Author Archives: BetoFTW

db_autopwn

Posted on August 19, 2010 by BetoFTW

So I have been getting familiar with the db_autopwn function in metasploit. This basically lets you take your vulnerability scan results from Nessus and import the findings into metasploit for automated exploitation. There are tutorials and plenty videos on the … Continue reading →

Posted in Security | Leave a comment

Metasploit Tutorials

Posted on July 22, 2010 by BetoFTW

Hi, its been a while. I have been semi active. I recently published 2 videos on how to use a couple of exploits with Metasploit. 1 with msfconsole and the other with the recently released msfgui. I uploaded one to … Continue reading →

Posted in Security | Leave a comment

Monitoring your Children’s computer activity

Posted on March 30, 2010 by BetoFTW

There was an interesting discussion on twitter today on monitoring your children’s computer activity. Question was brought on by @Mckeay and @falconsview, @andrewsmhay and others joined in. So should you monitor your kids computer activity? Web activity, etc? Is it … Continue reading →

Posted in Security | Tagged internet monitoring, web proxy | Leave a comment

B-Sides Austin and Austin Hacker Space

Posted on March 18, 2010 by BetoFTW

I attended the morning session of Security B-Sides Austin, last week. It was pretty good. Rocky DeStefano, presented on SIEM and that is something that has my interest as of late. He had some very good information and I would … Continue reading →

Posted in Hacks, Security | Tagged austin hacker space, security b-sides | Leave a comment

Information Gathering Phase: The Harvester and Metagoofil

Posted on March 5, 2010 by BetoFTW

As part of a penetration test, before you start sending out exploits and attacks you have to do some information gathering. The first phase of a pentest is reconnaissance. Two good tools that can help you out in doing some … Continue reading →

Posted in pentesting | Tagged metagoofil, pentesting, theharvester | Leave a comment

Penetration Testing Training

Posted on February 8, 2010 by BetoFTW

2 great training courses for pen testing are done by SANS and Offensive Security. If you are working in IT security and are interested in learning new skills or if you are starting out in pentesting, these courses are both … Continue reading →

Posted in Security | Tagged backtrack, pentesting, sans, training | 1 Comment

Password cracking in your organization

Posted on January 22, 2010 by BetoFTW

How do you know your users aren’t using easy to guess passwords? You rely on your Operating system/Active Directory password complexity requirements. You force users to create passwords with Upper case, lower case, number and maybe even a special characters. … Continue reading →

Posted in Security | Tagged password cracking | Leave a comment

SANS Mentor Training in Austin TX

Posted on December 31, 2009 by BetoFTW

On April 6, 2010, I will be mentoring SEC560 Penetration Testing and Ethical Hacking in Austin TX. See link for details and sign up! If you click on the ad at the bottom right of the site, you can help … Continue reading →

Posted in News | Tagged pentest, sans training, sec560 | Leave a comment

Port scan broke my server!

Posted on December 19, 2009 by BetoFTW

Wether it be nmap port scan, Nessus discovery scan, or any scanner that tries to find open ports on a server, you have probably heard atleast once, “hey! that scan broke my server/app”. I must admit I have. I was … Continue reading →

Posted in Security | Tagged port scanning | Leave a comment

Collection of Default Password sites

Posted on December 15, 2009 by BetoFTW

So a thread on the FD mail list gave me an idea to make a post on a list of password websites: http://www.passwordsdatabase.com http://www.phenoelit-us.org/dpl/dpl.html http://cirt.net/passwords http://dopeman.org/default_passwords.html http://www.cyxla.com/passwords/passwords.html

Posted in Security | Tagged default passwords | Comments Off

Bad Behavior has blocked 169 access attempts in the last 7 days.