Comments for Redspin Security Blog

Comment on Identity Theft Check Up: Electronic Medical Records are the New Credit Cards by Medical Identity Theft Plagued by Confusing Claims

Medical Identity Theft Plagued by Confusing Claims — Wed, 08 Feb 2012 20:23:28 +0000

[...] some strange figures, such as 86,168 victims in 2001 and 255,565 victims in 2005. For example, the Redspin blog, states “Several of these cases, dating back to 2005, are documented by the World Privacy Forum [...]

Comment on Installing Metasploit 4 in Ubuntu 11.04 by Joker_47

Joker_47 — Mon, 30 Jan 2012 20:25:05 +0000

good

Comment on Burp Suite Professional to XML: BURP2XML by ms

ms — Fri, 20 Jan 2012 21:49:45 +0000

Are updates to this script available? I’ve been trying to use it in a project and am having issues parsing many session files. I’ve encountered situations where milliseconds_to_date returns a string (because of the try), which then blows up burp_binary_field because of calling .ctime() on a string.

I’ve also hit situations where the script is returning XML that lxml.etree and a second visual XML editor cannot parse. For instance, I hit http://www.startpage.com, http://www.yahoo.com, http://www.google.com, http://www.offsec.com; saved the session and then parsed it with burp2xml.py. Parsing the XML with lxml.etree gives “XMLSyntaxError: xmlParseEntityRef: no name”

When the XML comes out clean, the script does exactly what I need.

Comment on HIPAA Security Risk Analysis: How to Achieve Both Security and Compliance by Andrew Frazier

Andrew Frazier — Sun, 15 Jan 2012 13:48:31 +0000

Good articulation of the HIPAA risk analysis requirement, and how it applies to MU.

Comment on Identity Theft Check Up: Electronic Medical Records are the New Credit Cards by Transformer Games

Transformer Games — Thu, 10 Nov 2011 08:43:40 +0000

some really choice articles on this site, bookmarked .

Comment on Sed, Grep and Awk by 10 tools that can help data journalists do better work, be more efficient | Atulya Basic

Tue, 11 Oct 2011 04:25:31 +0000

[...] can assistance conduct files and a information within them. If you’re on OSX or Linux, we have sed, awk, grep and find. (There are ports for Windows, as well.) Using these utilities, we can start to try and [...]

Comment on NMAP Database Output : XML TO SQL by BG mail

BG mail — Sun, 09 Oct 2011 14:48:14 +0000

I have recently started a blog, the information you provide on this site has helped me tremendously. Thank you for all of your time & work.

Comment on Installing Metasploit 4 in Ubuntu 11.04 by Aimad-Eddine

Aimad-Eddine — Tue, 27 Sep 2011 11:57:36 +0000

Yeah ! it’s working fine, thank you !

Comment on Get a Meterpreter Shell Using SMB Credentials by jcran

jcran — Sun, 18 Sep 2011 01:28:06 +0000

Yo Mark!

You might be interested in this as a (ruby and) .rc file scanner: http://blog.pentestify.com/psexec-scanner-self-contained

Also, depending on your use case, you may want to look at some of the samples (run_exploit_using_base.rb) for automation purposes. For instance, you could write a script based on that that sample to automatically check a known list of passwords w/ a script. It just creates a framework object & runs the module you configure in pure ruby, no need to mess with msfcli, etc

Hope it helps!

Comment on Nsploit: Nmap grows some teeth by mopu887

mopu887 — Thu, 08 Sep 2011 13:03:15 +0000

I’m impressed with this web website , very I m big fan .