alan

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #50117
      alan
      Participant

      Not sure if you can see recent submission on iseclab’s wepawet site. Here’s another one work a look, use the search feature to grab more recently checked URLs

      http://urlquery.net/search.php?q=.&type=string&start=2012-09-24&end=2012-09-26&max=50

      You might need to sift through some of the lower repped results to get some obsfucated javascript. And they may still be up.

      Congrats, enjoy your studies!

    • #45552
      alan
      Participant

      Thanks for this article. Interesting to see so much interest in Bristol, UK, not far from me!

      Here’s a couple of links to some more material

      Open University: http://www.open.edu/openlearn/body-mind/psychology

      MIT Opencourseware: http://ocw.mit.edu/courses/brain-and-cognitive-sciences/

      I’ll also be interested in seeing the reviews for this book – Human Compromise by Mike Murr http://www.syngress.com/hacking-and-penetration-testing/Human-Compromise/ (when it comes out in a few months), but obviously, buy Chris’ book/course first 🙂

    • #45459
      alan
      Participant

      Check out this list for some practice CTFs http://capture.thefl.ag/practice-ctf/

      Looks like you probably just missed out on registering for the Mozilla CTF https://wiki.mozilla.org/Security/Events/CTF which would have been a good introduction since it’s aimed at less experienced people (at CTFs).

      There are quite a few that go on, check the calendar on http://capture.thefl.ag

    • #44817
      alan
      Participant

      Try adding a null character – test.php%00.jpg

      Also check OWASP site https://www.owasp.org/index.php/Unrestricted_File_Upload for plenty more options I wouldn’t have immediately thought of, like using alternate data streams. 🙂

    • #44669
      alan
      Participant

      I obviously flicked through too quickly, here’s the holiday challenge link from the slides: Much like those previously seen featured on EH.net

      http://pen-testing.sans.org/holiday-challenge

      EDIT: Well that was fun, perhaps slightly easier that some previous challenges, have a go!

    • #44271
      alan
      Participant

      what about the jpg ones?

      EDIT: sent you a pm

    • #44140
      alan
      Participant

      Are you sure this is the only answer? This article suggests there may be a hidden 4th challenge!

      http://www.theregister.co.uk/2011/12/06/hidden_gchq_code_breaking_challenge/

    • #44269
      alan
      Participant

      Check the long list of them on here: http://www.jjtc.com/Steganography/tools.html

      Good luck on becoming a cyber warrior, it’s a fun puzzle!

    • #43898
      alan
      Participant

      There’s also a security class from the same place.

      “In this class you will learn how to design secure systems and write secure code. You will learn how to find vulnerabilities in code and how to design software systems that limit the impact of security vulnerabilities. We will focus on principles for building secure systems and give many real world examples. In addition, the course will cover topics such as:

      memory safety vulnerabilities,
      techniques and tools for vulnerability detection,
      sandboxing and isolation,
      web security,
      network security,
      malware detection and defense, and
      mobile platform security.

      Course homework and labs will teach students how to find vulnerabilities and how to fix them. The labs are designed to help students practice the principles of secure system design.”

      http://www.security-class.org/

    • #38745
      alan
      Participant

      Worked for me – HF5, I’d just delete and start SVN again.

      Let me know what other tools you play with on the pandora.

    • #38743
      alan
      Participant

      Curious how you installed it, I did a while back with the SVN from secmaniac.com and it worked flawlessly on my pandora.

      Giving it another try now to see if i get the same issue as you.

      EDIT: This guy had the same error http://www.backtrack-linux.org/forums/backtrack-bugs/37042-social-engineering-toolkit-v1-2-error.html fix was svn update

      Something came up, will have to try this out later on.

    • #37957
      alan
      Participant

      I think the EthicalHacker.net group discount code is Connect_EHN10, seems to work.

      Click on the links to find out what those extra options give you

      I’d want to take the exam after forking out for the course!

    • #37840
      alan
      Participant

      Interesting… I almost did something without realizing there was a related competition!

      Good luck everyone, I’ve got Thomas’ other book and can say it was a great read.

      EDIT: Removed

    • #37439
      alan
      Participant

      missing don in irc  :'(

    • #36751
      alan
      Participant

      I can’t help with GWAPT exam experience, but as Kris mentions, that books is a great resource.

      you should check out OWASP broken web applications http://code.google.com/p/owaspbwa/ It has the apps you’ve listed aswell as some old versions of web apps that were vulnerable.

Viewing 14 reply threads

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?