- MS12-020 is in the news this week.
- The Network Journal has a number of nice pieces; recently they demonstrate what can be done in meterpreter after the exploit.
- Wouldn’t it be nice to see a short summary of the various pentesting tools for web applications? The folks at rootcon provide.
- Version 1.3.2 beta of Windows Credential Editor has just been released. This tool lets you grab password hashes from memory and play various pass-the-hash games.
- In 2010, a number of major companies were with with an attack called Aurora that targeted IE6. Find out how that attack works in Metasploit.
- The folks at PenTestIT describe a new Webshell, called 12309.php
- Some new vulnerabilities in Cisco ASA 5505 firewalls were announced.
- Would you like a nice tutorial on tcpdump?