Offensive Security Blog

  • Offsec Playground Blog Post

    Professional Penetration Testing Labs

    For the past few months, we have been quietly beta testing and perfecting our new “Offensive Security Penetration Testing Labs”, or as we fondly call it, the “Offsec Playground”. Today, we are proud to unveil our hosted penetration testing labs – a safe virtual network environment designed to be attacked and penetrated as a means of learning and sharpening your penetration testing skills. The new design of the “Offsec Playground” includes multiple interconnected subnets with a wide array of modern operating systems, including Active Directory domains, Citrix systems, corporate Antivirus solutions as well as Intrusion Prevention Systems which attackers must learn to cope with.

    Read More →
  • Drive Droid Kali Nethunter

    Bypassing Windows and OSX Logins with NetHunter & Kon-boot

    The Kali Linux NetHunter platform has many hidden features which we still haven’t brought to light. One of them is the DriveDroid application and patch set, which have been implemented in NetHunter since v1.0.2. This tool allows us to have NetHunter emulate a bootable ISO or USB, using images of our choosing. That’s right, you can use NetHunter as a boot device which holds a library of bootable ISOs and images…And so we begin:

    Read More →
  • Raspberry Pi Tft Support V2

    Kali with Raspberry Pi TFT support

    Several weeks ago a request in the Kali forums prompted us to look at the integration of the Adafruit 2.8in TFT touch screen for Kali Linux. A few weeks and much less hair later, we are happy to announce the availability of this image in our Offensive Security custom Kali images section.

    Read More →
  • Disarming Emet 5 1

    Disarming and Bypassing EMET 5.1

    Last week Microsoft released EMET 5.1 to address some compatibility issues and strengthen mitigations to make them more resilient to attacks and bypasses. We, of course, were curious to see if our EMET 5.0 disarming technique has been addressed by the latest version of the toolkit.

    Read More →
  • Nethunter Update 1.0.2

    Kali Nexus NetHunter 1.0.2

    It’s been a week since our release of the Kali Linux NetHunter, and the feedback is amazing. A NetHunter community has sprung up from nowhere, and the forums and github pages are really active. We’re completely stoked about this community response, and are eager to see it grow. After an intense week of community testing and a slew of bugfixes (including shellshock), we thought it would be a good opportunity to release a NetHunter update. Please welcome NetHunter 1.0.2.

    Read More →
  • Disarming Emet 5 0

    Disarming EMET v5.0

    In our previous Disarming Emet 4.x blog post, we demonstrated how to disarm the ROP mitigations introduced in EMET 4.x by abusing a global variable in the .data section located at a static offset. A general overview of the EMET 5 technical preview has been recently published here.

    Read More →
  • Symantec Endpoint Pwned

    Symantec Endpoint Protection 0day

    In a recent engagement, we had the opportunity to audit a leading Antivirus Endpoint Protection solution, where we found a multitude of vulnerabilities. Some of these made it to CERT, while others have been scheduled for review during our upcoming AWE course at Black Hat 2014, Las Vegas. Ironically, the same software that was meant to protect the organization under review was the reason for its compromise.

    Read More →
  • Disarming Emet

    Disarming Enhanced Mitigation Experience Toolkit (EMET)

    With the emergence of recent Internet Explorer Vulnerabilities, we’ve been seeing a trend of EMET recommendations as a path to increasing application security. A layered defense is always helpful as it increases the obstacles in the path of an attacker. However, we were wondering how much does it really benefit? How much harder does an attacker have to work to bypass these additional protections? With that in mind, we started a deep dive into EMET.

    Read More →
  • Evil Kali Access Point Red A

    Kali Linux Evil Wireless Access Point

    A few days ago, we had the opportunity to deploy a rogue access point that would steal user credentials using a fake, captive web portal, and provide MITM’d Internet services via 3G. We needed reliability and scalability in our environment as there would potentially be a large amount of, erm….”participants” in this wireless network. We were pretty happy with the result and quickly realized that we had created a new “Kali Linux recipe”. Or in other words, we could create a custom, bootable wireless evil access point image, which could do all sorts of wondrous things.

    Read More →
  • Kali Under The Hood Blog Red

    Announcing the Kali Linux Dojo

    For the past 6 months, we’ve been busy silently developing an advanced Kali Linux course the likes of which has not yet been seen in the industry. This set of in-depth, practical workshops focuses on the Kali operating system itself, demonstrating some of its advanced features and use-cases by its developers. As with all “Offensive Security” training, this workshop is intensive, educational, and addictively engaging. If you’ve ever wished for fluent proficiency with Kali Linux, this workshop is for you.

    Read More →
Page 1 of 1512345»10...Last »