I recently finished writing three Metasploit modules for capturing passwords for VNC, SQL Server and DB2 (and other DRDA based databases). Being new to the Metasploit project (from a development perspective), Ruby and Git I can honestly say it was a challenge. I probably spent more time understanding Git and Ruby than implementing the actual [...]

Nmap 5.50 is out, make sure to check it out. It contains a lot of new NSE stuff, including support for broadcast, pre- and post-rules and most of the scripts I, and many others, have created during the last year. For more information check out the official post http://seclists.org/nmap-hackers/2011/0

I’ve got an e-mail from someone who had trouble with my old rdesktop password guessing patch. So, I took a new look at it and updated it to do more than just dump core It’s available for download from the rdesktop page.

My employer (Inspect it) is hiring in Stockholm (Sweden). Inspect it is looking for people that currently work with IT- and information-security or have a strong desire to do so. Applicants should have experience within one or more of the following areas: – Penetration- and Application-security testing – Application & System security reviews – Incident [...]

Two more scripts of my scripts were added to the development release of nmap, afp-showmount and dns-service-discovery. You can try them out either by downloading them from the nmap-scripts page or by checking out the latest development release over here.