Secure a MikroTik Router

The default configuration of a MikroTik router helps you to get it up and running very quickly. But you should do some additional steps to protect your device and your infrastructure before you connect the router to your network.

Weiter lesen ...


pySSLScan 0.5 released

All new features are based on the new features introduced in FlexTLS 0.3.

Changelog:

  • Add support to scan DTLS 1.0 and DTLS 1.2 enabled services
  • Add support to handle fragmentation
  • Add support to enumerate elliptic curves
  • Add support to enumerate point formats
  • Add improved error handling for commandline parameters
  • Add support to handle connection state
  • Add support for LDAP and RDP
  • Load term module if no report module given

pySSLScan 0.4 released

Changelog:

  • Use flextls module for scans
    • Most scans have been rewritten to be more flexible
    • Support additional ciphers
    • Minimize OpenSSL dependencies
  • New server.compression scan to explicitly scan for supported compression methods
  • Minimize number of requests during cipher scans
  • Improve detection of preferred ciphers
  • Don't perform a full handshake during cipher scans

Install Metasploit on Kali Linux

The Metasploit Framework is a tool for pentesters, security researchers and system administrators. This article explains how to install it on Kali Linux.

Weiter lesen ...


pySSLScan 0.2 released

We have released version 0.2 of our pySSLScan framework.

Changelog:

  • Improve API documentation and docstrings
  • Support for Python 2.x
  • Add logging support
  • Improve the command-line UI

For more information have a look at the pySSLScan project page.


Testmodule für Heartbleed Bug

Inzwischen stehen für Metasploit und nmap Module zur Verfügung, mit denen überprüft werden kann, ob ein Dienst von dem Heartbleed Bug betroffen ist.

Weiter lesen ...


OpenSSL Heartbleed Bug

Durch einen Fehler in der OpenSSL Bibliothek lassen sich unbemerkt Teile des Arbeitsspeichers auslesen. Betroffen sind in erster Linie die Versionen 1.0.1a bis 1.0.1f.

Weiter lesen ...


Install Metasploit from git on Arch Linux

The Metasploit Framework is a tool for pentesters. This article explains how to install the framework from git on Arch Linux.

Weiter lesen ...


SSLScan 1.10.2 released

We have released version 1.10.2 of our SSLScan tool. It includes one bug fix.

  • Scan incomplete with server requiring client certificate

For more information have a look at the SSLScan project page.


Arch: Install latest SSLScan version on Arch

If you would like to use the latest version of SSLScan in Arch. You can build a package by using the AUR.

First of all install the base-devel package using pacman.

$ sudo pacman -S base-devel

Create a new directory to build the package.

$ cd ~
$ mkdir build
$ cd build

Download the …

Weiter lesen ...