I was recently asked by Don over at EH-Net if I would be interested in reviewing a new book by Thomas Wilhelm of Heorot.net: ‘Professional Penetration Testing: Creating and operating a formal hacking lab’. Naturally I jumped at the opportunity.
Monthly archives: September 2009
AV killing with powershell
A colleague recently introduced me to scripting with Powershell. After seeing a couple of examples of it’s strength for handling legitimate administration tasks my devious side came into play and I started imaging havok in my head.
Real world social engineering attempt
Coincidently with my current interest in social engineering practices I believe I recently encountered a real world attempt aimed in my direction. Late Saturday evening received a call claiming to be from the local police department in reference to a speeding ticket.
Social-Engineer.org
Social-Engineering has always been an interest of mine, whilst I’m not too good deceiving people in person, the potential of [spear-]phishing and physical media drops is too appealing to ignore. Recently there has been a good step forward in the maturity of the field with the opening of social-engineer.org. If you’re not willing to take […]
Python Whois class
After too long away from the project I have been trying to implement some additional functionality to my submissions2stats script for parsing Nepenthes log files. Something that I’ve had in mind for a while is utilising Whois data to better analyse the source of the malware submissions.
Review: Ecommerce, subversion & git @ SuperMondays
Tuesday night provided an interesting evening, and for more than just the somewhat non-geeky location at the Side Cinema. Topics covered a low resource ecommerce implementation, version control with Subversion and Git and a new database technology coming out of Northumbria University, Raquel.