SAMURAIWTF TOOLKIT – EXPLOITING SOFTWARE 07/12

Malware, a cyber threat increasingly difficult to contain
By Pierluigi Paganini

When we speak about malware we introduce one of the worst cyber threat that daily evolve with the capacity to hit every sector without distinction.

Burp Suite Automating Attacks
By Ric Messier

Burp Suite provides a powerful set of tools that not only perform automated scanning that can provide the tester with an overview of how the Web application handles security challenges, but also provide the ability to perform powerful, targeted attacks.

Memory Levels Gate Mitigation
By Amr Thabet

The author created two Modes (normal and high modes) to stop any way to bypass the mitigation and solutions for any incompatibility problem you could face.

Anti-Rootkits in the Era of Cyber Wars
By Igor Korkin

Some of the major issues that have been covered in the media included Stuxnet, Duqu, and
Flame. By learning of these tools and their capabilities, it is important to think about what could be
next. This article is intended to provide a concept of information security system design, particularly for stealth detection.

Web Filtering with Websense. To be or not to be filtered: that is the dilemma
By Abdy Martinez

Network performance is just one of the reasons that we should consider to implement Web Filtering with Websense in our organizations. In this article, you will learn what is Web filtering, how it works, Websense solution, and basic considerations when you are choosing your Web filtering solution.

Password Construction and Management
By Gaurav Kumar

Although alternative technologies for authentication, such as biometrics, smartcards, and one-time passwords, are available for all popular operating systems, most organizations still rely on traditional passwords and will continue to do so for many years.

Diving Through SamuraiWTF Toolkit
By Manjul Verma

The Samurai Web Testing Framework is a live Ubuntu Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open
source and free tools that focuses on assessing and exploiting web applications.

Penetration Testing LAB Setup Guide
By Jeremiah Brott

After setting up this LAB environment, you will have the ability to exploit issues from the following categories: mis-configured Services and Applications, Backdoors planted into software, unintentional Backdoors, Weak Passwords, Web Applications, plus much more, how much can you find?

Picking Up Mushrooms in the Rain Forest – Social Engineering Information Gathering
By Vlad Styran

Social engineering infiltrates a substantial part of computer security operations. To name few, Security Awareness, despite its arguable efficiency, is the set of information security controls directed to decrease the probability and potential impact of security incidents caused by inherited vulnerabilities of human nature.