SANS recently updated their PowerShell cheat sheet for penetration testing.
I found this this morning on Twitter. I took a quick look at it and there’s some nuggets of wisdom in it!
Here’s yet another data breach, this time it was due to poor management on the part of the FBI. One of their field offices had a server that was open to the public that had over 10GB of sensitive data that ANYONE could access.
Just in time for the Shmoocon Wireless CTF I found a two links today while on Twitter discussing software defined radios (SDR). One has videos from this year’s GNU Radio conference and the other is another a SDR framework and IDE released from NSA which is also related to software defined radios and spectrum analysis. Both GNU Radio and REDHAWK look to have much the same functionality in that it will let you build a simulated transmitter and receiver all in software to allow for rapid prototyping.
I’m sad to post that DerbyCon will not be returning next year. They just announced they were going to be stop running this conference after this year.
VDA Labs just posted this write-up on Twitter for how they do OSINT collection using mitmproxy. mitmproxy is an open source Man-In-The-Middle proxy that has the ability to be extended via an exposed Python scripting engine which VDA Labs takes advantage of to scrape sites such as LinkedIn.
A series of three bugs were recently discovered in systemd, which is a replacement for init.d on modern Linux distros. It’s loved an hated by Linux users and sysadmins alike. The vulnerabilities will allow a normal account to have root privilege on the system. Thankfully patches have been released for most Linux distributions.
Rapid7 just release v5.0 of their (in)famous Metasploit Framework. Here’s a summary of what’s new in the new release:
* Database and automation APIs – PostgreSQL database now has a RESTful API and can support multiple concurrent msfconsole connections
* Evasion modules and libraries – Adds additional PSP evasion techniques
* Usability improvements and exploitation at scale – Any module can now target multiple hosts
You can read all about what’s in the new release here:
I found this while I was on Twitter this morning. This tool will find all open Elasticsearch servers via Shodan and will then scan them for any sensitive information including credit card numbers, social security numbers, etc:
NETRESEC just announced a milestone release of the popular network analysis tool called NetworkMiner. Here’s a short list of the new features:
* MAC Age – Tells you approximate age of the device according the it’s hardware MAC address
* Kerberos v5 support – Can be used to to extract usernames, hostnames and realms (domains) from unencrypted Kerberos requests/responses on port 88 or over HTTP and SMB if they are using Kerberos for authentication
* ICS Asset Inventory – They’ve developed fingerprinting techniques for Industrial Control System hardware
For a full list of the features click on the link below for a full list of improvements and features: