belsec

  • MORGEN AFSCHEIDSINTERVIEW in de Financieel Economische Tijd van Belsec

    ik ging geen afscheid nemen zonder nog 1 keer te overlopen wat de afgelopen 10 jaar via Belsec werd uitgevoerd en al dan niet verwezenlijkt of aangepakt en wat de belangrijkste strijdpunten zijn en blijven.

    Zonder statuut of bescherming van securityresearchers zelfs als bloggers is het de laatste maanden steeds moeilijker geworden om zonder kleerscheuren dit soort activiteit te blijven voortdoen. Na 10 jaar inzet werd het dan ook tijd om dit soort stress en risico's aan me te laten voorbijgaan. 

    De Financieel Economische Tijd van morgen. 

    hopelijk iets dat de discussie zal kunnen voeden 

     

  • tool to abuse vulnerabilities to ddos sites off the web

    " After making public release of DAVOSET (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-June/008850.html), I've made next update of the software. At 23rd of October DAVOSET v.1.2.1 was released - DDoS attacks via other sites execution tool (http://websecurity.com.ua/davoset/). Video demonstration of DAVOSET: http://www.youtube.com/watch?v=RKi35-f346I Also yesterday I opened a repository for DAVOSET: https://github.com/MustLive/DAVOSET Download DAVOSET v.1.2.1: http://websecurity.com.ua/uploads/2014/DAVOSET_v.1.2.1.rar In new version there was added support of attacks via WordPress, based on XML support since v.1.1.2 (released at 31.07.2013). After vulnerability in XML-RPC PingBack API in WordPress was found last year, I added support for XML in DAVOSET (to use with XXE vulnerabilities, but it also can be used with this vulnerability). After that people many times asked me to add this support, but nobody wanted to do it by himself, so I added it. Also there were added new services into both lists of zombies and removed non-working services from lists of zombies. In total there are 175 zombie-services in the list. I added 3 and removed 18 zombie-services. I removed a lot of vulnerable sites from the lists, because admins became fixing holes at their web sites in summer - after significant increase of use of my tool.
    http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2014-October/009057.html

    which means that if your site or webservice is vulnerable it can now not only be hacked but also be abused to attack other sites with an DDOS and abusing about your traffic (if you don't have an unlimited account or just getting your blog or site of the web because it is being abused in such an attack)

  • how safe is your SSL installation - test it with this free tool (only professionals)

    If you would do it without the permission of the targeted firm than you could be prosecuted. This is only for use for professionals who want to test the security of their SSL installation.

    Latest release: sslsplit-0.4.9.tar.bz2 (.asc) (sslsplit(1)) (NEWS)

    "SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

    SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. For HTTP and HTTPS connections, SSLsplit removes response headers for HPKP in order to prevent public key pinning, for HSTS to allow the user to accept untrusted certificates, and Alternate Protocols to prevent switching to QUIC/SPDY."

    https://www.roe.ch/SSLsplit

  • Tripware Freeware Securecheq checks for vulnerabilities in Windows desktops and servers

    "

    WEAK WINDOWS CONFIGURATIONS

    Free tests for typical and often dangerous Windows configuration errors. Microsoft is the backbone of many enterprise networks. Find out if you have weak configuration parameters exposing you to security threats.

    REMEDIATION GUIDANCE

    Tripwire® SecureCheq™ delivers twenty checks for different security configuration errors and includes detailed remediation guidance on findings.

    HARDEN CONFIGURATIONS

    Tripwire SecureCheq demonstrates how your systems need to be continually hardened against configuration errors related to OS hardening, data protection, user account activity and audit logging.

    http://www.tripwire.com/securecheq/

  • VEGA freeware to find sql injections and xss vulnerabilities in websites and apps

    source https://subgraph.com/vega/index.en.html

    "Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

    Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript."

  • test your website on nearly all 160 xss attacks for free

    use this tool from OWASP, the international organisation that tries to clean up our addiction to bad code

    http://www.toolswatch.org/2014/09/owasp-xenotix-xss-exploit-framework-v6-released/

  • set up your own malware analysis environment for your collaborators for free

    you can't have access to the FBI or Microsoft tool set or information ?

    you have an enormous network with people working a bit everywhere or with many different specialists working on different locations ?

    you want to have a good impact analysis from very complex malware that does all kinds of things so people will have to research the effects on all kinds of security installations and servers ?

    use this http://www.cuckoosandbox.org/

  • free testexample without backdoors of darkcomet malware

    if you can install this on your computer without being detected you have a problem

    because it will take over your webcam, microphone as all the rest of the machine

    source http://cyberwarzone.com/darkcomet-rat-sample-dc_mutex-m69pz1m/

  • Netflix and Belgacom should work together in Belgium

    Belgacom delivers digital tvsetupboxen in Belgium but just as with Telenet the other Partner of this Oligopoly (with some smaller players) they didn't deliver something that is anything near the démonstrations and présentations that they were giving at the start to political and technological influencers

    * we have a very very small number of free tv channels (70) which is the double of what we had before but which is nothing compared to the hundred of tv channels  in the air and offered on the US cable networks

    * there are few or no open air or public information tvstations while it was announced that by going digital we could install this kind of open media as is the case in the US

    * there is only a connection to a few internetservices while with Chromecast at 30 Euro I can have the whole internet and my laptop on the TV

    * there is no permanent Library of films, series and documentaries or concerts and the film passports of Belgacom are just boring (compared to the internet)

    and so I could go on and on

    so netflix on Belgacom would be interesting

    and maybe after Netflix there maybe some or hundreds of other services of packages you could chose from ?

    because once you have tried one transportation model, there are others (for example why not American Football or other sports or live concerts etc.....)

    If it is on the internet and it can be connected to the Digital TVnetwork than where is the problem

    otherwise the problem will be that when people look outside (on the internet) they will see a whole new world of information, sports and animation that they should be able to find through their digital tv

    Belgacom should maybe also understand that mainstream tv has become enormously boring and repetitive

    If Belgacom doesn't do it (and maybe get a lower price for its members and use the economy of scale) than my Chromecast and laptop will do it (as they already do) but the quality will not be the same

  • #ukraine Putin has become doctor Strangelove becoming unpredictable

    http://www.veoh.com/watch/v19483133d9a7jQka?h1=Dr.+Strangelove+or%3A+How+I+Learned+to+Stop+Worrying+and+Love+the+Bomb+

    this is just a picture click the link and download the player

     

  • netflix comes to Belgium, here are some guides (bye bye tv)

    this doesn't mean that these films and series will be aviable for the Belgian audience but maybe they can give you some guidance in what in any case will be an enormous library right to your desktop (or your tv if you have a HDMI cable) just be sure that your internetconnection is unlimited if you will be a heavy user7

    http://netflixusacompletelist.blogspot.com/

    http://uproxx.com/tv/2014/01/25-best-series-netflix-instant-ranked/

    What’s New In Television This Week On Netflix: August 15th

    The 25 Next Best Series On Netflix Streaming

    The 26-50th Best Series On Netflix Instant

    10 New And Returning Original Series Coming To Netflix In 2014

    The 12 Highest Rated Horror Movies On Netflix Streaming

    The 12 Highest Rated Comedy Movies On Netflix Streaming

    The 12 Highest Rated Action And Adventure Movies On Netflix Streaming

    The 12 Highest Rated Spoofs And Satires On Netflix Streaming

    The 12 Highest Rated Stand-Up Comedy Specials On Netflix Streaming

    The 12 Highest Rated Heist Movies On Netflix Streaming

    The 12 Highest Rated Kung Fu Movies On Netflix

    The 12 Highest Rated Geek & Sci-Fi Movies On Netflix Streaming

    The 12 Highest Rated Crime Thrillers And Dramas On Netflix Streaming

    The 12 Highest Rated Westerns On Netflix Streaming

    The 12 Highest Rated Sports Movies On Netflix Streaming

    The 12 Highest Rated Drama Movies On Netflix Streaming

    The 25 Best Documentaries You Can Login To Netflix And Stream Right Now

    http://www.digitaltrends.com/movies/best-netflix-instant-tv-shows/#!bKAHTI

    http://metro.co.uk/2014/06/04/whats-actually-good-on-netflix-we-round-up-the-22-best-films-tv-shows-and-documentaries-4727739/

    http://allyourscreens.com/index.php/streaming-tv-news/1309-disappearing-from-netflix-the-complete-list

    http://www.telegraph.co.uk/culture/tvandradio/10936206/A-list-of-the-best-TV-shows-on-Netflix-UK.html

    http://instantwatcher.com/

    http://www.reddit.com/r/bestofnetflix/

    http://www.bestmoviesonnetflix.com/

  • wikipedia moves from content to free datasets

    How does Wikidata work?

     

    This wiki is the Wikidata repository. The repository is the central storage for the data that may be accessed by the client Wikis connected to the repository. By maintaining the data in the repository, content loaded dynamically from Wikidata does not need to be translated nor has to be kept up to date in each individual client Wiki. In addition, Wikidata has centralized all Wikipedia interlanguage links.

     

     

    The Wikidata repository consists mainly of items, each outlined by a label, a description and likely one or more aliases. Sitelinks connect the articles of all client wikis while statements describe detailed characteristics of each Item. Each statement consists of a property and a value: You can link items of people to their place of birth, to their occupation or to its number of an authority control database, link a politician to his or her political party. You can give mountain peaks, places or buildings geographic coordinates, link an Item about a township to its next higher administrative unit, link a country to its highest representative, to its national anthem and so on. All this informations can be used in any language to display it in their own language even if all the information is taken from a different language. Even more, with accessing these values client wikis will always embed the most up-to-date data.
    http://www.wikidata.org/wiki/Wikidata:Introduction

  • Netflix opensources its own tool to manage Amazon Cloud accounts securily

    "Netflix has open sourced another member of its “Simian Army,” the monkey-monikered tools its engineers use to manage the enormous number of machines that drive its popular video streaming service. The latest is called Security Monkey, and it’s a tool for monitoring and analyzing the security of its systems.Like others in the family, the tool is designed to deal with machines used through Amazon’s cloud computing service. Netflix operates several dozen accounts on the Amazon cloud, and through each of these, it can spin up virtual servers to run the various parts of its video service. The company is constantly deploying new code, adding new services, deleting old ones, and modifying server configurations. Each of these tasks can create security vulnerabilities, and that’s where Security Monkey comes into play. The tool could potentially help any company that runs its operations atop Amazon and other cloud services—and such companies are only becoming more prevalent.

    http://www.wired.com/2014/07/security-monkey

    http://techblog.netflix.com/2014/06/announcing-security-monkey-aws-security.html

    https://github.com/Netflix/security_monkey

  • ALERT : STILL ON XP ? CHANGE Internet Explorer for Firefox NOW (not later)

    as we have seen in the new announcements for the securitypatches from Microsoft for May there are

    NO SECURITYPATCHES FOR XP (they say they meant it when they would leave several million pc's without securitypatches - maybe some-one should sue them for that)

    there are several things you can do yourselfs offcourse

    First and all ditch Internet Explorer and use Firefox (we don't like Chrome for several reasons and the Apple Safari is securitywise a total disaster)

    With Firefox you activate the automatic updates and you can install a whole series of functions to block adware, scripts, protect your privacy and so on (everyone has its favourites)https://support.mozilla.org/en-US/products/firefox/privacy-and-security

    https://support.mozilla.org/en-US/products/firefox/customize

    and if you have a proxy on your network or a firewall on your pc than you don't let your Internet Explorer on XP on the internet ever again (in the free zonealarm.com firewall is that with the application control)

    to keep your xp safer 5 rules

    1. install always the latest versions of adobe, flash and all other software updates still available (use the free secunia.com tool for that)

    2. do not let internet explorer or office 2003 on the internet, ever

    3 install a firewall (zone alarm), a free antivirus (for example avg or avast) and spybot search and destroy security tool (safer-networking.org)

    4. do not surf on pornsites, don't use IRC or P2P with your XP as you will be too vulnerable in those dangerous environments

    5. do not click without thinking (keep for example your email online instead of downloading it) and be very careful with downloads (for example download in a folder on which you have set a password or zip the files afterwards with a password so they can start doing things on their own)

    in any case if you think about what you would like for christmas, think about a new pc or laptop (fuck the tablets, they are as expensive as a good laptop and your tablet is so minimal that you will get bored after a while)

  • #ukraine this is what the russian invaders are using to communicate

    and it seems that anybody can listen in :)

    so everybody is listening in and communicating

    but one should also not forget that it is good to remember that if

    one knows that the enemy is listening one can tell lies

    zello.com

  • #heartbleed a new free networkscanner that tests different devices and ports

    just what you would need if you want to be sure that it is not lurking somewhere where you didn't expect it

    source http://www.crowdstrike.com/blog/new-community-tool-crowdstrike-heartbleed-scanner/index.html

    download it from here ; http://www.crowdstrike.com/community-tools/index.html

  • example of my week on twitter

    doesn't seem much but it are no funny pics or games