Adobe Shockwave player rcsL chunk memory corruption 0day

It’s not often we wake up and find a massive 0day submitted to the Exploit Database – but today was different. Abysssec security released an Adobe Shockwave player 0day. We verified the exploit as part as our verification process in the Exploit database and made a short movie to demonstrate the the vulnerability.

Read More

Metasploit Unleashed, Again!

As promised, our free Metasploit Unleashed Training course is now being regularly maintained and has seen many new additions in the past month. As new features are being added to the Metasploit Framework, we are attempting to add them to the Wiki in order to keep our content fresh and up-to-date to ensure we are providing a valuable resource to our readers. One of the more significant and ambitious changes is the addition of a Module Reference section where we will be adding coverage for as many modules as we can, allowing readers to get a better idea of what results they can expect from a given module.

Read More

Penetration Testing with BackTrack – Live Training

Penetration Testing with BackTrack – There has been a lot of focus on high quality training for security professionals lately in the news. Even the US Government has issued statements about the need for security training to be different in the market today. Much of their research has led them to say that a real-world, hands-on approach to training is more effective than the typical multiple choice training that is out there.

Read More

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Unlike all other major revisions of Cydia, getting everything up and running is a breeze now.

Read More

BlackHat, BackTrack and EDB Updates

The Offsec crew is back from BlackHat and Defcon, alive and well. The PWB and AWE trainings were a blast and the crowd was awesome. The BackTrack R1 BlackHat edition release went well, with over 5500 DVDs distributed. We thank everyone who came to our booth – it was nice to put a face to some of those names…

Read More

BackTrack 4 R1 BlackHat Edition

The time is again upon us for the years biggest security conference event – Black Hat Vegas, USA. The folks at Black Hat have prepared a stellar week of great trainings and cutting edge briefings.

Read More

How to Update to BackTrack 2.6.34

Several people have been asking for instructions on updating hard drive installs of BackTrack – here’s a quick set of commands to upgrade your BackTrack machine – and prepare the kernel sources – for example VMWare tools or VirtualBox tools kernel module compilations.

Read More

BackTrack ISO Kernel 2.6.34 Upgrade

Last night we moved a new kernel package (2.6.34) out of the testing repositories, and into the official ones. This kernel update marks a huge improvement in hardware support and desktop responsiveness. In addition to the kernel, we have added several external wireless drivers – madwifi-ng (ath_pci), broadcom-sta (wl, no injection), r8187 drivers and rt73 k2wrlz drivers.

Read More

BackTrack 5 and Exploit-DB Updates

Exciting times here at Offensive Security. Two of our most major projects are off to new and amazing directions – BackTrack and the Exploit Database. The BackTrack development team is now officially funded by Offensive Security, bringing a new era of a high quality penetration testing distribution. In addition, the EDB has started a new R&D initiative which will result in some interesting blog posts.

Read More

How to Hack your Way to BlackHat Vegas

This past weekend Offensive Security ran its second cyber hacking challenge, “How Strong is Your Fu – Hacking for Charity“. We first separated the contestants into groups of 10 and each had 48 hours to hack into our 5 evil machines that were conjured up by the VM gremlins of the Offensive Security Team.

Read More

Penetration Testing Tools

We are coming close to a public release of BackTrack R1 – the world’s leading penetration testing distribution. We wanted to provide an opportunity for our users to make last suggestions for tools which are currently NOT present , but should be included. Please use the following form to submit your suggestions to our development team.

Read More