News - Main Page
Whitepapers
Tools and Download
Presentations

Portcullis Labs

Tools Presentations White Papers

Portcullis Labs is managed by the Portcullis Security Technical Team and provides an easier access to our public tools and papers. We built this website to share our knowledge without any barrier. You'll find several tools, papers and presentations mostly by security geeks for security geeks.

If you are interested in Portcullis Computer Security Services please visit our corporate website to get more information.

Recent Content

RSS Feed RSS Feed - All Updates
  • VulnAppA vulnerable application written in ASP.net
  • Breaking the links: Exploiting the linkerPresentation on exploiting linkers (as given at Uncon 0x12 and CRESTCon 2010)
  • HTML 5 Good Practice Guide
  • Web Application Password Reset Good Practice GuideOver the years of application testing we have seen many bad password reset implementations, so we have put together a good practice guide to help design a secure process for your applications
  • secdumpsecdump is a simple meterpreter module that uploads and runs gsecdump. Nothing fancy, just a time saver.
  • nopcnopc is a Nessus based Unix patch checker. It utalises Nessus' nasls and instructs you on what data you need to manually get from the system to perform that patch check. This was developed for situation when network connectivity to the systems under review is not possible.
  • Attacking Windows DomainsCRESTCon presentation looking at the Windows Domain Authentication model
  • Apple iOS In the WorkplaceThis whitepaper discusses the security of Apple iOS with perticular focus on its usage in the workplace.
  • SSHatterPassword brute forcer for SSH
  • Firefox Lockdown
  • Introducing Heyoka: DNS Tunneling 2.0
  • OWASP AU 2009 SlidesSlides from OWASP Appsec Australia 2009.
  • Insecure Trends in Web 2.0 Applications
  • Flash Security
  • MS08-067 checkAnonymously check if a target machine or a list of target machines are affected by MS08-067 vulnerability
  • udp-proto-scannerudp-proto-scanner.pl discovers UDP services by sending triggers to a list of hosts.
  • Apache UsersEnumerate the usernames on any system that uses Apache and the UserDir module.
  • polenumpolenum is a python script which uses Core's Impacket Library to get the password policy from a windows machine
  • vesslvessl is a bash script that uses openssl to get and verify the ssl certificate of a remote server
  • BSQL HackerBSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
Browse content by Tags