In Egypt : 30 % discount Coupon for EC council Courses inside the Printed Copy.

Printed Copy Request
Coming Soon : Arabic Version

Open Source Web Application Security Testing Tools by Vinodh Velusamy

Author shows the significance of Open Source Web Application Security Testing Tools. As he claims „When you choose and use good tools, you’ll know it. Amazingly, you’ll minimize your time and effort installing them, running your tests, reporting your results – everything from start to finish.

Most importantly, with a good web vulnerability scanner you’ll be able to maximize the number of legitimate vulnerabilities discovered to help reduce the risks associated with your information systems.
At the end of the day and over the long haul, this will add up to considerable business value you can’t afford to overlook”.

More Articles:

- Modeling Security Penetration Tests with Stringent Time Constraints by Alan Cao
- The puzzlepices by Daniel Clemens
- WebAppSecurity for Newbies part 2 Herman Stevens
- Web Application Common Vulnerabilities – Part I by Bryan Soliman
- CYBER STYLETTO by Mike Brennan and Richard Siennon


SUBSCRIBE NOW AND GET 2 AMAZING E-BOOKS !

1. CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits details the methodologies, framework, and unwritten conventions penetration tests should cover to provide the most value to your organization and your customers.

2. In his new book "Save the Database, Save the World!" John Ottman captures the essence of the threats we face to the information that drives business. Organized crime, underhanded competitors and even foreign governments are looking to gain any financial, competitive or operational advantage and these enemies are going directly after the databases and the applications that access data.

After subscribing contact katarzyna.zwierowicz@software.com.pl with "WAPT" in the tittle of the message.

You can visit us at: http://www.pentestmag.com

Defenses of any sort, virtual or physical, are a means of forcing your attacker to attack you on your terms, not theirs. As we build more elaborate defenses within information security, we force our attacker’s hand. For instance, in many cases, implementing multi-factor authentication systems just forces the attacker to go after that system directly to achieve their goals. Take the breach at RSA, for example. It has been attributed to attackers who needed the SecurID information to go after their real targets in the defense industry.

Recently, our lab has been talking about Sykipot:

• Are the Sykipotʼs authors obsessed with next generation US drones?
• Another Sykipot sample likely targeting US federal agencies

As we discussed, this malware has been used to launch targeted attacks via “spear phishing” campaigns against targets mainly in the US, since around 2007. According to our research, these attacks originate from servers in China with what appears to be the purpose of obtaining information from the defense sector: the same sector that makes extensive use of PC/SC x509 Smartcards for authentication.

Smartcards have a long history of usage in the Defense Sector, for both physical and information access management, and historically have merely forced attackers to route around the smartcard authentication system through other, more vulnerable attack vectors.

It should come as no surprise, then, that we recently discovered a variant of Sykipot with some new, interesting features that allow it to effectively hijack DOD and Windows smart cards. This variant, which appears to have been compiled in March 2011, has been seen in dozens of attack samples from the past year.

Like we have shown with previous Sykipot attacks, the attackers use a spear phishing campaign to get their targets to open a PDF attachment which then deposits the Sykipot malware onto their machine (the attackers here took advantage of a zero-day exploit in Adobe). Then, unlike previous strains, the malware uses a keylogger to steal PINs for the cards. When a card is inserted into the reader, the malware then acts as the authenticated user and can access sensitive information. The malware is controlled by the attackers from the command & control center.

Click Here to get a whole lot more details on the attack

Greetings Site5 Customers!

The U.S. Congress is currently considering two bills -- one in the House of Representatives called SOPA (Stop Online Piracy Act) and another in the Senate called PIPA (Protect IP Act). These bills both attempt to use similar methods to further criminalize and police intellectual property infringement. Although protecting intellectual property is important, these bills would use heavy-handed tactics that would censor and splinter the Internet.

SOPA and PIPA would grant the U.S. government the ability to block almost any website on the Internet if the site is perceived to be an "infringing site." Search engines would be required to remove the site from their search listings, payment processors and advertisement networks would be forbidden from doing business with the site, and ISPs could be forced to block access to the site for Americans. The bill provides little detail about what would constitute an infringing site, which makes the potential for abuse far greater. We have already seen how these kind of systems can be abused. In 2010, ICE (Immigration and Customs Enforcement) mistakenly seized a domain name belonging to a music blog and labeled it as a "rogue site" — the domain name was not returned until a year later (source: http://nyti.ms/uF73mZ). If you would like to see a video explanation of how the bill works and its dangers, please go here: http://vimeo.com/31100268

Site5 has publicly declared our opposition to both bills, and we encourage you to do the same. Contact your representatives in Congress to let your opposition to these bills be known! To locate the contact information for your representatives, visit one of the following websites:

http://www.contactingthecongress.org
http://www.grassroutes.us/sopa

If you're located outside the United States, you can let your voice be heard as well by sending your thoughts via this website:

http://americancensorship.org

Another way to get involved in the fight against SOPA and PIPA is to join in on the blackouts. Many well-known websites such as Wikipedia, Google, and Reddit are demonstrating their opposition, and you can too. Site5 has sponsored a WordPress plugin for participating in blackouts, and it features an easy setup and configuration options within the WordPress admin area:

http://wordpress.org/extend/plugins/sopa-blackout-plugin/

We feel very strongly that the future of the Internet is at stake, and we urge everyone to get involved!

Thanks,

The Site5 Management Team

Developers at the Defense Advanced Research Projects Agency want to build information technology security [1] that goes beyond simply recognizing complex passwords but rather gets in your head to confirm your identity before you get access or continue to have access to important information.

Specifically, the agency's Active Authentication program looks to develop what DARPA calls "novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software-based biometrics."

More security news: From Anonymous to Hackerazzi: The year in security mischief-making [2]

Biometrics is defined as the characteristics used to uniquely recognize humans based upon one or more intrinsic physical or behavioral traits. Active Authorization focuses on the computational behavioral traits that can be observed through how we interact with the world. Just as when you touch something with your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a "cognitive fingerprint," DARPA said in officially announcing the contracting process for the program.

DARPA had talked about Active Authentication [3] at its Colloquium on Future Directions in Cyber Security meeting last October.   "Active Authentication program to tie identity to level of access within system. You're the key to your system.  Want to make machine aware of its operator and are working towards systems managing authentication invisibly in the background," Such new systems might look at the unique words a user types or examine length of sentences and use of punctuation to determine user authenticity, said DARPA program manager Richard Guidorizzi at the meeting. 

In its current announcement [4] DARPA stated: "The current standard method for validating a user's identity for authentication on an information system requires humans to do something that is inherently difficult: create, remember, and manage long, complex passwords. Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus, unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console."

More news: 25 tech touchstones of the past 25 years [5]

DARPA said the current Broad Agency Announcement will address the first phase of what it says will be a three phase development program.  In the first phase, the focus will be on researching biometrics that does not require the installation of additional hardware sensors. Rather, DARPA will look for research on biometrics that can be captured through the technology already in use in a standard DoD office environment, looking for aspects of the "cognitive fingerprint." A heavy emphasis will be placed on validating any potential new biometrics with tests to ensure they would be effective in large scale deployments.

Some examples of the computational behavior metrics of the cognitive fingerprint include:

• - keystrokes
• - eye scans
• - how the user searches for information (verbs and predicates used)
• - how the user selects information (verbs and predicates used)
• - how the user reads the material selected
• - eye tracking on the page
• - speed with which the individual reads the content
• - methods and structure of communication (exchange of email)

The later planned phases of the program will focus on developing a system that integrates any available biometrics using a new authentication platform suitable for deployment on a standard desktop or laptop. The authentication platform is planned to be developed with open Application Programming Interfaces (APIs) to allow the integration of other software or hardware biometrics available in the future from any source, DARPA stated. 

The Active Authentication program is just one of DARPA's many plans to improve system security. At its Colloquium meeting the agency reminded everyone that it had a big hand in creating the Internet and now its wants to get serious about protecting it.  DARPA Director Regina Dugan said that since 2009, the agency has steadily increased its cyber research efforts and its budget submission for fiscal year 2012 increased cyber research funding by $88 million, from $120 million to $208 million. In addition, over the next five years, the agency plans to grow its top-line budget investment in cyber research from 8% to 12%.

Follow Michael Cooney on Twitter: nwwlayer8 [6]  and on Facebook [7]

Links:
[1] http://www.networkworld.com/community/blog/who-really-sets-global-cybersecurity-standard
[2] http://www.networkworld.com/slideshows/2011/120111-security-layer8.html?ap1=rcb
[3] http://www.networkworld.com/community/blog/darpa-detail-program-radically-alters-securit
[4] https://www.fbo.gov/index?s=opportunity&mode=form&id=093ec9cdad8d8dc49e08855eae680084&tab=core&_cview=1
[5] http://www.networkworld.com/slideshows/2011/050911-anniversary-timeline.html?ap1=rcb
[6] http://twitter.com/NWWlayer8
[7] http://www.facebook.com/pages/Layer-8-By-Michael-Cooney/133875286655670
[8] http://www.networkworld.com/slideshow/25895
[9] http://www.networkworld.com/community/blog/nasa's-alternative-space-station-rocks-your-smartphone
[10] http://www.networkworld.com/community/blog/x-prize-offers-10m-competiton-build-star-trek-medical-tricorder
[11] http://www.networkworld.com/community/blog/who-are-go-cybersecurity-help-groups
[12] http://www.networkworld.com/community/blog/quick-look-creation-computer-language-translation-efforts-58-years-ago-month
[13] http://www.networkworld.com/community/blog/nasa-set-mars-bound-spacecrafts-biggest-thruster-blast
[14] http://www.networkworld.com/community/blog/epa-wants-your-environment-pictures-issues-public-photo-challenge
[15] http://www.networkworld.com/community/blog/thick-martian-dust-makes-nasa-pick-sunnier-locale-mars-rover
[16] http://www.networkworld.com/community/blog/dept-energy-developing-project-reinforce-grid-cybersecurity
[17] http://www.networkworld.com/community/blog/nasa-2012-its-really-not-end-world-we-know-it
[18] http://www.networkworld.com/community/blog/murder-it-security-and-other-mysteries-stories-layer-8-2011

• XSS & CSRF: Practical exploitation of post-authentication vulnerabilities in web applications by Marsel Nizamutdinov
• Discovering Modern CSRF Patch Failures by Tyler Borland
• Business Logic Vulnerabilities via CSRF by Eugene Dokukin
• XSS Using Shell of the future by Sow Ching Shiong
• Cross-Site Request Forgery by Jamie
• Security Resolutions for 2012 by Rishi Narang
• Interview with Peter N. M. Hansteen by PenTest Team

• Free Ebook "The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall" worth $30.00 Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to:
  • Create rule sets for all kinds of network traffic, whether it is crossing a simple home LAN, hiding behind NAT, traversing DMZs, or spanning bridges
  • Use PF to create a wireless access point, and lock it down tight with authpf and special access restrictions
  • Maximize availability by using redirection rules for load balancing and CARP for failover
  • Use tables for proactive defense against would-be attackers and spammers
  • Set up queues and traffic shaping with ALTQ, so your network stays responsive
  • Master your logs with monitoring and visualization, because you can never be too paranoid

• PenTest (release date: 1st of each month) – 50 pages of content dedicated to penetration tests, few regular columns written by specialists
• PenTest Extra (release date: 15th of each month) – 50 pages of strictly topical content dedicated each time to different hot topic
• Mobile Pentesting (release date: 7th of each month) – 40 pages of content dedicated to latest mobile topics
• Web App Pentesting (release date: 22nd of each month) – 40 pages of content dedicated to web application topics

Contact PenTest team!
Please spread the word about PenTest magazine!

Enjoy reading!
Krzysztof Marczyk & PenTest team
mailto:olga.glowala@software.com.pl
PenTest Magazine

I created a music video about Crypto using Wireshark to sniff a SSL handshake with Google.  I got some good comments from some Sharkfest presenters and it looks like I am going to present this at Sharkfest 2012 in June!

http://www.youtube.com/watch?v=1dHsj1ZxDto

All Long Island chapter meetings are free. Please water our calendar for up coming events.

For more info contact:  Helen Gao  (helen.gao@wasp.org)

https://www.owasp.org/index.php/Long_Island

Why don't we start thinking of those who really need help? Please consider help to those who don't have warm home to spend Christmas in, who suffer hunger when our tables are full of delicious food, who sleep alone in the shelter, or who spend their holidays in hospital.

• Web Application Security for Newbies part 1. By Herman Stevens
• Web Session Management – reality is a nightmare! By Rishi Narang
• A chance to ease automated Web Site testing. By Marek Zachara
• Cyber Security War – ofensive vs defensive. By Jatin Jain
• Web Application Security – Preservation and Hacking. By Priyanka Tomar
• E-banking ghosts. By Sebastien Bischof and Jean-Marc Bost
• Mike Brennan and Richard Stiennon “Cyber Styletto”

• PenTest (release date: 1st of each month) – 50 pages of content dedicated to penetration tests, few regular columns written by specialists
• PenTest Extra (release date: 15th of each month) – 50 pages of strictly topical content dedicated each time to different hot topic
• Mobile Pentesting (release date: 7th of each month) – 40 pages of content dedicated to latest mobile topics
• Web App Pentesting (release date: 22nd of each month) – 40 pages of content dedicated to web application topics

Buy one year PenTest Subscription until December 25th, 11:59 pm GMT+1, and you’ll get one year of Hakin9 Subscription for free!

Don’t wait for Santa, all is in your hands!