Friday, 26. August 2011
Malheur Automatic Malware Analysis - Linux
Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Malheur allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.

Download
http://www.mlsec.org/malheur/download.html

Installation
http://www.mlsec.org/malheur/install.html

Permalink

 


Windows Registry Forensics
Title: Windows Registry Forensics
Author:Harlan A. Carvey
Publisher: Syngress
Pages: 248
Release Date: Feb 7, 2011

Here is the table of contents

Chapter 1. Registry Analysis
Introduction
What Is “Registry Analysis”?
What Is the Window Registry?
Registry Structure
Summary

Chapter 2. Tools
Introduction
Live Analysis
Forensic Analysis
Summary

Chapter 3. Case Studies: The System
Security and SAM Hives
System Hive
Software Hive
BCD Hive
Summary

Chapter 4. Case Studies: Tracking User Activity
Tracking User Activity
Scenarios
Summary
References

Permalink

 


Key Ashampoo Undeleter
Key Features of Ashampoo Undeleter

Recovery of files and directories on NTFS as well as FAT 12, 16, 32 partitions
Recovery of files on partitions with active NTFS compression
Recovery of files on partitions with active NTFS encryption
Recovery of alternate data streams (ADS) on NTFS partitions
Support of all known file systems on Microsoft Windows®
VERY fast MFT and FAT algorithm, as well as extremely quick recovery
Unlimited recoverable objects (files, directories)
Assessment and evaluation of the condition of recoverable objects
Quick and therefore intuitive user interface

Follow below steps to grab free Ashampoo Undeleter

Click here
http://www.ashampoo.com/frontend/registration/php/regpopinstall.php?session_langid=1&edition_id=lvjqld55tzy0wk2iktboolur8knscvin
to visit promo page
Enter your email address to register. Existing users will be prompted to login to your account
We will receive your free license key by email.

Permalink

 


Knock v1.5 - Subdomain Scanner - Python
Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text.
Usage
$ python knock.py
Rapid Scan
Scanning with internal wordlist:
$ python knock.py
Scanning with external wordlist:
$ python knock.py
Options
-zt Zone Transfer discovery:
$ python knock.py -zt
-dns Dns resolver:
$ python knock.py -dns
-wc Wildcard testing:
$ python knock.py -wc
-wc Wildcard bypass:
$ python knock.py -bw

Download
http://code.google.com/p/knock/downloads/list

Permalink

 


SSL Server Testing - Online
This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet. Please note that the information you submit here is used only to provide you the service. We don't use the domain names or the test results, and we never will.

Source
https://www.ssllabs.com/ssldb/analyze.html

Permalink

 


Dissecting Java Server Faces for Penetration Testing
This paper sheds light on the findings of security testing of Java
Server Faces. JSF has been widely used as an open source web framework
for developing efficient applications using J2EE. JSF is compared with
ASP.NET framework to unearth potential security flaws.

Download PDF
http://www.secniche.org/jsf/dissecting_jsf_pt_aks_kr.pdf

Permalink