And now for a change of pace, these caught my eye this week.
Presented in no known order.
- Everything you wanted to know about SQL injection (but were afraid to ask) - Troy Hunt’s blog
- Kali Linux - Penetration Testing Platform - Kali Linux
- Pass-The-Hash: Protect Your Windows Computers! (Part 1) :: Viruses, trojans and other malware - WindowSecurity.com
- Pass the Hash and Other Credential Theft and Reuse: Preventing Lateral Movement and Privilege Escalation - TechEd North America 2013 | Channel 9
- Techniques malware authors use to evade detection - Help Net Security post.
- ZeroAcces rootkit dominates, adds new persistence techniques - Help Net Security post.
My kind friend the TinyApps bloggist tipped me to these super-juicy fruits.
- Sprites mods - Hard disk hacking - Intro - SpritesMods.com
- Hard drive hack provides root access, even after reinstall | Hacker News
- Researchers demo exploits that bypass Windows 8 Secure Boot | ITworld
Which led to a fun correspondence, from which I then jumped and found this great resource:
Moving on we also have…
- Quickpost: Rovnix PCAP - Didier Stevens. Didier graciously provided a PCAP file for download and analysis of this clever litter bugger. So you don’t have to risk your system. For more info on the nasty; The evolution of Rovnix: Private TCP/IP stacks - Microsoft Malware Protection Center.
The RSA Blog has some great material here for incident responders:
- Responding When the Attacker has a Foothold - Part 1 - Speaking of Security - The RSA Blog
- Analysis Techniques: Responding When the Attacker has a Foothold – Part II - Speaking of Security - The RSA Blog
- Analysis Techniques: The Attacker Has a Foothold – Part III, Assessing Scope - Speaking of Security - The RSA Blog
- List of keys parsed by RegRipper Plugins /Generated by 3R - RegRipper Ripper v0.2/ - Hexacorn blog - Amazing resource for you RegRipper fans! Spotted via this 3R update post.
- Making the build even easier - Windows Forensic Environment - The always WinFE restless guru Brett Shavers is teasing us with news of a WinBuilder project to create a standalone “push-button” WinFE build project. Sweet!