Posts | Archive

ARBSEC Officially Launched

ARBSEC, a CitySec-style meetup for security professionals in the Ann Arbor area, has been officially launched!  Our first meeting, ARBSEC 01, will be at 6:00pm on March 4th at Bar Louie in Ann Arbor.

arbsec

What

An informal meetup of information security professionals in Ann Arbor. Unlike other meetups, you ...


dpkt Tutorial #3: DNS Spoofing

In our first and second dpkt tutorials, we looked at the simple construction and parsing of packets respectively.  Our third tutorial combines both parsing and construction of packets in a single utility for performing DNS spoofing (a la dsniff's dnsspoof).

dpkt is a sweet framework for creating and parsing ...


VirusTotal Python Submission Script

Here is a simple python script for batch malware submissions to VirusTotal via its email interface.  Simply replace the SMTP-related variables at the top of the script and you're ready to rock!

Download vtsubmit.py

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14 ...

dpkt Tutorial #2: Parsing a PCAP File

As we showed in the first dpkt tutorial, dpkt makes it simple to construct packets.  dpkt is equally useful for parsing packets and files, so in this second tutorial we will demonstrate parsing a PCAP file and the packets contained within it.

dpkt is a sweet framework for creating and ...


Bash Brace Expansion Cleverness

Brace expansion is a nice feature in the Bash interpreter that happened to be exactly what I needed during an audit.  A good thing to log away in memory in case you ever find yourself in a pen-test environment with similar constraints.

Bash Command Injection

During an audit of a ...

Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.