Distributions such as Kali Linux make it easier for us to carry out our penetration tests, vulnerability assessments, digital forensics gigs and wireless assessments. However, there are very few tools on such distributions that help you test the security of Internet of Things (IoT) devices as it needs bit of a customization. We now have AttifyOS to fill in the gap and help us test IoT security. Read more about AttifyOS: IoT Devices Testing Distribution!
Kali Linux really needs no introduction today. It is the de-facto open source, Debian-based operating system for penetration testing, vulnerability assessments, digital forensics and wireless assessments. It is one of those operating systems that I see being actively developed and has a huge and helpful community. This post talks about the improvements and new tool additions in the latest open source Kali Linux 2017.1 Rolling release. Read more about Kali Linux 2017.1: The Professional Penetration-Testing Distro!
I had covered Ostinato in our earlier blog, before it got blown away and was reminded of it when I was working on the Apache Struts S2-046 vulnerability. I had a .pcap file which I had to replay and this is where Ostinato came into picture. A bit off track, if you want to protect yourself from S2-045 & S2-046, and your application is on Apache, simply add the following to your .htaccess file:<IfModule mod_headers.c> RequestHeader unset Content-Type RequestHeader unset Read more about Ostinato: The Network Traffic Generator and Analyzer!