Clik here to view.
New tool DBPwAudit
I have released a new tool that can be used to verify password quality against several database engines. Make sure to check it out here.
View ArticleClik here to view.
MSSQLScan 0.8 released
I made some minor adjustments and bugfixes to the 0.7 release and released 0.8. MSSQLScan should now support a graceous shutdown when doing a ctrl-break and not skip hosts when running out of sockets....
View ArticleClik here to view.
OWASP – Sweden meeting
My presentation from the Swedish OWASP meeting the other day is now online. I spoke about SQL injection (again), efficient UNION exploitation, OOB channels and DNS-tunneling in MSSql, Oracle and MySQL....
View ArticleClik here to view.
Preparing for sec-t
Unfortunately I couldn’t make Vegas this year. According to friends and the slides I have been going through it looked as if there were quite a few really good and interesting talks this year at both...
View ArticleClik here to view.
Extracting information from OScanner reports
Even though I have barely touched oscanner for the last couple of years quite a few apparently still use it as a basic scanner against Oracle. Some have complained a bit about the annoying XML...
View ArticleClik here to view.
smbat CLK_TCK patch
I must say that I am somewhat surprised that people still use the smbat suite for Windows security testing. Since I am doing most Windows testing from Windows now a days I have found myself using...
View ArticleClik here to view.
I'm on Twitter …
… since a while back and actually managing to post some tweets every now and then. I’m attaching a link to my profile.
View ArticleClik here to view.
MSSQLScan release 0.8.4
The new release adds support for a target file containing a list of IP’s to scan. This may be useful for enumerating instance names from a number of known SQL Server addresses. Get the new version here.
View ArticleClik here to view.
Nmap SIP version script
As I’ve been tinkering with VoIP for a while I decided to write a version detection script for Nmap. It’s my first stab at both Nmap scripting and the Lua programming language so don’t expect to much....
View ArticleClik here to view.
15 new nmap scripts
I just posted 15 new nmap scripts to the nmap-dev mailing list. For anyone curios to check them out have a look over here. I’ve been working on these new scripts for a while and they add yet more...
View ArticleScapy with WiFi monitor (rfmon) mode on OS X
After taking the 617 SANS class in Orlando I got curious and wanted to get Scapy working natively on OS X rather than messing about with a Virtual Linux image. A key motivator was the fact that I was...
View Article
