Ryan Dewhurst of ethicalhack3r.co.uk has created and been maintaining Damn Vulnerable Web App (DVWA). The goal of the project is to aid learning and teaching of the art of web application security. Ryan provided an overview and demo of the suite at a recent SuperMondays open podium event, you can find an archive of the […]
Category archives: Lab
BackTrack4 Pre-Release Released
The Remote-Exploit boys have done it again, pre-release version of BackTrack 4 is available for download here. As always there is a large amount documentation available on the Remote-Exploit wiki and forum, and the Offensive-Security blog. In case you’ve been living under a rock, BackTrack is now based on Ubuntu which makes the OS easier […]
Denial of Service with Slowloris
Earlier this week the ha.ckers.org blog posted the release of the Slowloris HTTP DoS tool primarily coded by Rsnake, discribed as The low bandwidth, yet greedy and poisonous HTTP client! The attack vector essentially works by initialising an HTTP request but never completes the request, causing the handling thread to wait for the end of […]
Acer Aspire One
Last week I bit the bullet and bought a ‘toy’ I’ve been looking at for a while, the Acer Aspire One (AA1), and so far I’ve had few regrets. Whilst being small and, more importantly to me, light the screen size is still large enough to work with (including using multiple windows at once) and […]
Random Malware Analysis
Having recently been left with several hours to kill with nothing but a laptop and my virtual lab I thought I’d try my hand at some rudimentary malware analysis. For a random live sample I selected the most recent submission to my Nepenthes Server. $ tail -n1 /opt/nepenthes/var/log/logged_submissions[2009-05-21T19:10:59] 90.130.169.175 -> 195.97.252.143 creceive://90.130.169.175:2526 93715cfc2fbb07c0482c51e02809b937 To start […]
VMware ESXi updates
A couple of SANs ISC diaries (“Recent VMware updates available” and “VMware exploits – just how bad is it?“) should be a concern for anyone running a VMware lab (or VMware production environment). The ISC diaries explain the situation better than I could, but to cut a long story short the exploits allow a malicious […]
Booby-trapped Javascript
Fortinet have just released a nice blog post highlighting and analysing some changes in the obfuscated Javascript they are seeing. De-obfuscating javascript is (should be) straight forward as it is interpreted on the fly and you have the source code available (as opposed to a compiled malware binary requiring more advance RE techniques, as discussed […]
Dark Reading: DIY security lab
As I’m currently setting up and playing with my home research lab this article from Dark Reading caught my attention. The article doesn’t provide too much ‘new’ material to those that have researched security labs even in minimal depths, but it does focus on how security labs can provide cheap training to keep your skills sharp during the current economic current. I don’t want to paraphrase the article as it is all fairly self-explanatory, for those considering how to use a proposed or existing lab John Sawyers’ article suggests the following possibilities:
Sec610 Reverse Engineering Malware Demo
I spent a very interesting hour with Lenny Zeltser (and others) around a week ago with a live demo of part of Lenny’s Sec610 course. For those interested in taking the course, or malware in general, then I’d suggest that if the demo is a representative sample of the course then you’re likely to really […]
Example PCAP files
Just a quick one this time around, as it is mostly a reminder to take a closer look once I get some free time…. Included in Dave Hull’s recent blog post on the SANS forensic blog (well worth a read in it’s own right) Dave links to part of the Network Miner Sourcefire site that […]