I installed Kali Linux from the mini ISO, so I ended up with a fully functioning Linux system but with little to no tools (just nmap and ncat). In order to install the tools that are making Kali what it is, I had to install the metapackages. For me, the easiest option was to install all of… Continue reading Updating Kali Linux from behind a restrictive proxy
Intercepting custom communication protocols in Windows 7
Actually, the title should have been: “Don’t feel lucky and go beyond the first result in a Google search”. I’ve been using EchoMirage for some time but apparently I’ve been using the wrong one. Because when you search for it in Google you normally click the first link. Right? Wrong!
Techniques to play with custom and encrypted protocols
An interesting presentation from DEFCON20 provided by Elie Bursztein and Patrik Samy called “Fuzzing Online Games” touches areas of application security where traffic analysis is not enough to perform a penetration test. As stated by the authors: “In a nutshell the lack of direct access to the game server and having to deal with clients… Continue reading Techniques to play with custom and encrypted protocols
Socks proxy for non-socks applications
For several reasons you may want to use a socks proxy, but a lot of command line applications are not able to work with a socks proxy. wget for example is unable to work directly with a socks proxy. Also, configuring wget to work with a http proxy is a pain. You can’t specify the… Continue reading Socks proxy for non-socks applications