Rather than representing a definitive guide, this document represents a review of the specific security issues identified during Portcullis Computer Security Ltd’s recent research into System V shared memory segments and their usage. Continue reading
smaSHeM is a System V shared memory segment manipulator. Continue reading
Presentation on system level vulnerabilities (as given at 44CON 2013). Continue reading
UNIXSocketScanner is a UNIX domain socket scanner. Continue reading
Presentation on auditing and bug hunting on AIX (as given at 44CON 2012). Continue reading
NOPC (Nessus-based Offline Patch Checker) is patch-checker for UNIX systems. It is a shell script that utilises Nessus’ nasls and gives instructions on what data is needed to be obtained from the system to perform to derive a list of missing security patches. This was developed for situations when network connectivity to the systems under review is not possible.
SSHatter is a perl script to perform brute force attacks on SSH. Continue reading