Feature 'Disposable' Virtual Machines
Thursday, June 03
· Which Vulnerabilty to exploit first?
Tuesday, June 01
· Bizploit -- ERP Penetration Testing Framework
· Hackin9 June Edition FREE Download -- Get it now
· DataLossDB Weekly Summary -- Data losses are not slowing down
Monday, May 31
· Android apps for encrypting calls and texts

Older Articles

You can syndicate our news using the file backend.php or ultramode.txt


All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2003-2008 by Clement Dupuis and Nathalie Lambert (Site Maintainers).

 


 

 


Page Generation: 0.76 Seconds