number six

As this is nearly the last chance for me to write up a post so that I got the three from last year I just decided to list tools as a reminder for me what I should use...

network:

yerisina
nmap
wireshark
unicornscan
packeth
tcpdump
etherape
scappy
tcptrace
paratrace
p0f
fragroute
ethercap
cain&able
dsniff
inguma
traceroute
ping
l2spike
sully
ike-scan
irpas
fierce
dnsenum
dnsmre

web application:

metoscan
nc
sslscan
w3af
grendel-scan
paros
burp
proxystrike
xss-me
sql-me
bsqlbf
firefox
ie
fiddler
nikto
dirbuster
pantera
stompy
ratproxy
hydra
medusa
hmap
halberd
flare
flasm
swfintuder
sqlninja

wireless:

air crack
kismet
airopeek
cowpatty

voip:

sipvicious
sivus
ohrwurm
sipcrack
sipbomber
sipproxy
steganRTP
voiper

misc:
john
metasploit
metagoofil
maltego
seat
nipper
rat
fwauto

This will be most probably edited.

Kind Regards
non-memory

number five

I am feeling a little bit under pressure as I managed to write the total number of 3 blog entries last August. So I have to get my brains together and hurry up to write some this August.

OK, here it goes then:

My colleges were paid to fly to Vegas. Somehow I think there was some kind of security conference going on. But when I am listening to them it seems more like a big fair for new jobs. Maybe I will get paid next time to go there when I am not scheduled for work.

But apparently some penetration testers at Vegas did forget that they are not black hats.
Leaving back doors after a successful break in at a clients site?
What is that about?

Kind Regards
non-black-hat

PS: And of course I have to mention that FX did two talks.

number four

As I am only reading two blogs apparently (which makes things quite easy) I have to point out one of the latest blog entry of FX:

Perception of Vulnerabilities

I would really like to have been a witness of the conversation between Dan and FX.

Well, this caused some discussion at work.

So happy discussing...


Kind Regards
the non discusser

number three

I am not really a brown noser, but...

FX is probably one of the best. No wonder halvar recruited him (well in a way).

So why are these guys so great? Why are those people the only people I am willing to link. OK , that is not really an honour - I know that myself.

First of course, they are f*#*ing good in what they do. But secondly they also do something for the community. If you see some of their - as they call it- “boring rants” it becomes clear they not only know there things, they also know the security market.

If I would still be a student I would more then love to work with them.

Hey and Berlin, not a bad place to be…

Kind Regards

non-student

number two

General Questions:

Is a big ego good for the security community or not?

I am doing exactly that for what the whole blogging was created:

Crying out my frustration!

Well let us see the good side:

Would those geniuses publish tools and papers if the would not get the kudos?!? (probably not)

On the other side:

Is it possible with a big ego to not feel superior? (probably not)

So what is a consequence of feeling superior?

As I see it, no one will adhere to common laws and what is even worse do not develop a sense of guilt by doing so….

Kind Regards

A nonbrainer

number one

Hello World!

This is just a beginning and therefore a bad one…

I am not sure if I really gonging to use this.

So please feel free to surf on.

Kind regards

Matthias