Hey Mubix! I was the guy who asked about CDC tool recommendations on Twitter for blue teams/defenders. Any strong suggestions there? Flint by Matasano looks wicked cool, but it turns out it’s ASA and PIX only.

My best suggestion for Blue Teamers in an event such as CCDC is teamwork and preparation. Nothing beats practice.

Ask me anything

Posted 1 week ago



Hello! I’m trying to find a free packer for my compiled program. The problem is that some AV software recognizes my app as a suspicious file, and I’d like them not to. My goal would is to pass all the virustotal tests. UPX does not help ;)

It really depends on what you want it to do. But definitely check out Polypack @ http://polypack.eecs.umich.edu/

Ask me anything

Posted 1 week ago



Have you ever run a portable version of spyware remover through logon scripts i have few machines infected with a nasty spyware and our anti virus does not have e updates to detect this virus at this moment so i was thinking to silently run & remove it

All *-ware removers are only halfway decent at their job, they try but it’s just too hard to keep up. So, normally I just reimage the machine. I keep pretty decent nLite scripts for each host I’ll need to set up.

Ask me anything

Posted 1 week ago



Hi Rob , this is a noob question How do i update metaspoilt on backtrack 4 ? can i get the command in doing so . .

Change directory into the “framework3” directory and run `svn up` that will update you to the latest SVN version. While this puts you on the cutting edge of updates to the framework, somethings may be broken, so always keep another copy of the framework a few revisions old.

Ask me anything

Posted 1 week ago



Hi there, My boss wanted me to deploy a cert for firefox ? i did some search and i came across this link http://nsis.sourceforge.net/Import_Root_Certificate#Usage_2 . my question how do i get started ? do i need to nsis in my servers ? kinda noob

“Deploy a cert for Firefox” does he mean install your CA’s cert in all your Firefox installs? There needs to be a bit more context to what you are trying to accomplish, sorry.

Ask me anything

Posted 1 month ago



L4amer takes us through 3 tools that do enumeration using null sessions. Metasploit, rpcclient, and smbenum.py

Posted 3 months ago



Breaking in via SQLi (SQLNinja) and Metasploit with PTH and Token stealing.

Posted 3 months ago



Jason takes us through exploit a web application, uploading a php shell, and finally getting command line access and more.

Posted 5 months ago



Not a podcast

Please remember, this is not a podcast, we aren’t checking out a new tool, playing with it for a week, and then showing it off. Here are a list of our current projects though:

IPv6 Attacking

Trojans, RATs, and Malware

Fuzzing each layer of the OSI model

Adding features, and supplying patches to open source projects

Posted 5 months ago



DNSMap vs Fierce2 vs Metasploit (dns_enum)

A crucial step to any pentest, or information gathering session is DNS enumeration. This video shows you how 3 tools excel or fail at what they were designed to do.

Posted 6 months ago






Designs by DigiP