Search n00bz.net
Tuesday
Jul062010

iPhone 4 vs. HTC Evo

 

This has some 4 letter words so speakers at low volume.

Tuesday
Jul062010

Patch Tuesday: Windows XP Help and Support Center Exploit

The Windows Help and Support Center vulnerability (CVE-2010-1885) gets patched today.  This update will also be the last update for Windows 2000 and Windows XP Service Pack 2. (Sniff)  If you plan on using XP SP 2, you'd better hope that no more vulnerabilities are discovered going forward.

http://news.cnet.com/8301-13860_3-20010044-56.html

 

 

Thursday
Jul012010

How Secure is your Password?

http://howsecureismypassword.net/

This is a great site that will tell you how secure your password is and how long it would take to crack it.

Of course it doesn't help if you write it down next to your computer or tell that random person on IM who claims to be from your bank!

Wednesday
Jun302010

Packing Metasploit's Meterpreter with Calculator using IExpress

I was chatting with someone about creative attack vectors using the Metasploit Framework.  Rob Fuller aka Mubix over at Room362.com created an awesome video showing how calc.exe + Meterpreter = SuperCalc.exe

 

Wednesday
Jun302010

HackMiami Pen Testing Bake-Off in Business Wire

From Business Wire: http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_view&newsId=20100630006381&newsLang=en

 

Rapid7® Metasploit Express Places First in 2010 HackMiami Penetration Testing Face-Off

Leading Penetration Testing Solution Beats Industry Competition with Number One Rank for Best Interface, Value, Exploits and Reporting

BOSTON--(BUSINESS WIRE)--Rapid7®, the leading provider of unified vulnerability management, compliance and penetration testing solutions, today announced that Metasploit Express™, its new penetration testing product, placed first in the HackMiami 2010 penetration testing competition held this month between Rapid7 Metasploit Express, Core Impact Professional and Immunity CANVAS. As a result of its many impressive features, including ease-of-use and advanced reporting capabilities, Metasploit Express ranked highest overall with a total score of 4.5 out of five available stars.

“These results are extremely exciting for Rapid7, and reinforce our firm belief that the industry needs to keep advancing its penetration testing solutions”

HackMiami is an organization made up of a variety of professionals that provide innovative technical and social collaboration through regular meetings, presentations, labs and competitions that serve to develop all fields of modern technology. During the 2010 HackMiami penetration testing face-off, products were scored on a variety of characteristics, including interface, exploits, reporting, value and additional features.

Rapid7’s Metasploit Express ranked in the lead or tied for the highest ranking in four out of the five sub-categories, beating out both Core Security and Immunity who received total scores of 3.5 stars and three stars, respectively. Testers commented that compared to other applications, Metasploit Express had a cleaner interface, single-click evidence collection, a greater of number of penetrated systems via multiple methods and was the most affordable with a list price of $3,000.

“These results are extremely exciting for Rapid7, and reinforce our firm belief that the industry needs to keep advancing its penetration testing solutions,” said Mike Tuchen, president and CEO for Rapid7. “As the threats that enterprises face continue to evolve, there has been a fundamental shift in the need for pen testing integration into enterprise security systems and companies are increasingly looking for easy-to-use, powerful solutions that automate common functions. Our goal with Metasploit Express was to create a product that would offer all of this, and more, and we look forward to continuing to enhance our research and development in the future.”

Leveraging its 2009 acquisition of the Metasploit Framework, Rapid7 launched Metasploit Express as an affordable, easy-to-use penetration testing solution that delivers a full graphical user interface, automated exploitation capabilities and reporting for enterprises. Known for releasing some of the most technically sophisticated exploits to the public, Metasploit Express provides full network penetration testing capabilities and is backed by the world’s largest, fully tested and integrated public database of exploits.

About Rapid7

Rapid7 is the leading provider of unified vulnerability management, compliance, and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC. Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits. For more information, visit www.rapid7.com.