Thursday, October 9, 2008
The new version of Metasploit - the vulnerability testing tool - will make it easier for network security testers to infiltrate web browsers, its developer claims.
Speaking at the SecTor conference in Toronto, H D Moore told crowds that version 3.2 of the open source tool would allow to expand their range of network security attacks using strengthened and novel tools with names such as Browser AutoPwn and Evil Wireless Access Point.
There are also a number of new "man in the middle" attacks, which divert users away from their intended location by hijacking web requests, internetnews.com notes.
"It will abuse the HTTP security model, stealing cookies and saved form data," Moore explained.
"For http we do a whole bunch of evil things to a browser."
The Metasploit project website insists that the software is intended for experimental purposes only and is designed to improve network security installations.
Related News:
Firm announces $10,000 hacking contest - 11.13.2008
One company is using network security as a promotional tool as it invites hackers to attempt to compromise its software platform.
Mozilla rushes to fortify Firefox - 11.13.2008
A new version of Mozilla's Firefox browser has been launched which aims to overcome a number of potential data security issues.
Microsoft patches four critical flaws - 11.12.2008
In its monthly security bulletin, Microsoft has identified four vulnerabilities which could lead to a data security breach.
Network and data security converge - 11.12.2008
In recent times, firms have come to realise the value of integrating data security and network security principles to ensure effective business operations.
Sys admin nabbed after extortion attempt - 11.11.2008
A network security administrator at an unnamed mutual fund firm in New York who was made redundant has been arrested after allegedly blackmailing his former employer.
