The Offensive Security Blog

Stay up-to-date with the latest news and updates by subscribing to our RSS feed!

Blog Posts and Recent News from Offensive Security

Try Harder – stay up-to-date with the latest Offensive Security News and Kali updates by subscribing to our RSS feed!

Offensive Security penetration testing articles about our online training courses, Kali Linux development, exploit research and security services.

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Unlike all other major revisions of Cydia, getting everything up and running is a breeze now.

Read More
r1-release-offsec-blog

BlackHat, BackTrack and EDB Updates

The Offsec crew is back from BlackHat and Defcon, alive and well. The PWB and AWE trainings were a blast and the crowd was awesome. The BackTrack R1 BlackHat edition release went well, with over 5500 DVDs distributed. We thank everyone who came to our booth – it was nice to put a face to some of those names…

Read More
BT-R1-Blog-offsec

BackTrack 4 R1 BlackHat Edition

The time is again upon us for the years biggest security conference event – Black Hat Vegas, USA. The folks at Black Hat have prepared a stellar week of great trainings and cutting edge briefings.

Read More

OSX ROP Exploit Article, EDB updates

OSX ROPA great start for our EDB DEV group. Last week we dug into some published HP vulnerabilities, and came out with 3 exploits which were published this week. Our highlight this week is an awesome writeup about a OSX ROP Exploit case study by didn0t. Check it out!

Read More
How to Update to BackTrack 2.6.34

How to Update to BackTrack 2.6.34

Several people have been asking for instructions on updating hard drive installs of BackTrack – here’s a quick set of commands to upgrade your BackTrack machine – and prepare the kernel sources – for example VMWare tools or VirtualBox tools kernel module compilations.

Read More
How to Update to BackTrack 2.6.34

BackTrack ISO Kernel 2.6.34 Upgrade

Last night we moved a new kernel package (2.6.34) out of the testing repositories, and into the official ones. This kernel update marks a huge improvement in hardware support and desktop responsiveness. In addition to the kernel, we have added several external wireless drivers – madwifi-ng (ath_pci), broadcom-sta (wl, no injection), r8187 drivers and rt73 k2wrlz drivers.

Read More
offsec-bt-exdb-explode

BackTrack 5 and Exploit-DB Updates

Exciting times here at Offensive Security. Two of our most major projects are off to new and amazing directions – BackTrack and the Exploit Database. The BackTrack development team is now officially funded by Offensive Security, bringing a new era of a high quality penetration testing distribution. In addition, the EDB has started a new R&D initiative which will result in some interesting blog posts.

Read More
hsiyf2-challenge-day

How to Hack your Way to BlackHat Vegas

This past weekend Offensive Security ran its second cyber hacking challenge, “How Strong is Your Fu – Hacking for Charity“. We first separated the contestants into groups of 10 and each had 48 hours to hack into our 5 evil machines that were conjured up by the VM gremlins of the Offensive Security Team.

Read More
BackTrack 4 Soon!

Penetration Testing Tools

We are coming close to a public release of BackTrack R1 – the world’s leading penetration testing distribution. We wanted to provide an opportunity for our users to make last suggestions for tools which are currently NOT present , but should be included. Please use the following form to submit your suggestions to our development team.

Read More
Evocam Remote Buffer Overflow on OSX

Evocam Remote Buffer Overflow on OSX

This guide comes from my own journey from finding a buffer overflow in an OS X application to producing a working exploit. I have reasonably good exploit development skills having completed the Penetration Testing with BackTrack and Cracking the Perimeter training courses, and working on several buffer overflow exploits. The majority of my exploit development skills are based around Windows vulnerabilities and using the OllyDBG debugger.

Read More
se-contest-offsec-size

How Strong Is Your Schmooze ?

Are you looking for a real Social Engineering CTF challenge? Join Social-Engineer.Org and Offensive Security in the Official Social Engineering CTF hosted at Defcon 18.

Read More
hsiyf2-offsec

Hacking Challenge #2 – HSIYF for Charity

Offsec has teamed up with the crew at Hackers For Charity and the world’s premier Hacker Con – BlackHat, to provide another amazing cyber hacking challenge.

Read More
BackTrack 4 Soon!

BackTrack 4 R1 Dev Public Release

As promised, we are releasing a BackTrack 4 R1 information security and penetration testing development build to the public for hardware testing.

Read More
BackTrack R1 Development

BackTrack 4 Release 1 (R1 Dev)

The release of BackTrack 4 unleashed a whirlwind of over 1 million downloads. Information Security specialists and Penetration Testers from all over the world showing their support and love for the product that has become the #1 Penetration Testing Distribution.

Read More

Malicious Google Gadgets in Action

Malicious Google WidgetA new report by emgent shows malicious Google Gadgets in action. The vulnerability lies in the ability of a malicious user to add their own Gadgets on a separate domain space, without Google’s authorization. The attack variant shown in the movie can be altered to steal cookies, run arbitrary JavaScript on victim machines, and could be further weaponised to great Malicious Google Gadget worms.
When researching this topic, we found references to similar vulnerabilities which date back to 2007, reported by Tom Stracener and Robert Hansen.

Read More