Blog
News and updates from OffSec
Sep 27, 2012
Stand-Alone EM4x RFID Harvester
Continuing off from our last RFID Cloning with Proxmark3 post, we wanted to build a small, portable, stand-alone EM4x RFID tag stealer. We needed an easy way of storing multiple tag IDs whilst “rubbing elbows” with company personnel. The proxmark3 seemed liked an overkill and not particularly fast at reading em4x tags so we figured we’d try hooking up our RoboticsConnection RFID reader to a Teensy and see if we could make them play nicely together.
Categories
Research & Tutorials
RFID Cloning with Proxmark 3
Our Proxmark 3 (and antennae) finally arrived, and we thought we’d take it for a spin. It’s a great little device for physical pentests, allowing us to capture, replay and clone certain RFID tags.
Sep 24, 2012
5 min read
Enterprise Security
Offsec BlackHat / Defcon Scavenger Hunt
Are you in Vegas for BlackHat and Defcon ? Are you desperately looking for Offensive Security schwag ? We are giving out Metasploit books, BackTrack Challenge coins and large sized BackTrack Decals in this years BlackHat and Defcon conferences. So, what exactly does one need to do to get these wonderful, sought after gifts ? It’s easy:
Jul 24, 2012
2 min read
Research & Tutorials
FreePBX Exploit Phone Home
During a routine scan of new vulnerability reports for the Exploit Database, we came across a single post in full disclosure by Martin Tschirsich, about a Remote Code Execution vulnerability in FreePBX. This vulnerability sounded intriguing, and as usual, required verification in the EDB. At first glance, the vulnerability didn’t jump out at us, especially as we are not familiar with the inner workings of asterisk. After a couple of emails back and forth with Martin, the path to code execution became clearer:
Mar 23, 2012
3 min read
OffSec News
Announcing the OSEE Certification
Since the inception of our Advanced Windows Exploitation (AWE) course, our students (who are always searching for more pain) have been asking for an accompanying certification exam. We are very pleased to announce the launch of the Offensive Security Exploit Expert (OSEE) certification.
Jan 16, 2012
2 min read
Enterprise Security
PWB in the Caribbean, Part 3
In Part 2 of our series of posts on the recent PWB in the Caribbean course, Johnny was desperately seeking an exit from the upcoming pain that is exploit development. However, he didn’t come up with an escape plan quickly enough and his tale continues in this latest diary entry.
Dec 28, 2011
5 min read
Enterprise Security
PWB in the Caribbean, Part 2
In our ongoing series covering our most recent live PWB in the Caribbean course, Johnny picks up from Part 1 and provides an inside and personal look at the course as it picks up speed and increases in difficulty.
Dec 21, 2011
4 min read
Penetration Testing
Offensive Security Wireless Attacks Updated
At long last, our highly rated Wireless Attacks Course (Wi-Fu) has been updated to version 3! This is a major revision of the course with a complete restructure and redesign of the course content with a far broader range of attack techniques.
Dec 7, 2011
2 min read
Exploit Development
MS11-080 Exploit – A Voyage into Ring Zero
Every patch Tuesday, we, like many in the security industry, love to analyze the released patches and see if any of them can lead to the development of a working exploit. Recently, the MS11-080 advisory caught our attention as it afforded us the opportunity to play in the kernel and try to get a working privilege escalation exploit out of it.
Dec 6, 2011
6 min read
Exploit Development
Advanced Windows Exploitation Updated
Our Advanced Windows Exploitation (AWE) live course in Columbia, Maryland is fast approaching with a start-date of October 24. Not only is the first time we have offered this training outside of BlackHat, it is also the first time we are able to offer a full 5 days of training and a limited number of seats are still available for this intense course.
Oct 12, 2011
2 min read
Kali Linux
Metasploit: A Penetration Testers Guide
Offensive Security is happy to announce the availability of Metasploit, The Penetration Tester’s Guide – A new book by Dave Kennedy (ReL1K), Devon Kearns (dookie), Jim O’Gorman (_Elwood_), and Mati Aharoni (muts). The book is released through No Starch Press.
Jul 12, 2011
2 min read
Kali Linux
MSFU Updates – June 2011
Over this past month, we have put a great deal of time into bringing our free online course, Metasploit Unleashed in line with BackTrack 5. The majority of these changes are cosmetic in nature but they should help to reduce confusion for newcomers to Metasploit and BackTrack while ensuring a consistent look throughout. We have also taken this opportunity to do more functionality verification in the course.
Jun 16, 2011
1 min read
Kali Linux
MSFU Updates – May 2011
This month, even with the rampant development and release of BackTrack 5, we still devoted some time to updating Metasploit Unleashed. The Metasploit team is making a great deal of progress switching over to post-exploitation modules so we focused entirely on them this month and added many to the Metasploit Module Reference section.
May 16, 2011
1 min read
Join the OffSec community
Our community members connect, communicate, and collaborate on all things cybersecurity