Book Review – Instant OSSEC Host-based Intrusion Detection

Posted on October 18, 2013 by Finian

This book is a great way to take your first steps into the world of Host-Based Intrusion Detection (HIDS) and OSSEC. It makes no assumptions about your knowledge – takes you through the terminology, reasoning behind the solution and the requirements to deploy it effectively. It also contains useful links to further your reading specific to your solution or operating system. As I am had little knowledge of OSSEC or HIDS, it met all of my needs.   The book systematically takes the reader  Read more ...

Python Unicode Converter

Posted on September 17, 2013 by Dave

  This is a quick script I wrote for converting to Unicode and back when using string.fromCharCode() to circumvent filters in Cross Site Scripting attacks.   Usage: -auh Simple tool to convert from ASCII to Unicode and back for use with String.fromCharCode(). arguments: -h, –help Show this help message and exit. -a ASCII_STRING Enter the ASCII string for conversion contained within ” “. Any ” in the string itself must be escaped with a \ or simply use ‘  Read more ...

MSSQL Practical Injection Cheat Sheet

Posted on September 17, 2013 by Dave

Following on from my MySQL Injection Practical Cheat Sheet here is the MSSQL version. As before, I will list the injections by their categories: union based, error based and inferential (time and boolean). Wherever you see @@version below (used to find the database version), you can replace it with:   db_name() – to extract database name user_name() or user()- to extract the username the database runs under @@servername – to extract the server name host_name() – to extract  Read more ...

The Days of XSS are Numbered: Content Security Policy Draft 1.1 Released

Posted on June 07, 2013 by Dave

A working draft of version 1.1 of the Content Security Policy (CSP) was released on Tuesday (04/06/13). For those of you that don’t know, the CSP attempts to eliminate Cross-Site Scripting (XSS) by preventing the execution of all inline scripts, i.e.:   <script>alert(1)</script> and event handlers, i.e.:   <img src="xss.png" onerror=alert(1)/> When using the policy, all JavaScript must be placed in separate script files and called  Read more ...

Penetration testing for the masses with Kali – Part 2

Posted on May 21, 2013 by Finian

  Kali Linux – Pentesting for the masses? My previous blog post looked at the changing face of the Backtrack / Kali rebirth and how the Offensive Security team, along with Rapid7, are looking at progressing into the Enterprise space. In this post I will be looking a bit closer at the Kali distribution itself and getting to the bottom of some of the changes and reasoning behind the move.   Progression to a more standardised approach At its core, it’s a move to Debian Wheezy as a base  Read more ...

Penetration testing for the masses with Kali

Posted on May 15, 2013 by Finian

  Kālī (Sanskrit: काली, IPA: [kɑːliː]), also known as Kālikā (Sanskrit: कालिका), is the Hindu goddess associated with empowerment, shakti. The name Kali comes from kala, which means black, time, death, lord of death, Shiva. [source: wikipedia]   Interesting and a little scary on first glance, but perhaps more relevant to us, Kali Linux is the new generation of the industry-leading Backtrack Linux penetration testing and security auditing distribution. Kali Linux  Read more ...