HackingTheUniverse

You are browsing the archives of penetration testing.

All About Plugbot – [theplugbot.com] PlugBot is a hardware bot. It’s a covert penetration testing device designed for use during physical penetration tests. PlugBot is a tiny computer that looks like a power adapter; this small size allows it to go physically undetected all the while powerful enough to scan, collect and deliver test results [...]

Robin Sage is not a real person. Fictitious femme fatale fooled cybersecurity – [washingtontimes.com] Call her the Mata Hari of cyberspace. Robin Sage, according to her profiles on Facebook and other social-networking websites, was an attractive, flirtatious 25-year-old woman working as a “cyber threat analyst” at the U.S. Navy’s Network Warfare Command. Within less than [...]

Metasploit recently released version 3.4.0 of the Framework with many improvements and new exploits and a new commercial product, Metasploit Express. Today, they followed that up with a VM image that can be used as an exploitable practice target. Introducing Metasploitable – [metasploit.com] Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. [...]

SEE ALSO: CCDC Nationals 2010 (part1) CCDC Nationals 2010 (part2) CCDC Nationals 2010 (part3) Here are some tips and thoughts on preparing a blue team defense in the CCDC: PREPARATION Know yourself – Know what your skills and limitations are, know who is good at what, know who wants to do what, know what your [...]

SEE ALSO: CCDC Nationals 2010 (part1) CCDC Nationals 2010 (part2) Sunday morning found Team 7 hard at word trying to finish up the competition: Finally, they polished off the last few injects: After breaking down the network equipment, all the teams headed to the awards ceremony, where Dave Cowen, captain of the Red Team, delivered [...]

SEE ALSO: CCDC Nationals 2010 (part 1) [see this post for the introduction to CCDC Nationals 2010] On Saturday morning, all the teams gathered again to hear an update briefing from Dwayne: The scoring engine was hard at work keeping track of everything: And the Alamo Cup was waiting for a new winner to be [...]

The Collegiate Cyber Defense Competition (CCDC) is a national competition for college students designed to promote learning about cyber defense. Each year regional competitions across the nation act as preliminary rounds and then send the regional winners to a national competition in San Antonio. Each college team is required to defend an identical network from [...]

The Metasploit Framework is a framework that enables penetration testing by combining modular packages of exploit code, payloads and tools such as Meterpreter that allow the tester to maintain access, collect information on the target system and execute pivot attacks against other systems. This script helps the tester by maintaining backdoor access. Meterpreter Persistence – [...]

Penetration testing efforts don’t always get launched from a room full of computers with a crew busily working on them. Like wireless wardriving, it can go mobile. Here are two devices that can help put your pen-testers in motion and right in the thick of the action, even inside the physical perimeter. One scenario that [...]

The Mid-Atlantic CCDC (Collegiate Cyber Defense Competition) for 2009 is over and the University of Pittsburgh team is the winner and will represent the Mid-Atlantic region in the national finals in San Antonio, TX in April. Systems for the college teams (blue teams) were upated this year to include more robust active directory services and [...]