Webinar: ECSA First Look – APAC, ME, India

28 03 2010

I had a chance to attend this webinar organised by EC-Council.
I think it was very informative. I have many things to revise in the near future, but need to lay these precious information down here.

1.cURL : embed data with URL syntax

2. WAF or Web Application Firewall can be detected easily by injecting
valid request then sending malicious request with payload such as > < ? & / %. If it returns “501 Method Not implemented”, WAF is probably stood in front of that web application.
curl -i http://www.cnn.com/cmd.exe | grep "501 Method
3. Good WAF links:
WAF by OWASP
WebKnight: Open Source WAF for webservers
ModSecurity: another good Open Source WAF
SecureSphere by Imperva: a nice enterprise WAF

4. WAFW00f : WAF detecion tool

5. fierce : Domain Scan

6. securitytube.net : youtube like page for computer security

7. Good proxy tools
Tor
TorTunnel
cyberghost : CHIP magazine recommended

8. Metasploit with db_pwn automate pentesting, quick and easy way

9. Find an article in arp suppression on CISCO.

10. Test robots.txt and crossdomain.xml such as
> http://www.cisco.com/robots.txt
> http://www.cisco.com/crossdomain.xml

11. wapiti : web application vulnerability scanner

12. maltego : commercial open source intelligence(OSINT) and forensic application

13. Metasploit’s Meterpreter

14. sqlcmd : sql command on cmd

15. log analysis

16. OpenVAS : Open Vulnerability Assessment System under GNU

Thanks Joseph McCray of Learn Security Online and EC-Council for giving a really good webinar even the audio streaming was not good enough.


Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: