We are happy to announce our first Public Hacking Tournament, labeled “How strong is Your Fu?“. The Hacking Tournament will last for two days, and may go on longer, depending on how long our machines survive. The reward ? The winner of the tournament will be able to choose ONE…
An interesting submission to EDB today from the guys at http://www.nullbyte.org.il – a PHP 6.0 0day buffer overflow.
Penetration Testing with BackTrack v3.0 now available and better than ever!
Penetration Testing with BackTrack updates
BackTrack 4 Downloads are still going strong with over 30,000 registered downloads up to now. We are currently working on updating our new course materials based on BackTrack 4. We expect the new version to be available soon. As always, alumni students will be able to upgrade their version of…
Taken from the new BackTrack Site : BackTrack 4 Final is out and along with this release come some exciting news, updates, and developments. BackTrack 4 has been a long and steady road, with the release of abeta last year, we decided to hold off on releasing BackTrack 4 Final…
We are very close to a final release of BT4. We are working vigorously in these final days… So far its looking AMAZING, and we are loving every little bit of it. For those who missed it, Metasploit got updated with a brand new shiny Adobe 0day.
Lots of new updates in the exploit-db arena. Barabas whipped up a quick browser search bar plugin. We got a massive CVE / OSVDB entry update from Steve Tornio which was added to our DB. Our “perfect” exploit template now has links to the exploit code, vulnerable app , CVE…
The Exploit Database is up and running…survived day 1 . On a last moment fluke, we registered the domain https://www.exploit-db.com/, which is now also up and running. We’ve improved the search functions on the site, and imported the “papers” and “shellcode” sections from Milw0rm. We’ve been getting our first submissions…
After a short and intense setup, we are ready to present the Offsec Exploit Archive. We’ve recreated the milw0rm database, updated it and are now accepting submissions. The purpose of the site is to provide researchers and security enthusiasts a repository of exploits, and when possible, the relevant affected software….
For the past couple of weeks we have been watching escalating DOS attacks against our web server, specifically against the Metasploit Unleashed Wiki. Today as we were watching our apache logs, we noticed unusual requests. A quick analysis showed that our web server was compromised through a vulnerability in the…
The Framework that we all know and love is about to take a massive leap into the future. The MSF crew as well as the MSF itself has been placed under Rapid 7’s corporate umbrella. The framework will continue to be free, running under the BSD license. We expect…
5M7X has completed his DECT write-up, and it rocks. As DECT phone manufacturers rarely give any indication about their phone encryption capabilities, the only reliable way to check the security of your phone is to test it yourself.
BIG FAT HAIRY NOTE: IT IS ILLEGAL TO RECORD PHONE CONVERSATIONS IN MANY COUNTRIES. For a list of state privacy laws in the US, click here and here. Thanks to 5m7x, dedected is soon to be added to the BackTrack repositories. In our internal tests, the standard AT&T cordless phone…
We have pushed a new kernel to the repository and updated several drivers. The upgrade process is a bit convoluted, but has been streamlined for the future. For now, run these commands from your backtrack box to update to the latest kernel and drivers: apt-get update apt-get install -d linux-image…
