Simple Framework Domain Token Scanner -
This is so much more than the title…
Sorry, I will be picking things back up soon.
[video]
myneus asked: Hello Mubix, hey have my blog up and rolling now which you are following on here but do you know any other good security tutorial based blogs you suggest on tumblr?
On Tumblr? Not that I know of
Anonymous asked: Dear Rob,
I've always wanted to learn the Spike fuzzing framework well enough to write my own fuzz scripts for whatever protocol I want. Although the documentation is difficult to understand and there seems to be none to very little tutorials/documentation on the web. Please help.
Sincerely,
Matt
Added to the list of videos to do.
Anonymous asked: A step-by-step how to on the popular Dan kaminsky DNS Cache Poisioning Attack would be nice. :)
I’ll see what I can dig up as far as servers are concerned. But I’ll definitely add it to the list
Anonymous asked: This isn't really a question, but I did my own malware analysis research recently and thought I could help with the metasploit encoding for AV evasion. I tested 8 payloads and 7 encoders with and without multiple encoding iterations. (up to 10 iterations as some payloads don't seem to work correctly with more.) AVG was the only oddball out of the 7 Anti-virus's tested. It found some payloads but not others. The generic encoder was not flagged at all. The strange part is some of the more advanced encoders such as shikata-ga-nai we're flagged dirty on almost all payloads.
Kaspersky Internet Security 2010, Mcafee Security Suite, and Microsoft Security Essentials flagged all payloads as dirty.
Avast free, Avira free, and Norton Internet Security 2010 flagged none as dirty.
I hope this helps, and if you want I can send my spreadsheet covering each AV in depth as metasploit payloads weren't the only "dirty" programs that I tested.
Hope this helps!
-hhmatt@live.com
Nice! Thanks for the info.
Anonymous asked: Wonderful down-to-earth website on vulnerability testing! I tried the php shell demo verbatim and against a system that should have been vulnerable, but only receive "bad request in header" from burp.
Did you ever find out why?
Anonymous asked: How do you automatically activate a session in metasploit when you are using a generic/shell_reverse_tcp as for in, example, the java_signed_applet exploit? User interaction is required to actually type: sessions -i 1, whereas in the meterpreter/reverse_tcp the session can be automatically kicked off. Do you know of any method of sending that command -- sessions -i 1 -- to the keyboard so the attacker does not have to sit around all day and interact with the session? Thanks.
You don’t have to interact with a session to have it active. Why would you want to interact with a shell if you weren’t there?
Anonymous asked: Hi,
I just recently got into exploits. Can you give us some insights which web pages you track for new exploits? Or in general what your main IT security "channels" are. I haven't found the right place for up-to-date information.
Regards,
JD
I get information from all over. Blogs, Twitter, OSVDB, CVEDetails, PacketStorm, Exploit-DB, Full Disclosure. You never know where that information will hit first, or if it will make a wave enough to carry over to other media. Just got to keep an eye out.