NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Immunitysec Daily Dave> 2008-q4

Re: [Dailydave] Stuff you might have missed in the CANVAS Ecosystem

From: Mohammad Hosein (mhtajikgmail.com)
Date: Tue Oct 14 2008 - 12:09:43 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

well ,
as much as i love one-click stuff ( which are by the way available on the
wild side of the game . Russian Brothers , cool people from China ,
dangerous underground Romanian and Brazilian Crews , Hello! ) i have to
bring up this issue now that its on the list
the licensing model and price of these packs are really far away from what
individuals and freelancers can afford . anyone else here thinks the same ?

On Tue, Oct 14, 2008 at 8:05 PM, Dave Aitel <daveimmunityinc.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> D2's latest exploit pack has a couple cool tools in it:
> 1. a malicious PDF file creator
> 2. a malicious Java Applet
>
> If you're doing client side penetration tests, sometimes no exploit is
> the best exploit. Both of these are "one click to own" things.
> Immunity uses the D2 pack against our clients when we do penetration
> tests. No one can write everything!
>
> And of course Gleg continues to produce interesting remotes in things
> like J2EE servers. Luckily no one uses those, right? At this point
> they have 280 additional modules for CANVAS which almost doubles the
> size of CANVAS's standard exploit modules.
>
> And there are more third-party packs on the way! The value of these
> tools is in the content built on top of them.
>
> - -dave
> (hahahame at using the word ecosystem. Such a Microsofty word!)
> P.S. Everyone should have the cojones to post their static analysis
> responses to the list!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFI9MpUtehAhL0gheoRAtUeAJ9/PAR7t2MTDG3n/kb5REqFixELcQCbBb+H
> VEOK6SFmBQpLO5FXHpa/rcs=
> =4b/h
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]