More results...
So, my Defcon talk, ultimately about ending clickjacking by design. TL:DR: The web is actually fantastic, and one of the cool things about it is the ability for mutually distrusting entities to share the same browser, or even the same web page. What’s not so cool is that embedded content has no idea what’s actually […]
It must be summer because security companies that use door to door selling tactics are out in force. We came across the following news story that unfortunately, seems to be occurring more and more. This kind of deceitful behavior will end up costing yo…
We’ve been awfully quiet lately, which usually means something is brewing below the surface. In the past few months we’ve been working feverishly on our next generation of Kali Linux and we’re really happy with how it’s looking …
So some of the more fun bugs involve one team saying, “Heh, we don’t need to validate input, we just pass data through to the next layer.” And the the next team is like, “Heh, we don’t need to validate input, it’s already clean by the time it reaches us.” The fun comes when you […]
So I went ahead and did a podcast with Stewart Baker, former general counsel for the NSA and actually somebody I have a decent amount of respect for (Google set me up with him during the SOPA debate, he understood everything I had to say, and he really applied some critical pressure publicly and behind the […]
For the latest information, please see our documentation on Docker
Last week we received an email from a fellow penetration tester, requesting official Kali Linux Docker images that he could use for his work. We bootstrapped a minimal Kali Linux 1.1.0a…
The nicer weather starts the beginning of “Summer Programs” that many home security companies employ to generate door to door home security systems sales. The Summer Program consists of security companies hiring temporary workers that go door to door a…
A short while ago, we packaged and pushed out a few important wireless penetration testing tool updates for aircrack-ng, pixiewps and reaver into Kali’s repository. These new additions and updates are fairly significant, and may even change your …
Vulnerability scanning is a crucial phase of a penetration test and having an updated vulnerability scanner in your security toolkit can often make a real difference by helping you discover overlooked vulnerable items. For this reason, we’ve manu…