OpenID Server for YubiKey

Installation of an OpenID Server for the YubiKey authentication



SQL Prevention Cheat Sheet

OWASP released an “SQL Prevention Cheat Sheet”:


Baktrack 4 Beta

General notes:

  • Download:
  • Blog:
  • Some fixes:

Notes on the VMware version:

  • install updates version of VMware tools (compile quite fine)
  • change screen resolution: krandrtray
  • start networking: /etc/init.d/networking start
  • Nessus package: Ubuntu 8.10 works fine
  • fix Nessus dependencies: apt-get -f install

Open issues:


Google Safebrowsing Check

For checking an IP address for Google suspicious checking use the following URL: <IP-Address>


Video: The 15-Minute Network Pen Test

Here’s a nice 2x 15 minutes video tutorial for the basics of pentesting:

Part 1:

Part 2:


Video Tutorial: Pass-The-Hash Toolkit

Here’s a video tutorial on using the Pass-The-Hash toolkit on Windows:


Microsoft Office Isolated Conversion Environment

Here is a description of the “Microsoft Office Isolated Conversion Environment” provided by Microsoft to create a safer environment working with MS Office files:


Hacking Test Sites

Here is a nice list of websites which contain tests and content for improving hacking and pentesting skills:


PHP and Uploads

SANS pointed out an interesting configuration issue concerning Apache and PHP which is especially important when dealing with user uploads:


Parted Magic 4.0

A new version of “Parted Magic” is available for download:

Here you can find information on how to create media: