Author Archive for: ‘muts’
PWB in the Caribbean, Part 1
Quite often, people tend to wonder what it’s like to experience an Offensive Security live training course. At our most recent live Pentesting with BackTrack course in St. Kitts, we had in attendance, Johnny Long of Hackers for Charity and he was good enough to keep a journal of his experiences during the course.
Read More →
Metasploit: A Penetration Testers Guide
Offensive Security is happy to announce the availability of Metasploit, The Penetration Tester’s Guide – A new book by by Dave Kennedy (ReL1K), Devon Kearns (dookie), Jim O’Gorman (_Elwood_), and Mati Aharoni (muts).
Read More →
Discover your inner Pirate
For the last two years Offensive Security has been taking the live training market by storm with its flagship course, Pentesting with BackTrack. We are very excited to announce that the next PWB live training will be held in an exotic location the Caribbean island …
Read More →
BackTrack 5 on a Motorola Xoom
In the past few days we have been toying with some Motorola hardware, and have managed to get a basic build of BackTrack 5 (+ toolchain) on a Motorola Xoom. The possibilities look exciting as we are slowly building several experimental arm packages. Our team …
Read More →
The Schmooze Strikes Back
The Social Engineering Defcon 19 CTF For the last 2 years now, Social-Engineer.Org’s mission has been to raise awareness for social engineering. Security technology has not been able to stop the advances of attackers leveraging social engineering techniques in order to gain unauthorized access to …
Read More →
Live Training Spring 2011
In our spring tradition of live training we are happy to announce our official April 2011 Pentesting With BackTrack course in Columbia, MD. As usual we are keeping our classes small so if you are interested sign up as soon as possible before we are …
Read More →
DerbyCon Security Conference 2011
We are happy to announce that Offensive Security will be sponsoring DerbyCon. DerbyCon is a new hacker conference located in Louisville Kentucky. Our goal is to bring back an old style, community driven hacker con chocked full of amazing talks, live events and all around …
Read More →
Internet Explorer CSS 0day on Windows 7
A recent video submission by Abysssec demonstrates the Internet Explorer CSS 0day currently rampaging – reliably working on Windows 7 and Vista. The exploit bypasses DEP and ASLR without the use of any 3rd party extensions. http://vimeo.com/18023495 There doesn’t seem to be a lot of …
Read More →
Godaddy Workspace XSS – Who’s your Daddy ?
An interesting submission in from the Exploit Database – a Godaddy workspace XSS vulnerability. Although we did not post it (live site), the vulnerability seems real, and definitely worth mentioning.
In essence, this vulnerability allows an attacker to send malicious JavaScript to a non suspecting victim – allowing stealing of cookies and other nasty stuff. Effectively, if you are using the Godaddy web interface, an attacker can acquire a your session information and log to the account with no credentials.All Godaddy workspace users, ph33r.
Read More →
Offsec Exploit Weekend
Aloha Offsec students! You’ve been slapped around by Bob, abused by Nicky and crushed by NNM. Just as you thought it was over, Offensive Security now comes up with a brand new type of pain. This one is for all your hardcore exploit developers out there, who want a real challenge – an Offsec “Exploit Weekend”.
Read More →