News - Main Page
Whitepapers
Tools and Download
Presentations

Portcullis Labs

Tools Presentations White Papers

Portcullis Labs is managed by the Portcullis Security Technical Team and provides an easier access to our public tools and papers. We built this website to share our knowledge without any barrier. You'll find several tools, papers and presentations mostly by security geeks for security geeks.

If you are interested in Portcullis Computer Security Services please visit our corporate website to get more information.

Recent Content

RSS Feed RSS Feed - All Updates
  • ldapuserenumAn information disclosure vulnerability exists in the manner that Microsoft LDAP server responds when binding to the LDAP server
  • Insecure Trends in Web 2.0 Applications
  • Flash Security
  • MS08-067 checkAnonymously check if a target machine or a list of target machines are affected by MS08-067 vulnerability
  • udp-proto-scannerudp-proto-scanner.pl discovers UDP services by sending triggers to a list of hosts.
  • Apache UsersEnumerate the usernames on any system that uses Apache and the UserDir module.
  • polenumpolenum is a python script which uses Core's Impacket Library to get the password policy from a windows machine
  • vesslvessl is a bash script that uses openssl to get and verify the ssl certificate of a remote server
  • BSQL HackerBSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
  • Deep Blind SQL InjectionDeep Blind SQL Injection is a new way to exploit Blind SQL Injections with a 66% reduction in the number of requests.
  • DoS Attacks Using SQL WildcardsThis paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications.
  • Introduction To Format Strings
  • Contact
  • acccheckThe tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the 'smbclient' binary, and as a result is dependent on it for its execution.
  • MIBparseMIBparse.pl has been designed as an offline parser to quickly parse output from SNMP tools such as 'snmpwalk'.
  • How to Detect and Exploit 99% of XSS Vulnerabilities
  • nbtscan-1.5.2NBTscan is a program for scanning IP networks for NetBIOS name information.
  • GUI Access Through SQL Injection
  • Sun Patch CheckSun Patch Check lists missing security patches by comparing the output from the Sun Solaris "showrev" command to that from the Sun recommended patch list.
  • More Adventures in Format Strings
Browse content by Tags