OpenID Server for YubiKey

Installation of an OpenID Server for the YubiKey authentication

http://code.google.com/p/yubico-openid-server/wiki/ReadMeYubico

 

[...]

SQL Prevention Cheat Sheet

OWASP released an “SQL Prevention Cheat Sheet”: http://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

[...]

Baktrack 4 Beta

General notes:

  • Download:http://www.remote-exploit.org/backtrack_download.html
  • Blog: http://backtrack4.blogspot.com
  • Some fixes: http://www.itsolutionskb.com/2009/04/backtrack-4-beta-quick-fixes/

Notes on the VMware version:

  • install updates version of VMware tools (compile quite fine)
  • change screen resolution: krandrtray
  • start networking: /etc/init.d/networking start
  • Nessus package: Ubuntu 8.10 works fine
  • fix Nessus dependencies: apt-get -f install

Open issues:

[...]

Google Safebrowsing Check

For checking an IP address for Google suspicious checking use the following URL:

http://google.com/safebrowsing/diagnostic?site= <IP-Address>

[...]

Video: The 15-Minute Network Pen Test

Here’s a nice 2x 15 minutes video tutorial for the basics of pentesting:

Part 1: http://www.ethicalhacker.net/content/view/227/24/

Part 2: http://www.ethicalhacker.net/content/view/238/24/

[...]

Video Tutorial: Pass-The-Hash Toolkit

Here’s a video tutorial on using the Pass-The-Hash toolkit on Windows:

http://www.ethicalhacker.net/content/view/249/24/

[...]

Microsoft Office Isolated Conversion Environment

Here is a description of the “Microsoft Office Isolated Conversion Environment” provided by Microsoft to create a safer environment working with MS Office files:

http://support.microsoft.com/kb/935865

[...]

Hacking Test Sites

Here is a nice list of websites which contain tests and content for improving hacking and pentesting skills:

http://ha.ckers.org/blog/20090406/hacking-without-all-the-jailtime/

[...]

PHP and Uploads

SANS pointed out an interesting configuration issue concerning Apache and PHP which is especially important when dealing with user uploads:

http://isc.sans.org/diary.html?storyid=6139

[...]

Parted Magic 4.0

A new version of “Parted Magic” is available for download:

http://partedmagic.com/download.html

Here you can find information on how to create media:

http://partedmagic.com/documentation/116-creating-the-media.html

[...]