-
t0rh4cker replied to the topic Video: Hacking Industrial Control & Building Automation in the forum Control Systems 8 years, 2 months ago
At present we now have an integrated architecture where Industrial Control Systems are no longer isolated from traditional networking equipment. In fact, a quick search using the SHODAN search engine will reveal thousands of NiagaraAX devices accessible over the Internet. A weakness within this system could allow an attacker access to critical…[Read more]
-
t0rh4cker replied to the topic XSS Attack – Busting Browsers to Root! in the forum Web Applications 9 years, 7 months ago
ding! ding! ding! and Maxe the cyborg takes the lead!
#2 – Patch Management (Staying updated and patched from known vulnerabilities.)
Updating to the latest browser versions like IE8 has a built-in XSS filter. It was disabled for the video.
#3 – Enforced Proxy (Filters malicious data, similar to an IPS system somewhat.)
Use the proxy to block…[Read more] -
t0rh4cker replied to the topic Hacking using tor? in the forum Network Pen Testing 10 years, 1 month ago
Sorry but I do not know of a Windows solution yet. I will let you know when I come across one.
I must warn you that even if you use SSL through Tor it can be stripped off. So if you are hacking i wouldn’t be so worried about a bad guy seeing your traffic but rather big brother. If you look at some of the fastest ExitNodes they tend to be lo…[Read more]
-
t0rh4cker replied to the topic Hacking using tor? in the forum Network Pen Testing 10 years, 1 month ago
In certain circumstances I would use Tor for an authorized PenTest. If anything use it to test how effective the administrators are with reviewing logs and finding offending IPs.
Anyway, look at this recent post that will walk you through setting up your box to use Tor for a Pentesting.