mattandreko.com
Burp Icon in OSX - MattAndreko.com
https://www.mattandreko.com/2014/08/01/burp-icon-in-osx
Hostess is a code-slaying dragon found deep within the core of the earth, unearthing magma and vulnerabilities single handedly while using the other hand to pet his cat". Burp Icon in OSX. Recently, I on a Google Hangout with a coworker and saw him using the Burp Suite. And this post should document the process I found that worked for me. So first, to describe my configuration, I keep the Burp Suite. Jar files in my ‘ /Downloads/burp/’ folder, as shown here:. IRC channel, and a little Googling. Automator...
mattandreko.com
Compiling SSLScan With SSLv2 Support on OSX - MattAndreko.com
https://www.mattandreko.com/2014/12/17/compiling-sslscan-with-sslv2-support-on-osx
Hostess is a code-slaying dragon found deep within the core of the earth, unearthing magma and vulnerabilities single handedly while using the other hand to pet his cat". Compiling SSLScan With SSLv2 Support on OSX. This guide will outline how to compile the newer versions of SSLScan with color highlighting, on OSX while retaining SSLv2 capabilities. It has so far only been tested against OSX Yosemite. Downloading the source code. Then download the SSLScan code using ‘git’. To build these applications, y...
obscuresecurity.blogspot.com
obscuresec: June 2013
http://obscuresecurity.blogspot.com/2013_06_01_archive.html
Sunday, June 30, 2013. Logging Keys with PowerShell: Get-Keystroke. I was recently inspired by Matt Graeber's. Series of posts on Microsoft's "Hey, Scripting Guy! To go back and look at old scripts and implement reflection. One of the scripts that I use regularly and mentioned in a previous post. A preferred method would be to hook each window with SetWindowsHookEx but there are several security products that flag on that behavior, so I avoided it. If you have read Matt's posts, then you understand why t...
obscuresecurity.blogspot.com
obscuresec: December 2012
http://obscuresecurity.blogspot.com/2012_12_01_archive.html
Wednesday, December 12, 2012. Finding Simple AV Signatures with PowerShell. Executed with the Inject-Shellcode. Was released by class101 which was used to demonstrate how some AV signatures could be bypassed by finding and modifying one byte within the binary. Unfortunately, the original file (and source code? Is no longer available for download by the author. Since the method still works, we decided to create a similar PowerShell script with a few improvements:. Do you want to create the directory?
sector876.blogspot.com
Sector 876: August 2013
http://sector876.blogspot.com/2013_08_01_archive.html
RANDOM THOUGHTS OF AN INFOSEC PRO. Thursday, August 1, 2013. I do a lot of my shopping online. And given the fact I am located on the beautiful island of Jamaica, most times I use a mail forwarder to get the items to me. This particular mail forwarder has an online portal that allows you to track your package. Pretty convenient might I add. Host: www.vulnerablesite.com. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:22.0) Gecko/20100101 Firefox/22.0. Accept-Language: en-US,en;q=0.5. If you g...
sector876.blogspot.com
Sector 876: Backdooring PE Files - Part 1
http://sector876.blogspot.com/2013/03/backdooring-pe-files-part-1.html
RANDOM THOUGHTS OF AN INFOSEC PRO. Sunday, March 3, 2013. Backdooring PE Files - Part 1. Sometimes during an engagement, whether it be a social engineering gig or network penetration test, you may find that you need to create a backdoored EXE and then trick a user into running it. There are several ways to achieve this. And this series of posts, is aimed at discussing a few of them. In this two part series I will go over:. Setting up the executable for code injection. Code Injection and execution. Run it...
sector876.blogspot.com
Sector 876: July 2010
http://sector876.blogspot.com/2010_07_01_archive.html
RANDOM THOUGHTS OF AN INFOSEC PRO. Saturday, July 17, 2010. This Week In Security (June 17, 2010). Firefox security test add-on was backdoored. ÜberTwitter: your secret spy? Possible New Rootkit Has Drivers Signed by Realtek. Talk on Chinese Cyber Army Pulled From Black Hat. Mozilla Bumps Bug Bounty to $3,000. Microsoft: 25,000 Computers Attacked With Latest Windows Zero Day. Posted by Dark Knight. Thursday, July 15, 2010. Why You Should Write Down Your Passwords. Posted by Dark Knight. Recently, I was s...
obscuresecurity.blogspot.com
obscuresec: November 2012
http://obscuresecurity.blogspot.com/2012_11_01_archive.html
Friday, November 30, 2012. The amount of effort that goes into writing any book is substantial, but the amount of effort that goes into a great book is mind-boggling. " Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers, and Security Engineers. By TJ O'Connor is a great book. Despite the "cookbook" title, this book is well-organized and can be read cover-to-cover. If you are a security professional, you have already or will use the methods mentioned in the book. Exporting work...
obscuresecurity.blogspot.com
obscuresec: January 2013
http://obscuresecurity.blogspot.com/2013_01_01_archive.html
Monday, January 14, 2013. Automating Screenshots with PowerShell. There are applications that can take screenshots for you at regular intervals and in the past I used an AutoIt. Macro to printscreen and save. That works well when I am on my own machine, but what if I was at a kiosk or doing an insider assessment from one of their workstations? I needed a PowerShell script that could take a screenshot at regular intervals, time stamp it, save it to a file and not tamper with the contents of the clipboard.
obscuresecurity.blogspot.com
obscuresec: May 2014
http://obscuresecurity.blogspot.com/2014_05_01_archive.html
Monday, May 19, 2014. Modifying MAC properties with PowerShell. Laziness is the demise of Red Team engagements. Whether it is writing PsExec to a user's desktop. Utility. Meterpreter has TimeStomp. Which works on Windows and makes it easy to blend your files with files around it by modifying the MACE attributes. After a request to add the capability to PowerSploit. S Beacon. I asked Raphael. And he pointed me to a well-documented part of the Windows API. So naturally I headed over to pinvoke.net. Wow, we...
SOCIAL ENGAGEMENT