Archive | Programming

Advertisements


27 January 2013 | 1,820 views

New eLearnSecurity Pen-Testing Labs Launched – Attend Live Demo Event

You might remember the Hera Labs info from the post about the updated Pen-testing Pro course: eLearnSecurity Launches Newly Updated & Refreshed Penetration Testing Professional Training v2 Now eLearnSecurity has decided to open up just the labs outside of the course, for people that want a practical hands-on environment to learn. http://www.elearnsecurity.com/virtual-labs/hera Main Features You […]

Continue Reading


08 January 2013 | 1,300 views

CERT Failure Observation Engine (FOE) – Mutational Fuzzing Tool

The CERT Failure Observation Engine (FOE) is a software testing tool that finds defects in applications that run on the Windows platform. FOE performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases that cause crashes.) The […]

Continue Reading


13 November 2012 | 4,180 views

Hack.me – Build, Host & Share Vulnerable Web Application Code

Hack.me is a FREE, community based project powered by eLearnSecurity. The community allows you to build, host and share vulnerable web application code for educational and research purposes. It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party […]

Continue Reading


06 November 2012 | 2,205 views

VMWare ESX Source Code Leaked On The Internet

Another big source code leak, this time VMWare ESX, software which I’m sure most of the readers here have used at some point (I know I have). There was a time back in 2006 when VMWare Rootkits seemed like they might be the next big thing, but nothing much ever came out of it. VMware […]

Continue Reading


05 September 2012 | 3,308 views

CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike

Reversing complex software quickly is challenging due to the lack of professional tools that support collaborative analysis. The CrowdRE project aims to fill this gap. Rather than using a live distribution of changes to all clients, which has proven to fail in the past, it leverages from the architecture that is being used with success […]

Continue Reading


07 June 2012 | 1,594 views

CERT Triage Tools – Vulnerability Impact Assessment Tool

The CERT Triage Tools can be used to assist software vendors and analysts in identifying the impact of defects discovered through techniques such as fuzz testing and prioritizing their remediation in the software development process. The CERT Triage Tools include a GNU Debugger (GDB) extension called “exploitable” that classifies Linux application bugs by severity and […]

Continue Reading


08 May 2012 | 1,834 views

Basic Fuzzing Framework (BFF) From CERT – Linux & Mac OSX Fuzzer Tool

The CERT Basic Fuzzing Framework (BFF) is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases […]

Continue Reading


09 April 2012 | 3,050 views

Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files

Carbylamine is a PHP Encoder project, which can bypass all leading anti-virus detection against PHP Shells (C99, R57 etc) easily. It can be a very efficient tool for pen-testers when carrying out a black box test which involves inserting malicious code via PHP. Usage

You can download Carbylamine here: carbylamine.php Or read more here.

Continue Reading


16 March 2012 | 5,520 views

backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)

backfuzz is a fuzzing tool for different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer). The general idea is that this script has several functions already predefined in the file “functions.py”, so whoever wants to write their own plugin’s (for another protocol) you can do so in a few lines […]

Continue Reading


03 November 2011 | 14,019 views

Rec Studio 4 – Reverse Engineering Compiler & Decompiler

REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several […]

Continue Reading


Advertisements