carnal0wnage and Attack Research join forces!

I'm happy to announce that carnal0wnage and Attack Research have joined blog forces!

the new home for the blog will be:

http://carnal0wnage.attackresearch.com/

please point your RSS readers to the new location and enjoy

With the new blog is the ability for a few more people to post. If you want to contribute please email c0arblog@attackresearch.com

-CG

Sunday, May 25, 2008

2 More Webcasts by Ed Skoudis

Here are two more webcasts to take a look at. I know you have to be registered to see the SANS one.

New Computer Attack Tools and Techniques at SANS

Penetration Testing Ninjitsu Part II: Crouching Netcat, Hidden Vulnerabilities with Ed Skoudis at CORE Security

The SANS one was good. here is the outline:

• Improved Scanning with NSE
• Cain – The Attacker’s Dream Tool
• Pass the Hash Attacks
• New Research Areas & Conclusions

Pretty good stuff. I hope that nmap can become the "single vulnerability" checker that nessus used to be, that would be handy.

You can also get some more info on Pass the Hash stuff on my blog and similarly the token impersonation techniques. Both things you should probably be incorporating into your pentest methodology.

I havent watched the Penest Ninjitsu Part II one yet.

Digg this

Posted by CG at 9:39 AM

Labels: , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)