Blog
News and updates from OffSec
May 11, 2015
NetHunter 1.2 – Lollipop & Nexus 6/9
Kali NetHunter 1.2 Released! Kali NetHunter 1.2 is fresh out, with a whole bunch of improvements, bug fixes….and yes, Android Lollipop support. This means that NetHunter now supports the Nexus6 and Nexus 9 devices too! This is awesome news to all those who have bought these new Nexus devices and have yearned to install the
Categories
Kali Linux
Kali Linux on a Raspberry Pi (A/B+/2) with Disk Encryption
With the advent of smaller, faster ARM hardware such as the new Raspberry Pi 2 (which now has a Kali image built for it), we’ve been seeing more and more use of these small devices as “throw-away hackboxes“. While this might be a new and novel technology, there’s one major drawback to this concept – and that is the confidentiality of the data stored on the device itself. Most of the setups we’ve seen do little to protect the sensitive information saved on the SD cards of these little computers.
Mar 9, 2015
7 min read
Insights
OffSec InfoSec Certifications in the Job Market
A couple of weeks ago we published our comic Try Harder song, praising the OSCP certification and our students in general. It was really well received by our alumni, who related closely to the theme of “Try Harder“. However, there is a more serious undertone to this than meets the eye. Information Security Certifications Mean Little
Feb 2, 2015
3 min read
Kali Linux
Kali USB – Multiple Persistent Stores
One of the markings of the 1.0.7 Kali release was the introduction of Kali Live USB LUKS encrypted persistent storage, on which we further elaborated in one of our previous blog posts. However, we’re not done yet with USB persistent storage as more features in Kali remain to be explored.
Jan 27, 2015
4 min read
OffSec News
Offensive Security Say – Try Harder!
Offsec students go through hell. They endure levels of stress and frustration beyond what is considered normal, and we at Offsec appreciate this. So much in fact, that we’ve dedicated the following song to anyone who’s taken an Offsec course, and tried harder!
Jan 19, 2015
3 min read
Kali NetHunter
NetHunter 1.1 Released
With the opening shots of 2015 fired, we are happy to make some announcements in the NetHunter arena! One of the things that excite us the most about Kali Linux is how our Kali projects always end up being greater than the sum of their parts. This is most evident in our Kali NetHunter Project – the first open source Android based penetration testing platform for Nexus and OnePlus devices. Wait, OnePlus phones? Yes! Our new NetHunter v1.1 release brings with it some great news – and so we begin.
Jan 5, 2015
4 min read
OffSec News
Happy Holidays from Offsec
We at Offensive Security would like to thank all of our students, customers, and friends for a wonderful 2014. Its been a busy but productive year, with major upgrades to Kali Linux, the release of Kali NetHunter, the public launch of the hosted virtual labs, the first ever Kali Linux Dojo, upgrades to our student labs, lots of interesting R&D, a bunch of 0-days and a number of other accomplishments. We enjoyed the journey with all of you and here is to a fun and productive 2015! We wanted to thank you with this video we produced for all y’all.
Dec 22, 2014
1 min read
Enterprise Security
Professional Penetration Testing Labs
For the past few months, we have been quietly beta testing and perfecting our new Enterprise Penetration Testing Labs, or as we fondly call it, the “Offensive Security Proving Grounds (PG)”. Today, we are proud to unveil our hosted penetration testing labs – a safe virtual network environment designed to be attacked and penetrated as a means of learning and sharpening your penetration testing skills. The new design of the Proving Grounds include multiple interconnected subnets with a wide array of modern operating systems, including Active Directory domains, Citrix systems, corporate Antivirus solutions as well as Intrusion Prevention Systems which attackers must learn to cope with.
Dec 15, 2014
2 min read
Kali Linux
Bypassing Windows and OSX Logins with NetHunter & Kon-boot
The Kali Linux NetHunter platform has many hidden features which we still haven’t brought to light. One of them is the DriveDroid application and patch set, which have been implemented in NetHunter since v1.0.2. This tool allows us to have NetHunter emulate a bootable ISO or USB, using images of our choosing. That’s right, you can use NetHunter as a boot device which holds a library of bootable ISOs and images…And so we begin:
Dec 8, 2014
2 min read
Kali Linux
Kali with Raspberry Pi TFT support
Several weeks ago a request in the Kali forums prompted us to look at the integration of the Adafruit 2.8in TFT touch screen for Kali Linux. A few weeks and much less hair later, we are happy to announce the availability of this image in our Offensive Security custom Kali images section.
Nov 19, 2014
1 min read
Exploit Development
Disarming and Bypassing EMET 5.1
Last week Microsoft released EMET 5.1 to address some compatibility issues and strengthen mitigations to make them more resilient to attacks and bypasses. We, of course, were curious to see if our EMET 5.0 disarming technique has been addressed by the latest version of the toolkit.
Nov 18, 2014
5 min read
Kali Linux
Kali Nexus NetHunter 1.0.2
It’s been a week since our release of the Kali Linux NetHunter, and the feedback is amazing. A NetHunter community has sprung up from nowhere, and the forums and github pages are really active. We’re completely stoked about this community response, and are eager to see it grow. After an intense week of community testing and a slew of bugfixes (including shellshock), we thought it would be a good opportunity to release a NetHunter update. Please welcome NetHunter 1.0.2.
Oct 1, 2014
3 min read
Exploit Development
Disarming EMET v5.0
In our previous Disarming Emet 4.x blog post, we demonstrated how to disarm the ROP mitigations introduced in EMET 4.x by abusing a global variable in the .data section located at a static offset. A general overview of the EMET 5 technical preview has been recently published here.
Sep 29, 2014
10 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity.