[Owasp-cuiaba] [off-topic ]Fwd: Penetration Testing with Android!

Kembolle Amilkar haxorcoding em gmail.com
Quarta Julho 25 20:19:34 UTC 2012

Dae Oscar, ialle , ironbit's ! :D lembrei de vocÊ$ ! []'s

*Att. Kembolle Amilkar *
#/[ kembolle.com.br <http://www.kembolle.com.br> ] - Consultoria Segurança
da Informação.
#/ [ samurayconsultoria.com.br ] - Chief Security Officer - Samuray
#/ Systems Analyst | Esp. Information Security | Computer Forensic Expert |
#/ Owasp Chapter Lider Cuiabá - https://www.owasp.org/index.php/Cuiaba
#/ Mobile: [65] 9979-2925  && contato[at]kembolle.com.br.

---------- Forwarded message ----------
From: Hakin9 <newsletteren em hakin9.org>
Date: 2012/7/25
Subject: Penetration Testing with Android!
To: haxorcoding em gmail.com

   [image: logo]<http://mytalkoot.com/12all/lt.php?c=2727&m=1896&nl=9&s=d73595e8b8247a8837249ed853d7c873&lid=61694&l=-http--hakin9.org>
    If you are curious how an attacker can attack without being online
check out the new issue of Exploiting Software Hakin9! Now the issue
available also in single sale.   *Searching For Exploits, SCAPY Fuzzing*
*By Craig Wright*

With SCAPY we can sniff network traffic, interactively manipulate it, and
fuzz services. More, SCAPY decodes the packets that it receives without
interpreting them.

*They Are Offline But I Exploited Them*
*By Bhaumik Merchant*

The article is going to show some ways by which an attacker can attack a
remote victim without being online (attacker may or may not be online AND
victim may or may not be online), using zombie...

*An In-Depth Analysis on Targeted Attacks*
*By Cris Pantanilla*

Some people that are not aware of these attacks are usually victims of
social engineering. Cybercriminals seems to mix and match exploits on
different software that allow new ways of malware infection. You will learn
a basic analysis of a malware code embedded into a document.

*Automated security audit of a web application*
*By Dominique Righetto*

This article reveals a tool that can be used to automate web application
security check during the implementation lifecycle. This tool is called
W3AF. Learn how to create a Python module named *

*Reverse Engineer Obfuscated*
*By Travis Altman*

Travis will show you how the developer uses an obfuscation technique but
this isn’t going to stop us from reversing the program then modifying it to
our content.

*Cross Site Scripting(XSS)*
*By Badrish Dubey*

Cross Site Scripting (XSS) has been rated 2nd in OWASP (Open Web
Application Security Project) TOP 10 vulnerability list and 8th in the list
of threat classification v2.0 for WASC (Web Application Security

*Implementing Rsylog to forward log messages on an IP network*
*By Lara Sanz*

You will learn how to send logs from the client to the server using TCP,
configure a log server for the reception of the logs using TCP and
configure templates to make a correct separation of the logs in our server.

*Weak Wi-Fi Security, Evil Hotspots and Pentesting with Android*
*By Dan Dieterle*

We will see how a penetration tester (or unfortunately, hackers) could set
up a fake Access Point (AP) using a simple wireless card and redirect
network users, capture authentication credentials and possibly gain full
remote access to the client. We will also look at the latest app for
Android that allows you to turn your Wi-Fi smart phone or tablet into a
pentesting tool.

spread the word about Hakin9. Hakin9 team wish you good reading!
en em hakin9.org
Click here to unsubscribe<http://mytalkoot.com/12all/box.php?nl=9&c=2727&m=1896&s=d73595e8b8247a8837249ed853d7c873&funcml=unsub2>

 Email marketing by

-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://lists.owasp.org/pipermail/owasp-cuiaba/attachments/20120725/78787b8b/attachment.html>

More information about the Owasp-cuiaba mailing list