Ethical Hacking

This category contains 22 posts

New Tool updates

I am constantly looking for new updates and software versions for Penetration Testing. A great source of information is from http://www.pentestit.com, which is definitely one of my favourites. Here are some news links to some great tools – Advertisements

Insect Pro 2.7 Update Released

INSECT Pro 2.7 is a penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latestsecurity threats vulnerabilities and implement active security policies by performing penetration tests across their infrastructure and applications. Change list for INSECT Pro 2.7 Available targets now has a submenu under right-click button Check update function added in order to … Continue reading

Install VMWare Tools in Backtrack 5 R1

Now the release of Backtrack 5 R1 is out so its time again to configure the new version with scripts that I used on previous versions. I did have some issues setting up BT5 today with installing VMWare tools so I decided to mirror the info that can be found on the Wiki //  www.backtrack-linux.org/wiki … Continue reading

Persistence is everything

What really separates the skiddies from the seasoned hacker pro´s? The question has some ties in the article I wrote on APTs. The difference is persistence. Skiddies may not have the capacity or the patience to try 1000 difference ways to get into a system and will simply fire off some scripts they downloaded off … Continue reading

Resetting forgotten MySQL password

I have an issue today while trying to get Snort running under Backtrack 4 R2. I had somehow forgetten the exact password which made me wonder how we can do a recovery of a password.  It happens to the best of us. This technique can be used by hackers once they have root on the system … Continue reading

If you can’t find a key, use a hammer…

Where there is a lock there is always a key and if you can’t get find a key use a hammer. If that does not work, blow the door off. This type of mindset is the foundation of how malicious attackers look at your network. There are no rules or regulations governing an attacker. There … Continue reading

Creepy – Geolocation Information Aggregator

Creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to … Continue reading

Article – Securing Smartphones in the Enterprise

I wrote this article for Magazcitum in Mexico City. That version will be in Spanish but here is the full article in English. We are consumers of information and we live and share our lives online. We live in a world where the demand for access to information on a mobile platform is increasing at … Continue reading

Jumping the intellectual rope

I have not been blogging since the CEH exam. I guess my brain was expanding with all the information and now that it has time to deflate a bit I have been able to catch up on the news in IT Security. I also conducted a presentation in Mexico City which was demonstrating the dangers … Continue reading

Securing Smartphones in the Enterprise

It’s just struck midnight and the official deadline for the next article in Magazcitum is now closed.  The next article is a description of the risks corporations must face when implementing Smartphones in ther business. More smartphones are lost each year than laptops and for that reason post a significant threat of data loss when … Continue reading