Sparty is an open source Sharepoint and Frontpage auditing tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web […]
Archives for 2014
U.S. State Department Hacked
So the U.S. government has been getting fairly hammered lately with breaches/attacks hitting the White House, USPS (Postal Service) and NOAA. The latest victim of this onslaught has been the State Department, which had to totally shut down their email systems on November 14th after discovering various ‘areas of concern’. I wonder who’s going to […]
Kali Linux – The Most Advanced Penetration Testing Linux Distribution
So Linux Live CDs based around hacking or penetration testing used to be a super big deal, they died down a bit in the last few years. The king of the hill back in 2011 used to be BackTrack and the last time we mentioned it was when BackTrack 5 came out. This article is […]
Microsoft Schannel Vulnerabilty – Patch It NOW
So yah, it seems like every implementation of TLS is broken and some may say this Microsoft Schannel vulnerabilty is actually worse than Heartbleed. Why is it worse you ask? Because it allows remote code execution, which honestly – is about as bad as it gets. This is a critical update, a really, really critical […]
Radare – The Reverse Engineering Framework
Radare started out as a simple command line interface for a hexadecimal editor supporting 64 bit offsets to make searches and recovering data from hard-disks. It has evolved into a project that is composed of a hexadecimal editor as the central point of the project with assembler/disassembler, code analysis, scripting features, analysis and graphs of […]