Corporate Blog

Author: Nick Popovich

Incident Response Script

Posted By | April 7th, 2011

When dealing with PC’s that are suspected to have a virus there are a myriad of tools to perform “forensic” tasks. However none of them met ALL of my needs. Most got some of the data, were constrained to a particular format, or required user intervention. Not helpful if you want to instruct tier 1 … Continue reading

No Comments »

Tags: , , ,
Filed In: IT Infrastructure Security

Captive Audience: Using iptables and php as a home grown captive portal during penetration tests

Posted By | March 31st, 2011

This, like all penetration testing methods or discussions should be used for educational\professional purposes only. The purpose of this post is to show an interesting client based attack method that can be used in penetration testing. Abusing networks or computers that you do not have permission to be messing with is not smart and can … Continue reading

No Comments »

Tags: , , , , , , , , , ,
Filed In: Security Testing, Uncategorized

Passed the Offensive Security OSCP Exam!

Posted By | November 8th, 2010

It has been an intense journey since I signed up for the PWBv3 course from Offsec.  But, now it is all worth it.  I received notice that I passed and can now claim the title: Offensive Security Certified Professional (OSCP).  I have taken many security courses, and have gotten a few certifications along the way, … Continue reading

1 Comment »

Tags: , , , , , , ,
Filed In: Security Testing

Microsoft (and others’) DLL Load Hijacking Bug – Remote Exploit Possible

Posted By | August 25th, 2010

Microsoft’s  security advisory that came out Monday is a bit vague on this bug, but the issue is a bit more serious matter and deserves security pro’s attention, especially if your company uses in-house applications.  MS KB is here.  The issue itself is not new, but recently published research that details remote attack vectors is. … Continue reading

No Comments »

Tags: , , , ,
Filed In: IT Infrastructure Security

Analyze Malware In The Time It Takes To Grab a Cup Of Coffee

Posted By | August 12th, 2010

Malware analysis is not a skill that every IT security professional has. It comes with a heavy amount of programming experience, an understanding of assembly, computer memory, debuggers and decompilers. Malware analysis can take a lot of time and skill, and is usually not done by organizations’ security staff. The staff leaves it to AV … Continue reading

1 Comment »

Tags: , ,
Filed In: IT Infrastructure Security, Security Testing

The Perfect Storm – A Story of Snort False Positive Verification

Posted By | August 10th, 2010

I recently had an opportunity to do some research into a large volume of Snort IDS rules that had begun to fire (to the tune of millions of alerts a day) for an organization.  At first glance these alerts appeared to be false positives, but they smelled like a lazy application DDoS attempt from some … Continue reading

No Comments »

Tags: ,
Filed In: IT Infrastructure Security, Security Testing

Shellcode, Assembly and Buffer Overflow

Posted By | July 27th, 2010

This is quick commo check and update to my progress with the PWBv3 course. I’ve spent the better part of this week knee deep in shellcode, assembly and debuggers… and let me tell you my brain needs a break!  Don’t let the latter sentence scare you away from this course; the tutorials and examples are … Continue reading

2 Comments »

Tags: , , , , ,
Filed In: IT Infrastructure Security

Metasploit Module Released for Latest Windows 0-day

Posted By | July 21st, 2010

  The folks over at the Metasploit Framework have released a working exploit module that takes advantage of the much talked about vulnerability in the Windows Shell.   This module proves this vulnerability is not limited to being exploited via thumb drives or email attachments.  Microsoft has no patch available as of yet, however they offer some ugly workarounds: … Continue reading

1 Comment »

Tags: , , , ,
Filed In: IT Infrastructure Security, Security Testing

Offensive Security Penetration Testing With Backtrack (PWB3)

Posted By | July 20th, 2010

In my never ending quest for IT security excellence I’ve decided to enroll in the Offensive Security Penetration Testing With Backtrack version 3 (PWB3) course, offered by Offensive-Security.  The course, formerly known as OSCP 101, has turned out to be quite a different animal than other security courses\certification tracks I have taken in the past.  … Continue reading

4 Comments »

Tags: , , , , , , , ,
Filed In: IT Infrastructure Security

Authors