hostmap 0.2.1 released

Posted on December 26, 2009 in Tools • Tagged with discovery, dns enumeration, dns name, virtual host • 1 min read

I am glad to release hostmap version 0.2.1.
In this version there are a lot of bug fixes and some new features.

Introduction

hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby and licensed under GNU General Public License version 3 (GPLv3). It’s goal is to enumerate all hostnames and configured virtual hosts on an IP address. The primary users of hostmap are professionals performing vulnerability assessments and penetration tests.

Changes

Some of the new features include:

  • Fixed handling of Errno::ECONNRESET in SSL certificate plugin.
  • Upgraded net-dns to latest version from …

Continue reading

hostmap 0.2 released

Posted on December 17, 2009 in Tools • Tagged with hostmap, virtual host • 1 min read

I am glad to release hostmap version 0.2.

Introduction

hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby and licensed under GNU General Public License version 3 (GPLv3). It’s goal is to enumerate all hostnames and configured virtual hosts on an IP address. The primary users of hostmap are professionals performing vulnerability assessments and penetration tests.

Changes

Some of the new features include:

  • Fully refactored and rewritten in Ruby.
  • User requested interrupt (CTRL+C) now is handled.
  • Added Rakefile to automatize task. For example readme and API documentation rebuilding.
  • Changed info gathering plugin …

Continue reading

Website defacement detection techniques

Posted on October 14, 2009 in Research • Tagged with defacement, detection, website monitoring • 4 min read

Table of Contents

1. Website defacement
2. Anomaly detection systems
2.1 Checksum comparison
2.2 Diff comparison
2.3 DOM tree analysis
2.4 Complex algorithms
3. Signature detection
4. Thresholds and worst cases

1. Website defacement

A website defacement is the unauthorized substitution of a web page or a part of it by a system cracker. A defacement is generally meant as a kind of electronic graffiti, although recently it has become a means to spread messages by politically motivated cyber protesters or hacktivists.
This is a very common form of attack that seriously damages the trust and …

Continue reading

PHP Filesystem Attack Vectors @ Ush.it

Posted on July 28, 2009 in Research • Tagged with attack vector, filesystem, PHP • 7 min read

The Ush.it team published the second part of “PHP Filesystem Attack Vectors” paper. The original paper is available here and you can download it here.

PHP filesystem attack vectors - Take Two

 Name              PHP filesystem attack vectors - Take Two
 Systems Affected  PHP and PHP+Suhosin
 Vendor            http://www.php.net/
 Advisory          http://www_ush_it/team/ush/hack-phpfs/phpfs_mad_2.txt
 Authors           Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
                   Antonio "s4tan" Parata (s4tan AT ush DOT it)
                   Francesco "ascii" Ongaro (ascii AT ush DOT it)
                   Alessandro "jekil" Tanasi (alessandro AT tanasi DOT it)
 Date              20090725

I)    Introduction
II)   PHP arbitrary Local File …

Continue reading

Follow Secdocs on Twitter

Posted on July 03, 2009 in Blog • Tagged with secdocs, twitter • 1 min read

You can follow SecDocs updates on Twitter now! With few lines of ruby code and twitter4r gem now each new document added to SecDocs is posted as twitter status update.
If you prefer twitter to RSS feed subscribe to @secdocs updates.

Continue reading