RPDscan (Remmina Password Decrypt Scanner) is a tool to find and decrypt saved passwords in Remmina RDP configurations. Continue reading
AMES is a tool to parse the new Nessus output files and autogenerate an easy to copy and paste command line exploit using Metasploit CLI. Continue reading
WordPress Build Review is a tool to check the basic security settings in a WordPress installation. Continue reading
rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services). Continue reading
iker is a Python tool to analyse the security of the key exchange phase in IPsec based VPNs. Continue reading
cspCalculator is a PoC implementation of a dynamic Content Security Policy creator. Continue reading
The purpose of this tool is to catch crashes from OS X applications and print debugging information such as registers, disassembled code and a memory dump of the stack. The intended use is with the conjunction of an application fuzzer. Continue reading
There are a number of ways to own a webapp. In a shared environment, an attacker can enumerate all the applications accessible and target the weakest one to root the server and with it all the webapps on the box. To try and emulate this approach on a pentest, we have to find ALL THE VHOSTS. Continue reading
At the outset of an external infrastructure test it’s often useful to ensure that the addresses you’re testing are correct, and actually owned by the client. Failure to do so can result in an awkward situation, and one we here at Portcullis Labs would like to avoid wherever possible. With this in mind, we’ve learned to whois… like a boss. Continue reading