Downloads

The New Wave Of Information Security Threats
This presentation gives an overview of endpoint security issues, and offers strategies for reducing data theft risks at minimal cost.

Slurp Audit
A small utility that demonstrates exactly how quickly and easily someone with privileged access can steal data using an iPod or similar portable storage device.   slurp.zip

 

nmap bot
Demonstrates the use of instant messaging (via computer or cell phone) as a communications channel with a remote bot. Security professionals - run ethereal and your intrusion detection tools to see if you can identify nmap bot communications in active network traffic.   nmapbot.tar.gz

 

RPC Mail
This demonstration application uses e-mail as a remote command and control application. While not as full featured as a similar SOAP application, RPC-Mail can serve as an excellent learning tool for demonstrating the risks related to unrestricted e-mail access in an enterprise.   RPC-Mail.tar.gz

 

Monkey Shell
Similar to netcat, but with a Web Services twist.  "Shell shovel" a remote console via XML. Since most firewalls allow HTTP traffic that is bound to port 80, monkey shell can bypass most "out of the box" firewall configurations.   monkeyshell.tar.gz