Several people have been asking for instructions on updating hard drive installs of BackTrack – here’s a quick set of commands to upgrade your BackTrack machine – and prepare the kernel sources – for example VMWare tools or VirtualBox tools kernel module compilations.Read More
Last night we moved a new kernel package (2.6.34) out of the testing repositories, and into the official ones. This kernel update marks a huge improvement in hardware support and desktop responsiveness. In addition to the kernel, we have added several external wireless drivers – madwifi-ng (ath_pci), broadcom-sta (wl, no injection), r8187 drivers and rt73 k2wrlz drivers.Read More
Exciting times here at Offensive Security. Two of our most major projects are off to new and amazing directions – BackTrack and the Exploit Database. The BackTrack development team is now officially funded by Offensive Security, bringing a new era of a high quality penetration testing distribution. In addition, the EDB has started a new R&D initiative which will result in some interesting blog posts.Read More
This past weekend Offensive Security ran its second cyber hacking challenge, “How Strong is Your Fu – Hacking for Charity“. We first separated the contestants into groups of 10 and each had 48 hours to hack into our 5 evil machines that were conjured up by the VM gremlins of the Offensive Security Team.Read More
We are coming close to a public release of BackTrack R1 – the world’s leading penetration testing distribution. We wanted to provide an opportunity for our users to make last suggestions for tools which are currently NOT present , but should be included. Please use the following form to submit your suggestions to our development team.Read More
This guide comes from my own journey from finding a buffer overflow in an OS X application to producing a working exploit. I have reasonably good exploit development skills having completed the Penetration Testing with BackTrack and Cracking the Perimeter training courses, and working on several buffer overflow exploits. The majority of my exploit development skills are based around Windows vulnerabilities and using the OllyDBG debugger.Read More
Are you looking for a real Social Engineering CTF challenge? Join Social-Engineer.Org and Offensive Security in the Official Social Engineering CTF hosted at Defcon 18.Read More
Offsec has teamed up with the crew at Hackers For Charity and the world’s premier Hacker Con – BlackHat, to provide another amazing cyber hacking challenge.Read More
As promised, we are releasing a BackTrack 4 R1 information security and penetration testing development build to the public for hardware testing.Read More
The release of BackTrack 4 unleashed a whirlwind of over 1 million downloads. Information Security specialists and Penetration Testers from all over the world showing their support and love for the product that has become the #1 Penetration Testing Distribution.Read More
When researching this topic, we found references to similar vulnerabilities which date back to 2007, reported by Tom Stracener and Robert Hansen.
We are happy to announce our first Public Hacking Tournament, labeled “How strong is Your Fu?“. The Hacking Tournament will last for two days, and may go on longer, depending on how long our machines survive. The reward ? The winner of the tournament will be able to choose ONE of our Online courses, free of charge. This could be either PWB, WiFu or CTP (30 day labs where relevant).
Registration for the contest,
In the past couple of years, the economy has struck hard on organizations seeking to educate their employees. Training budgets have been cut down, and choosing the right course that will give you real Return on Investment is not an easy job. This is especially true in the offensive Information Security Training arena, where standards and qualifications are weakly defined. So how can you make sure you’re getting your money’s worth ?
Welcome to our “10 questions you should be asking your Information Security Training Provider“.Read More
For all those who registered to AWE in BlackHat Vegas 2010 – we have special surprise for you… We’ve updated our “Bypassing NX” module with the buzzing ROP exploitation method.Read More
An interesting submission to EDB today from the guys at http://www.nullbyte.org.il – a PHP 6.0 0day buffer overflow.Read More