" After making public release of DAVOSET (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-June/008850.html), I've made next update of the software. At 23rd of October DAVOSET v.1.2.1 was released - DDoS attacks via other sites execution tool (http://websecurity.com.ua/davoset/). Video demonstration of DAVOSET: http://www.youtube.com/watch?v=RKi35-f346I Also yesterday I opened a repository for DAVOSET: https://github.com/MustLive/DAVOSET Download DAVOSET v.1.2.1: http://websecurity.com.ua/uploads/2014/DAVOSET_v.1.2.1.rar In new version there was added support of attacks via WordPress, based on XML support since v.1.1.2 (released at 31.07.2013). After vulnerability in XML-RPC PingBack API in WordPress was found last year, I added support for XML in DAVOSET (to use with XXE vulnerabilities, but it also can be used with this vulnerability). After that people many times asked me to add this support, but nobody wanted to do it by himself, so I added it. Also there were added new services into both lists of zombies and removed non-working services from lists of zombies. In total there are 175 zombie-services in the list. I added 3 and removed 18 zombie-services. I removed a lot of vulnerable sites from the lists, because admins became fixing holes at their web sites in summer - after significant increase of use of my tool.
which means that if your site or webservice is vulnerable it can now not only be hacked but also be abused to attack other sites with an DDOS and abusing about your traffic (if you don't have an unlimited account or just getting your blog or site of the web because it is being abused in such an attack)
If you would do it without the permission of the targeted firm than you could be prosecuted. This is only for use for professionals who want to test the security of their SSL installation.
"SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.
SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. For HTTP and HTTPS connections, SSLsplit removes response headers for HPKP in order to prevent public key pinning, for HSTS to allow the user to accept untrusted certificates, and Alternate Protocols to prevent switching to QUIC/SPDY."
WEAK WINDOWS CONFIGURATIONS
use this tool from OWASP, the international organisation that tries to clean up our addiction to bad code
you can't have access to the FBI or Microsoft tool set or information ?
you have an enormous network with people working a bit everywhere or with many different specialists working on different locations ?
you want to have a good impact analysis from very complex malware that does all kinds of things so people will have to research the effects on all kinds of security installations and servers ?
use this http://www.cuckoosandbox.org/
if you can install this on your computer without being detected you have a problem
because it will take over your webcam, microphone as all the rest of the machine
How does Wikidata work?
This wiki is the Wikidata repository. The repository is the central storage for the data that may be accessed by the client Wikis connected to the repository. By maintaining the data in the repository, content loaded dynamically from Wikidata does not need to be translated nor has to be kept up to date in each individual client Wiki. In addition, Wikidata has centralized all Wikipedia interlanguage links.
The Wikidata repository consists mainly of items, each outlined by a label, a description and likely one or more aliases. Sitelinks connect the articles of all client wikis while statements describe detailed characteristics of each Item. Each statement consists of a property and a value: You can link items of people to their place of birth, to their occupation or to its number of an authority control database, link a politician to his or her political party. You can give mountain peaks, places or buildings geographic coordinates, link an Item about a township to its next higher administrative unit, link a country to its highest representative, to its national anthem and so on. All this informations can be used in any language to display it in their own language even if all the information is taken from a different language. Even more, with accessing these values client wikis will always embed the most up-to-date data.
"Netflix has open sourced another member of its “Simian Army,” the monkey-monikered tools its engineers use to manage the enormous number of machines that drive its popular video streaming service. The latest is called Security Monkey, and it’s a tool for monitoring and analyzing the security of its systems.Like others in the family, the tool is designed to deal with machines used through Amazon’s cloud computing service. Netflix operates several dozen accounts on the Amazon cloud, and through each of these, it can spin up virtual servers to run the various parts of its video service. The company is constantly deploying new code, adding new services, deleting old ones, and modifying server configurations. Each of these tasks can create security vulnerabilities, and that’s where Security Monkey comes into play. The tool could potentially help any company that runs its operations atop Amazon and other cloud services—and such companies are only becoming more prevalent.http://www.wired.com/2014/07/security-monkey
as we have seen in the new announcements for the securitypatches from Microsoft for May there are
NO SECURITYPATCHES FOR XP (they say they meant it when they would leave several million pc's without securitypatches - maybe some-one should sue them for that)
there are several things you can do yourselfs offcourse
First and all ditch Internet Explorer and use Firefox (we don't like Chrome for several reasons and the Apple Safari is securitywise a total disaster)
With Firefox you activate the automatic updates and you can install a whole series of functions to block adware, scripts, protect your privacy and so on (everyone has its favourites)https://support.mozilla.org/en-US/products/firefox/privacy-and-security
and if you have a proxy on your network or a firewall on your pc than you don't let your Internet Explorer on XP on the internet ever again (in the free zonealarm.com firewall is that with the application control)
to keep your xp safer 5 rules
1. install always the latest versions of adobe, flash and all other software updates still available (use the free secunia.com tool for that)
2. do not let internet explorer or office 2003 on the internet, ever
3 install a firewall (zone alarm), a free antivirus (for example avg or avast) and spybot search and destroy security tool (safer-networking.org)
4. do not surf on pornsites, don't use IRC or P2P with your XP as you will be too vulnerable in those dangerous environments
5. do not click without thinking (keep for example your email online instead of downloading it) and be very careful with downloads (for example download in a folder on which you have set a password or zip the files afterwards with a password so they can start doing things on their own)
in any case if you think about what you would like for christmas, think about a new pc or laptop (fuck the tablets, they are as expensive as a good laptop and your tablet is so minimal that you will get bored after a while)
and it seems that anybody can listen in :)
so everybody is listening in and communicating
but one should also not forget that it is good to remember that if
one knows that the enemy is listening one can tell lies
just what you would need if you want to be sure that it is not lurking somewhere where you didn't expect it
download it from here ; http://www.crowdstrike.com/community-tools/index.html
It is always better to check and verify and to use different tools who don't always test the same way (even if they claim they test the same things based on the same standards and technologies)
and as I said I like tripwire, they have been there since so long (this is no publicity stunt)
tip : if your servers are on the same networksegment together this can be a good free alternative
problem of course is that it is webbased and that the information is on the web so if anybody gots hold of your password
go to http://www.tripwire.com/securescan/?thankyou
default settings do ? Why in fact do they have to leak your info as default shouldn't it be the inverse ?
go first on TOR
go here http://3tfqvth2lzeieiha.onion/
go than to
you have to go here https://tails.boum.org/
this is more information (on an image)
just be sure that you upgrade and patch it on a permament basis as this will be a prime target
get it here https://cybertab.boozallen.com/