Items Tagged with "Tools"


4ed54e31491e9fa2405e4714670ae31f

Firefox Add-On Cocoon – Strengths and Weaknesses

September 25, 2011 Added by:Kyle Young

Using tools like ettercap, sslstrip, webmitm, dnsspoof, and wireshark, I was not able to retrieve the login credentials that were used to sign on to Cocoon’s privacy service. The way they have implemented SSL with this plugin is probably one of the best SSL implementations I’ve seen in my opinion...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Signals of PC Failure and Contingency Plans

September 21, 2011 Added by:Robert Siciliano

Has your computer refused to turn on? Or turned on, but only to display a blue screen? The worst is when you’ve been working on a document and your hard drive crashes. If this has yet to happen to you, you’re likely overdue. The following are signs your computer may be close to death...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Simple Network Security Monitoring Tools

September 14, 2011 Added by:Dan Dieterle

You can then drill down from high level topics like Destination Country to recreations of the actual data sent in a few clicks. You can look at the information transferred including scripts, programs, pictures and videos. You can also search the entire data collected for specific identifiers...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Anonymous Unveils Twitter Hijack Tool: URGE

September 09, 2011 Added by:Headlines

Anonymous has released an purported Twitter hijacking tool called URGE, posting the source code for the exploit on Github. Using the tool could be considered an illegal act, and those that choose to download and perform Twitter hijacking operations could find themselves facing legal repercussions...

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Got A Pile of Logs from an Incident: What to Do?

September 01, 2011 Added by:Anton Chuvakin

If you received any hints with the log pile, then you can search for this and then branch out to co-occurring and related issues and drill-down as needed, but then your investigation will suffer from “tunnel vision” of only seeing this initially reported issue and that is, obviously, a bad idea...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Minimum Password Lengths of 15 or More via GPO

August 21, 2011 Added by:Rob Fuller

Also known as "How to practice what we preach". I don't know how long I've been telling clients that they need to have a minimum password length of 15 characters so there is no chance LM will be stored. But I've never tried setting it myself. Well, a client called me out. You can't...

Comments  (0)

4e21f96122846f32545687ad42b271e2

Agnitio v2.0 and Mobile Apps

August 17, 2011 Added by:Security Ninja

Regardless of the resource exposure based on the arguments to the creation function, malicious applications or malicious users that have root access to the device will be able to read or write to anything on the device. Truly sensitive data should never be stored on the device itself...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Encrypting the Web with HTTPS Everywhere

August 08, 2011 Added by:Headlines

"Your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking... Electronic Frontier Foundation created HTTPS Everywhere to make it easier for people to keep their user names, passwords, and browsing histories secure and private..."

Comments  (0)

972cda1e62b72640cb7ac702714a115f

Pastebin Security Risks: Monitoring with Rollyo Searchrolls

July 31, 2011 Added by:Kurt Aubuchon

You might want to keep an eye on the various pastebin sites for mentions of your organization's domain names, IP addresses, proprietary application names, or other info that could be evidence of problems. Unfortunately, keeping an eye on all the pastebins on the internet is difficult...

Comments  (1)

F520f65cba281c31e29c857faa651872

Understanding the Customer is the Key to Success

July 27, 2011 Added by:Rahul Neel Mani

ArcSight which was acquired by HP last year was started when the Dot Com bubble had burst. CTO Forum talks to Hugh Njemanze, ArcSight Founder and VP & CTO, HP Security Solutions about the company’s journey so far and how the company has been able to sustain a robust growth...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Metasploit Payloads Explained - Part 1b

July 27, 2011 Added by:Rob Fuller

I thought about adding the cmd/windows/adduser payload just so if the user is an admin we can start our day off without having to add ourselves a user but I decided against it just for clean up and “noise” purposes. One of the payloads is going somewhere else... Sharing is caring right?

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Too Many Tools, Not Enough Glue?

July 26, 2011 Added by:Rafal Los

The difficult part with handling information security seems to be memory, applicability, and planning. Can I recall where that tool is and how it works? Do I have enough actionable intelligence right now? Did I leave enough breadcrumbs to prepare me for this need? Is there a plan?

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Seven No-Cost Security Tune-Ups for Windows

July 19, 2011 Added by:Headlines

"Don't use Internet Explorer or, for that matter, Safari... neither is as secure as Chrome, Firefox or Opera. IE 10 is certainly safer to use than previous versions, but significant security flaws that could expose your Windows system to malicious code online tend to crop up with it..."

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Metasploit Payloads Explained - Part 1 Continued

July 13, 2011 Added by:Rob Fuller

One of the down sides of that payload is you need to host the binary, giving up an IP/host that can be blocked. Well, Google recently allowed people to upload 'anything' to Google docs. You probably already see where I'm going with this...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Looking Beyond "Black Box Testing"

June 21, 2011 Added by:Rafal Los

When you're blindly hacking away at something you don't understand, you can't reasonably expect great results, can you? Yet people do, and vendors have tried to compensate for some of those incredibly ambitious expectations by building better parsers and black box testing tools...

Comments  (1)

9259e8d30306ac2ef4c5dd1936e67634

Calculating the Return on Security Investment (ROSI)

June 20, 2011 Added by:Dejan Kosutic

Traditionally, "making sense" for management means that the revenues that will result from the investment will be larger than the total cost of investment. So what's the problem? The problem is, even if you can calculate the total cost, there are no revenues to be made from security...

Comments  (0)

Page « < 6 - 7 - 8 - 9 - 10 > »