Coresec.org – Information Security Blog

2011
09.02

From SQL Injection to Backdoor Installation

Category: Exploits/Vulns, PenTest, Tutorials / Tag: access, apache, backdoor, create, database, datadir, exploit, inject, injection, installation, joomla, mysql, php, phpshell, server, shell, sql, sqlmap, trojan, webserver / 1 comment

2011
08.22

Advanced SQL Injection @ Defcon 17

Category: PenTest, Videos / Tag: advanced, defcon, injection, presentation, sql / Add Comment

2011
08.22

Pentesting MSSQL Servers with SQLat and Cain

Category: Cracking, PenTest / Tag: 1433, abel, audit, auditing, authentication, backdoor, backdooring, cain, cmdshell, command, crack, cracking, database, dictionary, execute, execution, exploit, exploitation, hack, hacking, hash, hashes, login, microsoft, mixed, mssql, pass, password, penetration, pentest, pentesting, privilege, privileges, pwdump, sam, server, servers, sql, sqlat, testing, username, windows, wordlist / 1 comment

2011
08.18

Post Exploitation with WCE Presentation – Amplia Security

Category: Exploits/Vulns, PenTest, Tools, Tutorials / Tag: amplia, audit, exploit, exploitation, hack, hacking, hash, pass, penetration, pentest, presentation, security, testing, wce / Add Comment

2011
08.10

Web Application Security Resources

Category: PenTest, Security, Tools / Tag: assessment, checklist, extensions, framework, handbook, injection, methodologies, methodology, owasp, penetration, pentest, scanners, security, sqlinjection, suites, testing, tools, utilities, web / Add Comment

2011
08.02

[Tip] SSL Scanners (PenTestIt.com)

Category: PenTest, Tips, Tools / Tag: analyser, analyzer, audit, auditing, certificate, comodo, cryptonark, encrypt, encryption, https, openssl, penetration, pentest, qualys, scan, scanner, scanners, ssl, sslcert, sslscan, ssltest, sslv2, tls, TLSSLed / 4 comments

2011
08.01

Plecost – WordPress fingerprinting tool

Category: PenTest, Tutorials / Tag: analyser, analyzer, backtrack, blog, CVE, exploit, exploitation, finger, fingerprint, hack, hacking, identification, identify, informations, plecost, plugins, printer, python, retrieve, scan, scanner, tool, versioning, versions, wordpress / Add Comment

2011
07.31

Brute Force Database Servers with HexorBase

Category: PenTest, Tools, Tutorials / Tag: attack, brute, database, databases, force, hack, hacking, hexorbase, list, metasploit, microsoft, mssql, mysql, oracle, pass, passes, passlist, password, passwords, postgresql, queries, query, report, reporting, server, servers, sql, sqlite, user, userlist, username, usernames, wordlist / 1 comment

2011
07.28

Metasploit Commands – CLI Index

Category: PenTest / Tag: audit, auxiliary, cli, command, commands, exploit, exploitation, exploits, hack, hacking, index, metasploit, msfconsole, payloads, penetration, pentest, scan, scanner, security, target, targets, tester, testing, usage, utilities / Add Comment

2011
07.27

Hack Database Servers with SQLCMD and OSQL

Category: PenTest, Tutorials / Tag: authentication, command, commands, database, databases, default, dump, escalation, execute, execution, files, hack, hacking, instance, microsoft, mssql, non, odbc, osql, outfile, own, ownage, parameters, password, port, pownage, privileges, queries, query, sa, save, script, server, servers, sql, sqlcmd, statement, statements, syntax, system, tools, username, utilities, utility / Add Comment

2011
07.22

Bypass Software Restriction Policy (SRP)

Category: Exploits/Vulns, PenTest / Tag: active, bypass, crack, cracking, deskpan.dll, directory, dll, dll hijacking, execute, gp, gpdisable, gpdisable.dll, group, hack, hacking, hijack, hijacking, injection, limited, operating, policy, restriction, software, srp, system, user, vulnerabilities, vulnerability, windows, windows 7, windows vista, windows xp / 2 comments

2011
07.18

SQL Injection Scanners

Category: PenTest, Tools / Tag: access, acunetix, application, assessment, blind, bobcat, brute, bsql hacker, bsqlbf, darkmysql, darkmysqli, database, db2, digger, dump, dumper, dumping, exploitation, exploitmyunion, firebird, firewall bypass, fj-injector, force, framework, hacking, havij, hexjector, http, https, informix, injection, interbase, keyword, laudanum, marathon, microsoft sql, mysql, mysqlenum, oracle, pangolin, penetration, pentest, postgresql, priamos, proxy, safe3, scanner, sqid, sql, sql power injector, sqlier, sqlite3, sqlmap, sqlninja, sqlus, sybase, testing, toolza, union, vulnerabilities, web, web hacking, webraider, witool, xss, yinjector / 5 comments

2011
07.16

Install netcat as permanent backdoor using metasploit

Category: PenTest, Tutorials / Tag: access, attack, backdoor, cmd, command, compromised, configure, current, execute, execution, exploit, firewall, hack, hacking, install, listen, metasploit, meterpreter, nc, netcat, netsh, penetration, pentest, permanent, regedit, reverse, rule, rules, session, sessions, setup, seven, shell, trojan, version, victim, windows / 1 comment

2011
07.14

WPScan – WordPress Security Scanner

Category: Cracking, PenTest, Tools / Tag: assessment, black, blackbox, box, bruteforce, cracking, detection, enumerate, enumeration, fingerprint, hacking, hardening, identification, password, plugins, scan, scanner, security, theme, tool, username, version, versioning, vulnerabilities, weak, wordlist, wordpress, wpscan / 3 comments

2011
07.13

Easy WiFi cracking using Wiffy and BackTrack

Category: Cracking, PenTest / Tag: automated, backtrack, crack, cracking, easy, script, shellscript, wiffy, wifi / 1 comment