On January 17th I had the privilege to present the HACK.ME project during a Black Hat Webcast with Travis Carelock as moderator and Karl Snider from IBM as sponsor of the event.
Hack.me, that we launched in October 9th during a live event with the Ethical Hacker Network community, is the platform where the commuinty can build and share with others, full-fledged vulnerable web applications.
How do you call a server that is up just to receive your code, and run it?
And by “code”, I mean your nasty code.
We called it Hack.me and we are really excited to have it launched in closed Beta to a bunch of passionate developers, who are already pouring lines and lines of vulnerable applications in it.
Yesterday we’ve announced our craziest project ever. We’ll release it on October 9th.
(Why crazy? Subscribe to our RSS)
If you still don’t know about it, please check it out here.
Ever since the first time I envisioned a platform where vulnerable web applications could be created and shared much like you do with a Mobile App on the Apple Store, me and Domenico Quaranta (@domequaranta), creator of Coliseum, would relentlessly put down notes and ideas on how this platform should have looked like.
Tools: Nessus, Metasploit, Nmap, proxychains.
Attention: In our tests proxychains works only on 32 bit Backtrack 5
One of the best features that Metasploit offers is the ability of “pivoting”. With this technique, an attacker can use a compromised machine as a “pivot” to attack other machines in the same or in other networks that the compromised host can reach.
Two months after the release of our Penetration testing course Professional v2, it’s time to uncover all the details and fantastic learning opportunities of our training course and Hera lab.
On May 29th I will personally walk you through our Penetration testing course and Virtual Labs, giving a live demo and answering all your questions (Yes you can ask live questions).
eLearnSecurity is proud to announce the immediate availability of the new Penetration Testing Course Professional v2 and the new Virtual Labs called Hera.
Version 1 of our training course has had over 2,000 students from 82 different countries in the world and professionals Military agencies and Fortune 50.
If you are wondering what happened since last post well, we’d need a full book to describe.
Nothing bad, all awesome things. Things got hectic and projects and opportunities for us endless.
This won’t forgive us for not being present on the blog but you know this is start-up life in a tough world like Information Security.
We have got new 9 minutes of pwnage for you to enjoy in our Youtube channel
Hello everyone, new week, new video.
Here you can see the difference between using staged and non staged shellcodes from a functional point of view and under the perspective of a pentester who wants to evade AV’s. Then we dive into msfencode and its usage to bypass AV’s.
There’s a new video in our Youtube channel.
We are keeping up with our promise to deliver one free pentesting video every week.
So if you have not subscribed yet:
The new video will deal with Msfpayload, a handy utility shipped with Metasploit that lets you use shellcodes (payloads) and builds stand alone executables around them.