After speaking with @Solardiz over twitter yesterday I’ve decided to share this little tweak to John the Ripper which can help to import larger pot files without having to wait for years for it to load up.

As a password cracker, I not only know the importance of having a large .pot file, I have quite a large .pot file which has been accumulated over quite some time cracking passwords. Recently I noticed my password cracker taking forever to load up. This article will describe the process I used to not only speed up start up but also the way I’m currently managing my .pot file.

Emery over at the HackTalk Forums recently posted a very small tutorial that addresses a specific driver issue in BackTrack. With his permission I’ve cross-posted his tutorial on getting the Realtek RTL8188CU chipset working with BackTrack.

In this install meant of The Pentester’s Guide To The Galaxy we’ll be talking about an important aspect to traveling, the illusive art of packing.

HackTalk Security has partnered with PenTestMag.com to bring you this contest which will get 3 lucky HackTalkers a copy of The Best Of Pentest ( http://pentestmag.com/the-best-of-pentest-012012/ ), over 200 pages of juicy hacking goodness. To enter this contest head on over to the forum: http://hacktalk.net/news-5/%28contest%29win-a-copy-of-the-best-of-pentest-magazine/

I get a lot of questions pertaining to my job as a security consultant as well as the common things I experience as a security consultant. More often than not I’ll talk about (read: complain) the different trials and tribulations attached with being a security consultant before even hitting the client’s site. This guide is [...]

Alex over at Question-Defense posted an article in March about stopping WordPress User Enumeration. It turns out that in reality, he not only wanted a more formal patch for this vulnerability but I also knew of another user enumeration vulnerability in WordPress. After hanging out for a bit at Blackhat he and I decided to plop down and come up with a formal patch to address these vulnerabilities. If you want to read the full article on this post check out: Block WordPress User Enumeration, Secure WordPress Against Hacking Grab the patch after the fold:

Responsible disclosure is something I firmly believe in and I think it’s something all security researchers should practice. Recently I contacted T-Mobile about multiple vulnerabilities in their website and I’d like to talk about my experience with them to show that not only does responsible disclosure work, it is highly effective.

This is the Official podcast for HackTalk.net. In Episode 0×01 we will be discussing why the podcast was formed along with some Do’s and Don’ts of con, why security awareness programs suck, how to protect yourself against getting your DB posted to pastebin and ensuring your user’s credentials are safe even if they do get posted online, a really cool technique for persistence using WMIs and talk about some tips on secure password storage.

The last time I blogged about Team GhostShell was to talk about the eponymously named #ProjectGhostShell (read more here ). It seems that Team GhostShell is back with one helluva kickoff to #ProjectDragonFly. More information after the fold.