Photobucket: An Identity Thief's Playground
January 02, 2013
Photobucket is a popular social media site that acts as gallery and cloud ...
Internet Explorer - 2012 Last Minute 0-Day
January 01, 2013 | Rami Kogan
Using Zero Days attacks at end of the year are not the most considerate thing ...
Wardrive, Raspberry Pi Style!
December 31, 2012 | Videoman
I purchased a Raspberry Pi a few weeks back. I found that I could power it, ...
Getting Terminal Access to a Cisco Linksys E-1000
December 31, 2012 | Jonathan Claudius
Over the past couple weeks, I've been spending a lot of time hacking on various ...
Assessing iOS Applications – setting up a test environment and grabbing low hanging fruit
December 31, 2012
This guide should serve as an introduction for those wishing to get into iOS ...
Teaching Security Self-Defense
December 31, 2012 | Barry O’Connell
My background in IT comes mostly from a nomadic perspective. In my years of IT ...
Smuggler - An interactive 802.11 wireless shell without the need for authentication or association
December 31, 2012
I've always been fascinated by wireless communications. The ability to launch ...
Be Off the Beaten XPath, Go Blind
December 31, 2012 | Christophe De La Fuente
XPath (XML Path Language) is a language used to query XML documents in order to ...
SpiderLabs Radio December 28, 2012 w/ Space Rogue
December 28, 2012
We are back with another episode of SpiderLabs Radio hosted by Space Rogue. ...
SpiderLabs Radio December 21, 2012 w/ Space Rogue
December 21, 2012
We are back with another episode of SpiderLabs Radio hosted by Space Rogue. ...
Simple Ciphers, and a little SpiderLabs Crypto Contest
December 20, 2012
Millions have died and millions have been saved because of cryptography. There ...
Fraud, Passwords, and Pwnage on the Interwebz
December 19, 2012 | Therese Mendoza
This past weekend I was lucky enough to attend Microsoft's BlueHat Conference ...
Setting HoneyTraps with ModSecurity: Project Honeypot Integration
December 18, 2012
Following up my previous blog post which outlined how to activate additional ...
Finding Zero Days Reading Your Mind in the Year 2052
December 18, 2012 | Trustwave SpiderLabs
A number of months ago, I was approach by the organizers of TEDxNaperville to ...
Setting HoneyTraps with ModSecurity: Unused Web Ports
December 17, 2012 | Ryan Barnett
This blog post will show an easy configuration update that you can make to your ...
You down with LNK?
December 15, 2012 | Nathan Drier
Oftentimes on an Internal pen test, I find myself with a limited-privilege ...
PCAP Files Are Great Arn't They??
December 15, 2012 | David Kirkpatrick
One of the most important skills in anyone's armory responsible for looking ...
SpiderLabs Radio December 14, 2012 w/ Space Rogue
December 14, 2012
We are back with another episode of SpiderLabs Radio hosted by Space Rogue. ...
Abusing the Android Debug Bridge
December 14, 2012
The android debug bridge (or ADB for short) is a valuable tool, it is what ...
My 5 Top Ways to Escalate Privileges
December 13, 2012 | Bruno Oliveira
During a penetration test, rarely will the tester get access to a system with ...
The Dexter Malware: Getting Your Hands Dirty
December 13, 2012 | Josh Grunzweig
A very interesting piece of malware that targets Point of Sale systems has ...
Abusing SAP Servers
December 13, 2012 | Joaquim Espinhara da Silva Neto
During some recent penetration tests I have noticed that large companies have ...
[Honeypot Alert] Turning Local File Inclusion into Reflected Code Execution
December 12, 2012 | Ryan Barnett
Which web application attack type is more severe: Local File Inclusion (LFI) or ...
Microsoft Patch Tuesday, December 2012 – 99 Bottles of Beer on the Wall
December 11, 2012 | Space Rogue
The head of Trustwave SpiderLabs Nicholas Percoco has had an unusual goal this ...
How to Hack and Not Get Caught
December 11, 2012 | Tim Maletic
The following thoughts on internal network penetration strategies are drawn ...
Class 101 - Automating the process of fingerprinting Web Applications and Identifying Vulnerabilities.
December 08, 2012 | Wendel Guglielmetti Henrique
First of all, this blog post is not for Web Application experts, instead I will ...
SpiderLabs Radio December 7, 2012 w/ Space Rogue
December 07, 2012
We are back with a third (new) episode of SpiderLabs Radio hosted by Space ...
[Honeypot Alert] SQL Injection Scanning Detected in WordPress Error Logs
December 07, 2012 | Ryan Barnett
Normally for these Web Honeypot alert blog posts, I show snippets of the Apache ...