001_Security

BruCON 2010 : Day 0x1

Published September 23, 2010 |

After hearing a lot of great things about the first edition of BruCON (in 2009), I decided to attend the con this year. The fact that BruCON is gaining popularity and established a lot of recognition in the industry already, combined with the fact that it takes place in Brussels, Belgium (my home country), it […]

Posted in 001_Security, Cons and Seminars | Tagged 001_Security, attack, brucon, brussels, code, cybercrime, cyberwar, gsm, hex factor, iftach, ips, malicious, mitm, mobile, network, pentester, phone, session key, systems, virus, viruses, waf

WATOBO – the unofficial manual

Published July 23, 2010 |

By Corelan Team (fancy)

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities. WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works […]

Posted in 001_Security, Papers, Web Application Security | Tagged 001_Security, active, active checks, audit, base64, decode, encode, filter, filter functions, functions, fuzzer, interceptor, login, passive, passive checks, proxy, regex, requests, scan, scanner, semi, semi automated, session, vulnerability, watobo, watobo supports, web application

Offensive Security Hacking Tournament – How strong was my fu ?

Published May 10, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

Hi, Over the last 2 days my friends from Corelan Team and I participated in a Hacking Tournament, organized by Offensive Security. The primary goals of the tournament are : be the first one to grab “secret” information from a machine and post it to the Tournament Control Panel. document your findings and submit them […]

Posted in 001_Security, Exploits | Tagged --, 001_Security, 192-168-6-66, capture, ctf, flag, hacking, hacklab-vpn, n00bfilter, nc-backshell-invalid-connection, nox-of-xr-offensive-security-team, offensive security, offensive-security-labs-exercises, offsec-lab, offsec-lab-firewall, pentestexploitsexploitdbplatformslinuxremote340-c-imap, screenos-import-pfx, smtx-video-ghost-challenge-write-up, surgemail-3-8k4-4-d-download, tournament

Blackhat Europe 2010 Barcelona – Day 01

Published April 14, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

As some of you might know, I am currently attending Blackhat Europe (hosted in Barcelona this year). So I wanted to take the opportunity to fill you in on the details of this first day of briefings, and provide you with a short overview of the presentations I have attended today. I am most certainly […]

Posted in 001_Security, Cons and Seminars | Tagged 001_Security, backdoors, blackhat europe, bugs, chris-john-riley, conf-x-frame-options, Cons and Seminars, database, facebook, httpd-conf-location-header-set-x-frame-options, httpd-conf-set-header-frames, maltego, oracle, presentation, sample-httpd-conf-with-x-frame, sap, secure-badge-exchange-system, sitewww-corelan-be-facebook, swf, vulnerabilities

Nessus/OpenVAS wrapper for ike-scan

Published January 30, 2009 |

By Peter Van Eeckhoutte (corelanc0d3r)

ike-scan is a great tool to audit VPN/IPSec implementations. This tool, which runs under Lunix, Unix, MacOS and Windows, can be found at www.nta-monitor.com/tools/ike-scan/ (Latest version at time of writing is 1.9). My Nessus ike-scan NASL wrapper may or may not work with earlier versions or newer versions, so test test test) Some of the […]

Posted in 001_Security, Linux and Unix, My Free Tools, Networking | Tagged 001_Security, audit, download, free, free tool, groupid, ike, ike-scan, ipsec, ipsec-team-blog, nasl, nessus, openvas, phase1, plugin, prevent-ike-scan, proposal, scan, script, vpn

Securing Windows Server 2008 and Active Directory

Published April 18, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

According to Microsoft, Windows Server 2008 is the most secure Windows server version ever. Windows 2008 does include many features that will help increase overall security of the OS, or assist you with securing AD, the network, etc. Most of the features/roles available in Windows 2008 are not being installed in a default installation of […]

Posted in 001_Security, Active Directory, Windows Server | Tagged 001_Security, 2008, Active Directory, disable-ip-source-routing-windows-2008, fine grained password policies, gpo, gpoaccelerator, group policy, hardening, hardening-windows-server-2008, high-security-dc-inf-windows-2008, logon-banner-displaying-warning-message-windows-server-2008, perforrouterdiscovery-server-2008, scw, securing-active-directory-accounts-2008, securing-and-auditing-windows-active-directory-domains, securing-windows-server-2008, security configuration wizard, what-is-the-role-of-server-operator-in-member-servers, windows

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

BruCON 2010 : Day 0x1

Offensive Security Hacking Tournament – How strong was my fu ?

Blackhat Europe 2010 Barcelona – Day 01

Nessus/OpenVAS wrapper for ike-scan

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!