HackFest - PLUG Linux Security Series - The News
Lisa Kachold
lisakachold at obnosis.com
Wed Dec 22 17:41:30 MST 2010
0) Armitage Released - Fast and Easy Hacking
http://www.fastandeasyhacking.com/download
1) Windows
http://www.h-online.com/security/news/item/Exploit-published-for-unpatched-Internet-Explorer-vulnerability-1158348.html
Explorer 6-8 CSS Metasploit Framework (exploit included in link)
2) Windows RE
VERA - Visualizing Executables for Reversing and Analysis
VERA is a tool for reverse engineering Windows executables. It is used in
conjunction with the Ether framework to generate visualizations to help with
the RE process.This new version contains a bunch of new features and API
improvements. The two biggest updates are the addition of the trace file
parsing and analysis inside of the GUI. This alleviates the need for the
gengraph.exe program. The next big feature is the integration with IDA Pro.
Currently it only supports version 5.6 and 6.0 versions of IDA. Finally,
VERA now includes documentation.
Download: http://csr.lanl.gov <http://csr.lanl.gov/vera/VeraSetup.msi>
3) IIS 7 Zero Day Exploit
http://isc.sans.edu/diary.html?storyid=10126&rss
4) HTML5
How to Conceal XSS Injection in HTML5
5) Social Engineering Book Released
http://www.social-engineer.org/social-engineering/the-art-of-human-hacking/
6) Samari WTF
Samurai Web Testing Framework - Web penetration testing live CD built on
open source software
The Samurai Web Testing Framework is a live linux environment that has been
pre-configured to function as a web pen-testing environment. The CD contains
the best of the open source and free tools that focus on testing and
attacking websites. In developing this environment, we have based our tool
selection on the tools we use in our security practice. We have included the
tools used in all four steps of a web pen-test.
Download:http://sourceforge.net <http://sourceforge.net/projects/samurai/>
7) FaceBook Redirect Link Bypass Exploit
http://soroush.secproject.com/blog/2010/12/facebook-redirect-link-new-bypass-method-%E2%80%93-%E2%80%9C%E2%80%9D-after-the-domain-name/
8) Love those SideJacking and SSL-Strip links?
Full Immersal into Hacker Culture:
https://www.hackbloc.org/zine
Read Online:
Editorial: Lock up the cops and call the kids!
Hackers and the Law
Colorado Indymedia resists FBI
Jacob Appelbaum gets jacked by the pigs
Perfect-Privacy.com raid: Off the German pigs too
Canadian Teen gets some
Palin Email Hacker goes to jail
Limewire: In court and trying to stay relevant
Bradley Manning supporter gets hassled
Full Body Scan? Up Yours!
Moxie SSL-Sniffed at the border
Action Reports
Operation Payback with Anonymous
European Carbon Trading: Defaced
Wikileaks releases "War Diaries"
Vatican Google-Hacked
EFF Challenges UAE Spying on BlackBerries
V for Vendetta at WSU
Report Back from HOPE 2010
ABCF: have you written a political prisoner lately?
Solidarity
Wikileaks Insurance File
Bradley Manning Support
Random Tools & Thoughts
Google Sharing FF plugin
Instant Sidejacking with FireSheep FF plugin
Padlock hacking
Mapping considerations for mass mobilizations by The march Hare Collective
News
Verizon Still Sucks
HB Santa Cruz
Darren Thurston is a Snitch
Facebook Delete Button
Warentless Cell Phone Trackin
Beware most other sites suggest you download and run a PDF <grin>!
Course these are all subjects we cover regularly at the PLUG Hackfests....
9) XSS Recipe (For all your Xmas Card Mailings)
http://www.exploit-db.com/exploits/10472/
--
Remember Satan Claus <http://uncyclopedia.wikia.com/wiki/Satan_Clause> is
watching<http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy>!
(503) 754-4452
(623) 688-3392
http://www.obnosis.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20101222/f0ba9017/attachment.html>
More information about the PLUG-discuss
mailing list