Over this past month, we have put a great deal of time into bringing our free online course, Metasploit Unleashed in line with BackTrack 5. The majority of these changes are cosmetic in nature but they should help to reduce confusion for newcomers to Metasploit and BackTrack while ensuring a consistent look throughout.Read More
This month, even with the rampant development and release of BackTrack 5, we still devoted some time to updating Metasploit Unleashed. The Metasploit team is making a great deal of progress switching over to post-exploitation modules so we focused entirely on them this month and added many to the Metasploit Module Reference section.Read More
This past month has seen more additions to our free Metasploit Unleashed training course, primarily in our on-going effort to build out the Metasploit Module Reference section. Also, with the Metasploit team moving away from meterpreter scripts in favor of post-exploitation modules, we have been updating the relevant sections of MSFU.Read More
For the last two years Offensive Security has been taking the live training market by storm with its flagship course, Pentesting with BackTrack. We are very excited to announce that the next PWB live training will be held in an exotic location the Caribbean island of St. Kitts and Nevis.
St. Kitts is a tiny island set in the middle of glass-like beautiful waters, perfect beaches and the pain and suffering that only PWB can bring.Read More
In the past few days we have been toying with some Motorola hardware, and have managed to get a basic build of BackTrack 5 (+ toolchain) on a Motorola Xoom. The possibilities look exciting as we are slowly building several experimental arm packages. Our team does not have much experience with the Android OS nor ARM hardware, but so far – so good. We will not promise an ARM release on May 10th, as this new “experiment”Read More
The Social Engineering Defcon 19 CTF For the last 2 years now, Social-Engineer.Org’s mission has been to raise awareness for social engineering.
Security technology has not been able to stop the advances of attackers leveraging social engineering techniques in order to gain unauthorized access to global organizations and fortune 500 companies.Read More
This past month has seen more additions to our free Metasploit Unleashed training course, primarily in our on-going effort to build out the Metasploit Module Reference section. At the same time, we are still continuing to work through the course content to ensure that it is still all functional.Read More
This past month has seen a number of additions to our free Metasploit Unleashed training course, primarily in our on-going effort to build out the Metasploit Module Reference section. In addition, we are still continuing to work through the course content to ensure that it is still all functional.Read More
This past month has seen a number of additions to our free Metasploit Unleashed training course, primarily in our on-going effort to build out the Metasploit Module Reference section. The Metasploit team has been developing at a rapid pace with new features and modules being frequently added. We are also continuing to go through the course content itself and verify the functionality of the provided material.Read More
We are happy to announce that Offensive Security will be sponsoring DerbyCon. DerbyCon is a new hacker conference located in Louisville Kentucky. Our goal is to bring back an old style, community driven hacker con chocked full of amazing talks, live events and all around fun.
The idea for DerbyCon was created by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). The goal came from a desire to see more of the old style talks and events of the cons of the past.Read More
A recent video submission by Abysssec demonstrates the Internet Explorer CSS 0day currently rampaging – reliably working on Windows 7 and Vista. The exploit bypasses DEP and ASLR without the use of any 3rd party extensions.
There doesn’t seem to be a lot of discussion going around this exploit, however this demo shows clear code execution on a fully patched Windows 7. Ph33r.Read More
It’s hard to believe that the social-engineer.org project began 14 months ago. This project started from a simple idea to build the world’s first framework for social engineers. In these 14 months, this project has grown into the leading resource for all real social engineering education. The CTF that we held at Defcon 18 proved beyond doubt that this resource was greatly required.
Today, we are excited to announce the availability of the first,Read More
This month we have again been steadily updating the Metasploit Module Reference section of Metasploit Unleashed and also added some great new content covering the setup and usage of databases with Metasploit under BackTrack4 R2. This month also saw the introduction of the excellent GUI front-end, Armitage.Read More
We are very happy to announce that our Penetration Testing with BackTrack online labs now include installations of Metasploit Pro. Deep within our lab network, students who Try Harder will encounter credentials for these installations that will allow them to enjoy the use of a tool that simplifies many of the tasks that they had to perform manually.Read More
An interesting submission in from the Exploit Database – a Godaddy workspace XSS vulnerability. Although we did not post it (live site), the vulnerability seems real, and definitely worth mentioning.