MORE ENTRIES
- It's the applications, stupid
- Will a whitelist save personal computing?
- Thousands of Web sites under attack
- To solve the unsolvable problem
- Re-thinking the security of virtual machines
- Security Development Lifecycle trumps code complexity
- Is your Web site FIPS compliant?
- Computer security: Why have least privilege?
- Strategic security: Get a handle on authentication
- Control user installs of software
Security Adviser | Roger A. Grimes »
Metasploit browser vulnerability detection evasion module
RATE THIS ARTICLE:
November 02, 2006 | Comments: (0)
Metasploit browser vulnerability detection evasion module
Hackers create browser vulnerabilty detection evasion module for Metasploit
I'm a little late in reading about this, but in case you haven't heard, H.D. Moore, LMH, and Aviv Raff are developing a plug-in module for the Metasploit Framework that will allow browser exploit code to be obscured and malformed to increase the difficulty of detection by static content-based scanners.
Here's an excellent article on it. This referenced article summarizes the basic evasion techniques used and is worth the read.
Posted by Roger Grimes on November 2, 2006 06:27 PM
RATE THIS ARTICLE:
-
- COMMENTS
TOP STORIES
HP buys EDS for $13.9 billionCorporate software spending slows
MS targets smartphone market
SOA Software buys LogicLibrary
Phishers scamming IRS rebates
Sun to clarify JavaFX plan
MS' dev tool service packs
Developers' role shifting
MS: SP3 reboots OEMs' fault
Apple: iPhone out of stock
ADDITIONAL RESOURCES
- Application Security: Threats and How to Counter Them
- Why Linux Threats Mean Business
- Minding the Machines: PC Disaster Recovery for the Enterprise
- Protect Your Data with SSL
- Prevent Your Next Microsoft Exchange Outage
- 11 Myths About Microsoft Exchange Backup & Recovery
