Saturday, April 30, 2011

A New Life with Cloud Computing

Most people know what Cloud Computing is. But, do you know how can someone begin his life with Cloud Computing?

Take an example of Amazon S3 cloud computing services. It stands for Simple Storage Service.

First, we can backup and/or archive all the local files (documents, media, etc) to S3, which available online from everywhere later on. Most of us may currently backup/archive our files using a portable hard disk. Let's see what's the cost of choosing S3 instead of portable hard disk.

S3 operates on a basis of paying only for what you use, with separate fees for storage, data transfer and data requests. Ignoring data request fees because the cost is minimal, the fees break down as follows:

Storage: 5GB free, then $0.15/GB per month (100GB = $15)
Data Transfer (Upload): $0.10/GB
Data Transfer (Download): $0.15/GB

As an example then – if you used it to store 100GB of data – it would cost you $10 to upload it all, $15 per month to store it, and a further $15 when you decided to download it all again.

So do you need to buy a 250GB portable hard disk and carry it everywhere you go?

Secondly, we may want to backup/archive all the online information we had, such as social feeds and online personas.

Again, by using Amazon S3 and Backupify, it simplifies and automates the backup/archive of all these below.
Automatic Backup by Backupify

Most important is, it allows you to search from the backup easily!

And finally, your life will be uncluttered with this cloud computing.

Friday, April 29, 2011

Remote Command Executor

RemCom is RAT [Remote Administration Tool] that lets you execute processes on remote windows systems, copy files, process there output and stream it back. It allows execution of remote shell commands directly with full interactive console.

It is similar to psexec except it is open source.

Download RCE at
For more info, refer to

Thursday, April 28, 2011

Two Visualization Tools for Twitter

Two visualization tools for Twitter are introduced here: mentionmapp and twiangulate.

Mention Map is a Twitter visualization tool that displays the connections to a Twitter account. The tool is being upgraded but the original version is still available (click on the "classic link" at the bottom of the page.)

Twiangulate is another Twitter visualization tool that enables you to compare two or more Twitter accounts. The end result is a Venn diagram of commonalities as well as a table of the top followers.

Thursday, April 21, 2011

MyEmail 404

Front-end powered by UNIX Apache; Back-end powered by Microsoft.

Goto the default web page and all I get is an instruction to cPanel. :-)

MyEmail Default Web Page

Wednesday, April 20, 2011

RawCap - Network Sniffer for Windows

RawCap (only 17kB)  is a free raw sockets network sniffer for Windows. It requires no external libraries or DLL, just standalone exe.

It can sniff any interface including loopback, WiFi, PPP interfaces.

Personally, I use it for 2 purposes: penetration testing and incident response:
  • Sniff additional credential after break into remote machine (admin) without Winpcap or NDIS driver.
  • Sniff loopback interface to detect data leakage via SSL tunnelling proxy.
  • Sniff WiFi (WPA2) for any suspicious TCP connections.

RawCap is provided for free and can be downloaded from here:

Monday, April 18, 2011


FindDomains is a multithreaded search engine discovery tool.

It retrieves domain names/web sites which are located on specified ip address/hostname. It can be very useful for penetration testers during reconnaissance domain names/web sites/virtual hosts/virtual IP.

Main highlights:
  • Uses Bing search engine. Works with first 1000 records.
  • Multithreaded on crawling and DNS resolution.
  • Performs DNS resolution for extracted domains to eleminate cached/old records.
  • Has a console interface.
  • Works with Mono (under Linux), but running under Windows is more efficient.
  • Requires .NET framework 3.5
Find it at

Monday, April 11, 2011

Open Computing Project

Under an initiative dubbed the Open Compute Project, Facebook released designs for the technology powering its new data center in Prineville, Ore., which Facebook says is 38 percent more efficient and 24 percent cheaper to run thanks to its custom engineering.

Tuesday, April 05, 2011

Network Forensic Analysis of SSL MITM Attacks

SSL is not a panacea. If someone performs a man-in-the-middle (MITM) attack on HTTPS traffic (i.e. HTTP over SSL), he would be able to see all encrypted content in clear text format.

There are some legitimate reasons to eavesdrop the HTTPS traffic, such as your employer or your government.

If you suspect your network traffic is been monitor, how would you go about doing forensic analysis of captured network traffic from a suspected MITM attack?

Here's the summary of the articles that shows you how:

  • Extract the X.509 certificates (with *.cer) from the captured SSL traffic with NetworkMiner.
  • Inspect the extracted files.
  • Verify the IP and DNS
  • Look for any self-signed cert, revoked cert and non-trusted CA signing cert.
  • Verify MD5 fingerprint of an SSL cert with OpenSSL

$ openssl x509 -inform DER -in -noout -fingerprint -md5
MD5 Fingerprint=52:12:A2:B1:27:E3:BB:CC:E5:F5:AA:BD:A1:A1:E6:F8

More references: