Blog
News and updates from OffSec
Dec 13, 2010
Metasploit Pro Added to the PWB Labs
We are very happy to announce that our Penetration Testing with BackTrack online labs now include installations of Metasploit Pro. Deep within our lab network, students who Try Harder™ will encounter credentials for these installations that will allow them to enjoy the use of a tool that simplifies many of the tasks that they had to perform manually.
Categories
Research & Tutorials
Godaddy Workspace XSS – Who’s your Daddy ?
An interesting submission in from the Exploit Database – a Godaddy workspace XSS vulnerability. Although we did not post it (live site), the vulnerability seems real, and definitely worth mentioning.
Dec 11, 2010
1 min read
Kali Linux
Armitage in BackTrack 4 r2
A brief time ago, an exciting GUI front-end for Metasploit named Armitage was released. For being an initial release, Armitage is very polished and so we knew we had to add it to the BackTrack respositories.
Nov 29, 2010
3 min read
Kali Linux
Metasploit with MySQL in BackTrack 4 r2
Until the release of BackTrack 4 r2, it was possible to get Metasploit working with MYSQL but it was not an altogether seamless experience. Now, however, Metasploit and MYSQL work together “out of the box” so we thought it would be great to highlight the integration. With the Metasploit team moving away from sqlite3, it is vital to be able to make use of a properly threaded database. There have also been quite a number of additional database commands added to Metasploit and documentation tends to be rather sparse online when it comes to the less “glamorous” side of database management.
Nov 21, 2010
7 min read
Kali Linux
MSFU Updates – November 2010
This past month has been busy yet we have been steadily updating the free Metasploit Unleashed Training course with the largest growing area being the Module Reference section. This month has also seen updates to the Fast-Track and Social-Engineer Toolkit sections of the wiki.
Nov 15, 2010
1 min read
Exploit Development
Winamp 5.58 Exploit Development
The guys at the Exploit Database posted an awesome writeup on a Winamp 5.58 Exploit Development storming session – with some really cool results. In the end, they ended up writing a short assembly sequence to walk through the payload and replace bad characters with original shellcode bytes.
Oct 27, 2010
1 min read
Exploit Development
Adobe Shockwave player rcsL chunk memory corruption 0day
Adobe Shockwave player rcsL chunk memory corruption 0day demonstration and video
Oct 21, 2010
1 min read
Kali Linux
Metasploit Unleashed, Again!
Metasploit Unleashed – new wiki with updated materials
Oct 6, 2010
2 min read
Kali Linux
Metasploit Unleashed – Updates
Updates to the Metasploit Unleashed Free online Training course, by Offensive Security.
Aug 26, 2010
1 min read
Kali Linux
Metasploit 3.4 and SET 0.6.1 on iPhone 4
Installing metasploit and social engineering toolkit SET on iPhone 4
Aug 7, 2010
3 min read
OffSec News
BlackHat, BackTrack and EDB Updates
Updates from BlackHat, BackTrack Exploit-Database, Social-engineer.org and more!
Aug 7, 2010
1 min read
Kali Linux
How to Update to BackTrack 2.6.34
Howto Update BackTrack to the latest Kernel 2.6.34
Jul 5, 2010
1 min read
Kali Linux
BackTrack ISO Kernel 2.6.34 Upgrade
BackTrack ISO Kernel 2.6.34 Upgrade
Jul 2, 2010
3 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity