http://www.digininja.org/rss.xml Security and general IT tools and tips en-gb Copyright DigiNinja 2010-09-10T06:27:51+01:00 DigiNinja IT Security http://www.digininja.org/blog/pocket_trojan.php The Trojan in your pocket - Do you know what your phone is doing? http://www.digininja.org/blog/pocket_trojan.php http://www.digininja.org/projects/rsmangler.php A custom wordlist generator that creates permutations of all the input words as well as just manipulating them individually http://www.digininja.org/projects/rsmangler.php http://www.digininja.org/metasploit/mssql_idf.php A Metasploit module to accompany my blog post on finding interesting data in MSSQL databases. http://www.digininja.org/metasploit/mssql_idf.php http://www.digininja.org/blog/finding_interesting_db_data.php Automating looking through MSSQL databases to find interesting sounding column names. Once found automating pulling back some sample data to give a feel as to whether it is worth investigating. http://www.digininja.org/blog/finding_interesting_db_data.php http://www.digininja.org/blog/ultrasound.php This scan result beats any I've seen from Nessus, Nikto or Nmap. I'm going to be a daddy! http://www.digininja.org/blog/ultrasound.php http://www.digininja.org/karma/index.php Karma was originally written for Madwifi and I then updated it to work with Madwifi-ng. This update adds the same functionality to hostapd. http://www.digininja.org/karma/index.php http://www.digininja.org/metasploit/dns_dhcp.php My DHCP and DNS Metasploit attack modules, now fixed up to work with Ruby 1.9.x http://www.digininja.org/metasploit/dns_dhcp.php http://www.digininja.org/projects/nexcser.php Converts Nessus v2 reports to various CSV files to help with reporting and continued scanning. http://www.digininja.org/projects/nexcser.php http://www.digininja.org/blog/giskismet_ignore_gps.php A patch to GISKismet so it will import Kismet data which doesn't include GPS positions. http://www.digininja.org/blog/giskismet_ignore_gps.php http://www.digininja.org/metasploit/session_created.php Now with added verbosity, reads IP address and port of connecting clients. http://www.digininja.org/metasploit/session_created.php http://www.digininja.org/metasploit/dns_dhcp_beta.php I've updated these to run with the latest version of Metasploit. http://www.digininja.org/metasploit/dns_dhcp_beta.php http://www.digininja.org/projects/ossec_kismet_rules.php Handle alerts generated by Kismet Newcore in OSSEC. http://www.digininja.org/projects/ossec_kismet_rules.php http://www.digininja.org/projects/ossec_rule_converter.php Save the effort of having to keep an XML file up-to-date and create your rules in a spreadsheet then convert to XML with my app. http://www.digininja.org/projects/ossec_rule_converter.php http://www.digininja.org/blog/door.php I really want to know what is behind this door. http://www.digininja.org/blog/door.php http://www.digininja.org/metasploit/session_created.php A patch for Metasploit to have it play a wav file telling you a new session has been created. Similar to the Core 'Agent Deployed'. http://www.digininja.org/metasploit/session_created.php http://www.digininja.org/blog/password_experiment.php A write up of an experiment where I asked a class to give me their passwords. http://www.digininja.org/blog/password_experiment.php http://www.digininja.org/projects/cewl.php Now with JS redirect checking and a bug fix for an issue I found in the ruby spider gem http://www.digininja.org/projects/cewl.php http://www.digininja.org/projects/calc_ip_range.php Given a IP address calculate the top and bottom of its available subnet range http://www.digininja.org/projects/calc_ip_range.php http://www.digininja.org/blog/secvidofday.php What is #secvidofday and why am I doing it? http://www.digininja.org/blog/secvidofday.php http://www.digininja.org/blog/ap_collection.php I'm going to be doing some AP testing and this is a small part of the collection. http://www.digininja.org/blog/ap_collection.php http://www.digininja.org/kreiosc2/ KreiosC2 can now channel data over TinyURL and JPEG as well as the original Twitter. http://www.digininja.org/kreiosc2/ http://www.digininja.org/blog/pentester_scripting.php How I got involved in yet another new project, this time the PenTester Scripting community wiki http://www.digininja.org/blog/pentester_scripting.php http://www.digininja.org/metasploit/dns_dhcp_beta.php Two new beta Metasploit modules, one for DNS MiTM and one for DHCP Exhaustion attacks http://www.digininja.org/metasploit/dns_dhcp_beta.php http://www.digininja.org/blog/microsd.php This Micro SD reader is so small it is only just larger than the USB connector it is built on http://www.digininja.org/blog/microsd.php http://www.digininja.org/projects/kreiosc2.php#download Split KreiosC2 commands over multiple tweets, a very simple example language http://www.digininja.org/projects/kreiosc2.php#download http://www.digininja.org/blog.php Do you know what the VM or live CD you have just downloaded really contains and if you don't, how do you find out? http://www.digininja.org/blog.php http://www.digininja.org/ Launching KreiosC2, version 2 of Twitterbot with new name and new dynamic language options http://www.digininja.org/ http://www.digininja.org/ I've finally got round to styling the new site http://www.digininja.org/