Hackfest.ca 2009
Well, yesterday I attended my first infosec convention/conference in Quebec City: Hackfest. I must say it was great! Since I have nothing to compare it to (as far as information security related...
View ArticleNew home soon…
My blog will have a new permanent home soon. A friend and I have setup a small website, and I’ll be moving this blog there. Going to be fun, I’ll be able to post screen-shots and better serve the...
View ArticleHackUS 2010 CTF Event
HackUS First Edition, is a capture the flag event being held in Sherbrooke Quebec in April of 2010. The event will last a full 48 hours which is guaranteed to keep you from actually doing any...
View ArticleThe Sulley Framework -Basic-
Ref.: Gray Hat Python The framework is coded entirely from Python and is open source. Developed by Pedram Amini and Aaron Portmoy from Tipping Point, Sulley is a fuzzer packed with interesting...
View ArticleWindows wide open ?
With recent attacks on Google/Adobe and Yahoo (just to name a few) thanks to the Aurora exploit. Internet Explorer is something to be avoided at the moment. Unless you’re running version 5.01, I would...
View ArticleJava Signed Applets
Been pretty busy these past few weeks, and finding the time to post stuff up is getting difficult. But I do bring something fun to watch. If you administer users, you should have a look at this...
View ArticleThe Sulley Framework -Basic part 2-
In my previous entry on the Sulley Framework, we took a look at a simple request and session file to fuzz a FTP server. This time we’ll look at what we need to have and do to fuzz a TFTP server. The...
View ArticleAutomated tool Dependency
I while ago, when I was doing the OSCP course. I learned about shellcodes and exploits. During this time, usage of Metasploit’s online shellcode generator was really useful. When it came down to exam...
View ArticleSulley Framework Resquet Files
The Sulley Framework is a great fuzzing tool. One of the best out there in my opinion. Unfortunately, as far as I can tell anyway, development has stopped. Meaning nothing new to the framework… For...
View ArticleAirdrop-ng.. what I’ve learned
It’s been sometime since I’ve posted something, and I apologize. Changed jobs, then the training and getting used to the new people and work environment (which is still on going) has prevented me from...
View ArticleHackus.org CTF soon upon us
Well, it’s almost time for Sherbrooke University’s CTF. You can get all the information at the HackUS.org site.Everyone from Kioptrix.com will be participating…yes all 2 of us. This 3 day event will be...
View ArticleNews and updates…
Well it’s been in the making for a while. Due to certain events and health issues we’ve had trouble being consistent. Good for us, we’ve been able to work on our pet project. A all French language...
View ArticleEttercap command line basics
Odds are this topic has been blogged to death already, but sometimes I need to write things down so not to forget them. Also, there are times when the command line is the only option. Then again, in my...
View ArticleHackUS 1st Edition… Complete Success!
This past weekend’s CTF event hosted at the Sherbrooke University, and organized by the crew of HackUS.org was a complete success in my opinion. From the warm (and unexpected) welcome, right down to...
View ArticleHSIYF For Charity
Offensive Security’s How String Is Your Fu hacking event is now open for registration. A 48 hour hacking event with all proceeds going for Hacker For Charity. It’s for a good cause, and if you are not...
View ArticleNews from SANS
TOP OF THE NEWS –Microsoft Says Millions of ASP.net-Based Web Sites Vulnerable To Major Attack (September 20, 201, 2010) Microsoft confirmed that a vulnerability disclosed at a Buenos Aires hacker...
View ArticleOwned and Exposed at it again
Well, for the past few hours the news has been spreading like wild fire. EDB, Inj3ct0r and a few others have been had by the skilled ninjas from “owned and exposed” team. Being a member of exploit-db...
View ArticleSome hacked sites and StuxNet rootkit reversed…
Well a group called “TeaMp0isoN” has release a e-zine with some interesting information on a few sites they’ve recently hacked. You can have a read – here – Interesting read **UPDATE** Well after a few...
View ArticleGeneric Letter one can use…
Been awhile, unfortunately life throws a few curve balls once in a while. So this post isn’t “security related” but still can be useful for some. In any letter campaign, a few keys to success are to...
View ArticleMetasploit Penetration Tester’s Guide
A few weeks ago, I ordered the MSF pentest guide mostly authored by the Offsec crew (www.offsec.com). Hailed as the best MSF guide, and highly praised by the project’s founder H.D Moore this guide...
View Article
