RATS – Rough Auditing Tool for Security – is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and […]
Archives for 2009
Illegal File Sharers To Be Cut Off By 2011
[ad] It was 2008 when the UK government originally proposed disconnecting pirates from the Internet, then a few months later Australia followed suit. The latest is that it’s really going to be legislated and will come into force by April 2010 under the Digital Economy Bill. I’ve noticed this trend picking up lately, a few […]
KrbGuess – Guess/Enumerate Kerberos User Accounts
KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition […]
Facebook E-mail Spam Conceals Malware Attack
[ad] Facebook has had a fair share of problems, being a large community of course it’s going to be a ripe target for spammers, scammers and malware distributors. The latest to hit is a spam e-mail claiming to be from the Facebook team that actually spreads a nasty piece of malware called Bredolab. It’s also […]
Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool
[ad] Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do with XSS?” and we hope that Yokoso! answers that […]