WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques. What does OWASP WebGoat Do? In each lesson, users must […]
Archives for October 2015
windows-privesc-check – Windows Privilege Escalation Scanner
Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfiguration that could allow local unprivileged users to escalate privileges to other users or to access local applications (e.g. databases). Essentially it’s a Windows privilege escalation scanner, the Microsoft side of the World counterpart to unix-privesc-check – which we wrote about a […]
More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open
So this Hillary Clinton’s e-mail leak case has been a pretty interesting phenomena to observe and has been going on since last month, we didn’t really cover it as well it mostly concerns US politics – not a huge area of interest for most. But it’s getting more and more interesting, there was a report […]
Malheur – Automatic Malware Analysis Tool
Malheur is a automatic malware analysis tool for the automatic analysis of malware behaviour (program behaviour recorded from malicious software in a sandbox environment). It has been designed to support the regular analysis of malicious software and the development of detection and defence measures. Malheur allows for identifying novel classes of malware with similar behaviour […]
Twittor – Backdoor Using Twitter For Command & Control
Twittor is a stealthy Python based backdoor using Twitter (Direct Messages) as a command and control server. This project has been inspired by Gcat which does the same but using a Gmail account. Setup For this to work you need: A Twitter account (Use a dedicated account! Do not use your personal one!) Register an […]