PentesterLab is an easy and straight forward resource on how to learn Penetration Testing with Pentesting Lab Exercises. It provides vulnerable systems in a virtual image and accompanying exercises that can be used to test and understand vulnerabilities. Just decide what course you want to follow, download the course and start learning. You can easily […]
Archives for 2013
Large Scale Botnet Brute Force Password Cracking Against WordPress Sites
There have always been a lot of brute force attempts/bot scans and hacking attempts on WordPress hosted sites (due to flaws in the core and a multitude of insecure plugins) – this site being no exception (they’ve even done some minor damage before). But things appear to have really ramped up recently with a large […]
Andrew Auernheimer AKA Weev Gets 41 Months Jail Time For GET Requests
This is a pretty sad case, and one which I’m sure all of us have followed since it first started. Surprisingly it hasn’t gotten a whole lot of media attention, but then this legal precedent sticks it to the man and has some consequences regarding the infosec industry – and who would want to publicize […]
SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool
SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers. Features SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility Performance testing: session resumption and TLS tickets support Security testing: […]
Evernote Hacked – ALL Users Required To Reset Passwords
The big news in the past week or so was the Evernote hack, being a user of Evernote I was interested by this one – it seems to be a pretty pervasive hack with user IDs and e-mail addresses being leaked. Thankfully the passwords are salted hashes, so it’s unlikely they’ll get brute forced any […]