Coresec.org – Information Security Blog

2011
12.24

Cymothoa – Inject Shellcode into an existing process

Category: PenTest, Tools / Tag: access, attach, backdoor, backdooring, cymothoa, hack, hacking, infect, infection, inject, linux, payload, penetration, pentest, pid, process, processes, ptrace, security, shellcode, stealth, testing, tool, unix / Add Comment

2011
10.08

Generate and Manage Stealth PHP backdoors

Category: Malware, PenTest, Tools, Tutorials / Tag: application, backdoor, backdoored, bypass, cloudflare, command, commands, execute, firewall, firewalls, hidden, imperva, invisible, payload, php, restrictions, shell, stealth, trojan, waf, web, weevely / 3 comments

2011
10.08

Online Penetration Testing Tools

Category: PenTest, Tools / Tag: admin, brute, bruter, force, injection, LFI, online, page, penetration, pentest, pentesting, port, rdp, scan, scanner, scanners, sql, ssh, testing, tools, vnc / Add Comment

2011
08.18

Post Exploitation with WCE Presentation – Amplia Security

Category: Exploits/Vulns, PenTest, Tools, Tutorials / Tag: amplia, audit, exploit, exploitation, hack, hacking, hash, pass, penetration, pentest, presentation, security, testing, wce / Add Comment

2011
08.10

Web Application Security Resources

Category: PenTest, Security, Tools / Tag: assessment, checklist, extensions, framework, handbook, injection, methodologies, methodology, owasp, penetration, pentest, scanners, security, sqlinjection, suites, testing, tools, utilities, web / Add Comment

2011
08.02

[Tip] SSL Scanners (PenTestIt.com)

Category: PenTest, Tips, Tools / Tag: analyser, analyzer, audit, auditing, certificate, comodo, cryptonark, encrypt, encryption, https, openssl, penetration, pentest, qualys, scan, scanner, scanners, ssl, sslcert, sslscan, ssltest, sslv2, tls, TLSSLed / 4 comments

2011
07.31

OSX Firewalling using IPFW and LittleSnitch

Category: Security, Tools / Tag: allow, deny, firewall, firewalling, ipfw, ipv4, ipv6, littlesnitch, mac, macos, network, osx, port, protection, rule, rules, software, waterroof / Add Comment

2011
07.31

Brute Force Database Servers with HexorBase

Category: PenTest, Tools, Tutorials / Tag: attack, brute, database, databases, force, hack, hacking, hexorbase, list, metasploit, microsoft, mssql, mysql, oracle, pass, passes, passlist, password, passwords, postgresql, queries, query, report, reporting, server, servers, sql, sqlite, user, userlist, username, usernames, wordlist / 1 comment

2011
07.19

HyperTaskMgr – Task Manager for Virtual Machines

Category: Security, Tools / Tag: attached, attack, attacks, dll, emet, exploit, exploitation, hyper, hypertaskmanager, hypertaskmgr, hypervisor, kernel, kill, machines, manage, manager, password, process, processes, protect, running, task, unlock, virtual, windows / Add Comment

2011
07.18

SQL Injection Scanners

Category: PenTest, Tools / Tag: access, acunetix, application, assessment, blind, bobcat, brute, bsql hacker, bsqlbf, darkmysql, darkmysqli, database, db2, digger, dump, dumper, dumping, exploitation, exploitmyunion, firebird, firewall bypass, fj-injector, force, framework, hacking, havij, hexjector, http, https, informix, injection, interbase, keyword, laudanum, marathon, microsoft sql, mysql, mysqlenum, oracle, pangolin, penetration, pentest, postgresql, priamos, proxy, safe3, scanner, sqid, sql, sql power injector, sqlier, sqlite3, sqlmap, sqlninja, sqlus, sybase, testing, toolza, union, vulnerabilities, web, web hacking, webraider, witool, xss, yinjector / 5 comments

2011
07.14

WPScan – WordPress Security Scanner

Category: Cracking, PenTest, Tools / Tag: assessment, black, blackbox, box, bruteforce, cracking, detection, enumerate, enumeration, fingerprint, hacking, hardening, identification, password, plugins, scan, scanner, security, theme, tool, username, version, versioning, vulnerabilities, weak, wordlist, wordpress, wpscan / 3 comments

2011
07.07

Medusa – Multi-protocol brute force utility

Category: PenTest, Tools, Tutorials / Tag: afp, brute force, cvs, ftp, hack, http, imap, libssh, list, medusa, mssql, mysql, password, pcanywhere, pop3, postgresql, rexec, rlogin, rsh, smb, snmp, ssh, svn, telnet, vmware, vnc, web form, wordlist / 1 comment

2011
07.06

Information Gathering using Metagoofil

Category: PenTest, Tools / Tag: content, doc, documents, enumeration, gathering, google, information, metadata, metagoofil, pdf, pentest, search / Add Comment

2011
06.23

SSHscan – Scanning ports through SSH Port Forwarding

Category: PenTest, Tools, Tutorials / Tag: brutessh, edgessh, forwarding, internal, network, port, scanning, ssh, sshscan / Add Comment

2011
06.05

[Tip] Configure Nessus on Backtrack 5

Category: PenTest, Tips, Tools, Tutorials / Tag: activate, backtrack, backtrack5, configuration, free, key, nessus, nessus-adduser, nessus-fetch, nessusd, register, tenable / 1 comment