An interesting tool for Java source code analysis is OWASP LAPSE Plus. You can see the instructions to set it up on the project’s page or here. OWASP LAPSE Plus requires Eclipse Helios and a number of people who know more than me at stack overflow suggest that you should not install eclipse using apt-get. …
A nice tool for SSL cipher testing is this Perl script: ssl-cipher-check.pl, however, in Backtrack and also on other distros you may get this error the first time you run it: ssl-cipher-check.pl -vw my.exampledomain.com 443 … ERROR: Unable to find /usr/bin/gnutls-cli-debug. Please install the gnutls-devel package To avoid that simply install the missing package as …
SSH provides shell access and as such it is one of the services that must be secured as well as it is possible. Step 0a – Change the default password IMPORTANT!: The first thing to do with Backtrack is to change the default password: To start the SSH service having the default password enabled is …
NOTE: This will work in backtrack, ubuntu and pretty much any Linux distro as far as I know There are times where you would like to open a service to the internet and it is ok to only allow one host/IP address to connect to you, for example: – Host-to-host transactions – During a pentest …
Introduction When you setup the VNC server you can connect remotely with GUI access to Backtrack, for this reason, it is best to start the VNC server BEFORE you enter the GUI, that will save a little bit on resources such as RAM. The VNC server service will provide no encryption, so make sure you …
This blog post will explain how to configure stunnel to allow non-SSL speaking tools (like for example netcat) to communicate with SSL protocols, in our example we will use HTTPS. Before stunnel, direct attempt of using a non-SSL tool: # nc www.example.com 443 HEAD / HTTP/1.0 .. 400 Bad Request Bad Request Your browser sent …
