penetration testing

Wireless Attacking EAP-TTLS with Kali 2 and ALFA AWUS051NH

Is your corporate wifi as secure as you think it is? A common configuration for WPA Enterprise wireless networks is to use a combination of PEAP (Protected EAP) and EAP-TTLS (Tunneled Transport Layer Security). Though this configuration solves several issues found in other configurations, it (sometimes) also has its own fatal flaw. If a client …

Wireless Attacking EAP-TTLS with Kali 2 and ALFA AWUS051NHRead More »

Introduction to Metasploit Video

The Metasploit Framework is a key resource for security assessors. Whether you’re goal is to become a commercial penetration tester, to demonstrate the risk of a vulnerability, or just need to identify certain weaknesses in your environment, Metasploit is your tool. Understanding how it works, and how to get started is the first step. The Metasploit project …

Introduction to Metasploit VideoRead More »

SamuraiWTF 3.0 and into the future!

We are really excited to announce that SamuraiWTF 3.0 is now available publicly.  (We did a previous release but found some issues and so that was pulled back.)  This release is available at http://sourceforge.net/projects/samurai/ immediately and we hope you enjoy it. In this release we have updated the base operating system to Ubuntu 14.04 (hence the …

SamuraiWTF 3.0 and into the future!Read More »

CORS Global Policy

I recently noticed an uptake on Cross-Origin Resource Sharing (CORS) findings showing up in automated scanning tools, which would not have been a significant concern except for the fact that the tools were rating this as a relatively “high” severity and very few people I asked about it seemed to have any idea what it …

CORS Global PolicyRead More »

Scroll to Top