Kali Linux 2017.1: The Professional Penetration-Testing Distro!

Kali Linux really needs no introduction today. It is the de-facto open source, Debian-based operating system for penetration testing, vulnerability assessments, digital forensics and wireless assessments.  It is one of those operating systems that I see being actively developed and has a huge and helpful community. This post talks about the improvements and new tool additions in the latest open source Kali Linux 2017.1 Rolling release.

Kali Linux
Kali Linux

Continue reading “Kali Linux 2017.1: The Professional Penetration-Testing Distro!”

Ostinato: The Network Traffic Generator and Analyzer!

I had covered Ostinato in our earlier blog, before it got blown away and was reminded of it when I was working on the Apache Struts S2-046 vulnerability. I had a .pcap file which I had to replay and this is where Ostinato came into picture. A bit off track, if you want to protect yourself from S2-045 & S2-046, and your application is on Apache, simply add the following to your .htaccess file:

<IfModule mod_headers.c>
RequestHeader unset Content-Type
RequestHeader unset Content-Disposition
RequestHeader unset Content-length
</IfModule>

Back to Ostinato:

Ostinato
Ostinato

Continue reading “Ostinato: The Network Traffic Generator and Analyzer!”