So last week the big news was about the cross platform exploit in BASH that we covered in our article – Everything You NEED To Know About Shellshock Bug In BASH. As mentioned in the comments, a certain combination of circumstances and configuration options can leave OpenVPN vulnerable to Shellshock. This could be a pretty […]
Archives for 2014
masscan – Really Fast Network Scanner For TCP
masscan is the fastest TCP port scanner, a really fast network scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. What is masscan – The Fast Network Scanner? It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and […]
Everything You NEED To Know About Shellshock Bug In BASH
Shellshock (CVE-2014-6271) the bug in BASH is causing havoc on the Internet this week, as far as I’m concerned it’s a bit overstated – seriously how many people are still using cgi scripts? None I hope. I do suspect though a lot of shared hosts might get owned by this as most commercial control panel […]
drozer – The Leading Security Testing Framework For Android
drozer (formerly Mercury) is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use, share and understand public […]
CloudFlare Introduces SSL Without Private Key
Handing over your private key to a cloud provider so they can terminate your SSL connections and you can work at scale has always been a fairly contentious issue, a necessary evil you may say. As if your private key gets compromised, it’s a big deal and without it (previously) there’s no way a cloud […]