cnbird's blog

cnbird's blog

KrbGuess – Guess/Enumerate Kerberos User Accounts

KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you ...

2009-10-30 09:27:00

阅读数 724

评论数 0

A Fuzzing Approach to Credentials Discovery using Burp Intruder

http://www.sans.org/reading_room/whitepapers/testing/rss/a_fuzzing_approach_to_credentials_discovery_using_burp_intruder_33214

2009-10-30 09:17:00

阅读数 707

评论数 0

Global Hauri ViRobot Server cookie overflow

DMA[2005-0614a] - Global Hauri ViRobot Server cookie overflowAuthor: Kevin FinisterreVendor: http://www.globalhauri.comProduct: ViRobot Linux (and Un...

2009-10-29 16:05:00

阅读数 763

评论数 0

Username Enumeration Vulnerabilities

 We all know what username enumeration vulnerabilities are about. In this post, I will talk about them within the context of web application pentesti...

2009-10-29 14:45:00

阅读数 1334

评论数 0

default logins and password

 http://www.governmentsecurity.org/articles/default-logins-and-passwords-for-networked-devices.html

2009-10-29 14:23:00

阅读数 542

评论数 0

Apache Server GUI and Tools NetLoony

 http://netloony.sourceforge.net/

2009-10-29 13:54:00

阅读数 556

评论数 0

WEB安全工具大收集

很多,非常多。Test sites / testing groundsSPI Dynamics (live) – http://zero.webappsecurity.com/Cenzic (live) – http://crackme.cenzic.com/Watchfire (live) – ...

2009-10-29 13:37:00

阅读数 1573

评论数 0

善用PGP加密工具的七大法宝

 

2009-10-29 10:37:00

阅读数 593

评论数 0

linux swatch 使用笔记

http://hi.baidu.com/%BF%D5%C6%F8%C8%CB%B6%F9/blog/item/dedb06b1c26adc52092302e0.html

2009-10-28 19:03:00

阅读数 840

评论数 0

Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool

Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetrat...

2009-10-28 13:19:00

阅读数 557

评论数 0

Benchmarking Mail Relays and Forwarders

postal是一个不错的SMTP压力测试工具,作者还写了Bonnie++,他是一个测试磁盘IO的东西,也很不错。 Postal is a mail server benchmark that I wrote. The main components of it are postal for tes...

2009-10-27 17:21:00

阅读数 671

评论数 0

Linux下共享文件系统文件传输的简单设计(转载)

共享文件系统文件传输,是网络侦控项目中的一个实际操作。它是为了抵制入侵者进入内网而提出的一种安全解决方案。在实际传输过程中,拓扑图如下:实际环境均在Linux主机下进行。采用OCFS2文件集群的方式。外部主机A和内部主机B之间的通讯,均通过共享存储空间C进行接受和发送。这样即使入侵者拿下外部主机A...

2009-10-27 10:51:00

阅读数 1160

评论数 0

burp Suite help

http://portswigger.net/suite/help.html

2009-10-27 09:57:00

阅读数 769

评论数 1

跨域访问

简单说说跨域访问http://farthinker.cn/2007/12/22/cross-domain-visit/ 使用 window.name 解决跨域问题http://www.planabc.net/2008/09/01/window_name_transport/

2009-10-26 22:02:00

阅读数 560

评论数 0

Linux 静态路由

/etc/sysconfig/network-scripts/route-ethX 也能定义单个网卡的静态路由呀,我之前只知道/etc/sysconfig/static-route

2009-10-26 09:45:00

阅读数 511

评论数 0

《CISSP认证视频》(Shon Harris CISSP Training 2007 Platinum)CSH.CISSP.2007 铂金版 完结[ISO]

下载地址http://www.verycd.com/topics/241533/

2009-10-25 16:33:00

阅读数 929

评论数 0

nginx dos

debian:~# uname -a Linux debian 2.6.18-6-686 #1 SMP Thu Aug 20 21:56:59 UTC2009 i686 GNU/Linuxdebian:~# cat /etc/issueDebian GNU/Linux 4.0 /n /ldebia...

2009-10-24 17:30:00

阅读数 743

评论数 0

/proc filesystem allows bypassing directory permissions on Linux

Hi!This is forward from lkml, so no, I did not invent thishole. Unfortunately, I do not think lkml sees this as a security hole,so...Jamie Lokier sai...

2009-10-24 17:27:00

阅读数 653

评论数 0

FastTrack Autopwn

http://www.securitytube.net/FastTrack-Autopwn-video.aspx

2009-10-24 12:17:00

阅读数 631

评论数 0

rhel5中管理swap空间

一、添加swap空间:1、扩展一个现有的swap空间:、首先禁止正在使用的swap空间:   [root@server4 ~]# swapoff /dev/mapper/tools-swap    、重新resize /dev/mapper/tools-swap:   [root@server4 ...

2009-10-23 16:10:00

阅读数 565

评论数 0

提示
确定要删除当前文章?
取消 删除