Info-Letter vol.2

Hi all,

This month’s reading list. Make sure to check out the tools sections.

Traditional Pen-testing is Dead: A frank look at the state of affairs of our daily job

10 Steps to creating your own IT Security Audit

Preparing for an ISO 27001 Audit

Dilbert on Identity Theft (Comic)

Hide your entire Operating System from prying eyes (Local System Security)

Sys Admins Gone Rogue – Biggest Insider Threat

Pentesting with Burpsuite – Taking the web back from Automated Scanners

Google Offering Bounties for Bugs in Web services

Real-time Phishing: A leap in phishing attack techniques


Firesheep: Firefox addon to demonstrate the impact of browsing without HTTPS encrypted session.

EFF: HTTPS Everywhere– Firefox addon to force the browser to opt for HTTPS versions of the sites (Twitter, Google, Facebook, Paypal)

Social Engineering Toolkit (v1.0) – ‘Devolution’ release :
(Version adds several key components including new attack vectors, a web GUI interface, a way to automate SET behavior)

Be safe!!



Leave a Reply

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.