This is just a quick tip to remind myself and in case anyone else stumbles upon the same problem.

While installing Windows 2008 r2, I encountered a 0xc0000225 error immediately after starting the boot from the iso. It turns out that you need to edit the settings for the VM to turn on IO APIC (Under System, Motherboard tab) in order for the install to complete. Soon as I did that, the install continued as normal.

Simple fix, hopefully it helps someone pulling their hair out in frustration.

What is it?

Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration testers and the feedback from an active open source community.

How it works

Websecurify uses several key technologies combined together to achieve the best possible result when performing automatic and manual tests. At the core of the platform sits a Web Browser. This allows Websecurify to gain a fine-grained control over the targeted web application and as such detect vulnerabilities that are difficult to find with other tools.

The carefully engineered user interface is simple to use but powerful. All tools and platform features are integrated with each other. This allows smooth transition from one type of task to another and it also makes it easier to work with the complex flow of data, gathered during the penetration test.

The built-in vulnerability scanner and analyzation engine are capable of automatically detecting many types of web application vulnerabilities as you proceed with the penetration test. The list of automatically detected vulnerabilities include:

SQL Injection Local and Remote File Include Cross-site Scripting Cross-site Request Forgery Information Disclosure Problems Session Security Problems many others including all categories in the OWASP TOP 10 Websecurify design principles emphasise on ease of use and extensibility. Virtually every single platform component can be extended with the help of add-ons and plugins. This means that task and business specific customizations can be introduced without the need to worry about cross-platform issues, deployment, internationalization and future support.

Why Websecurify

Websecurify is a carefully engineered piece of software, which packs years of hands-on penetration testing experience. It is actively used and improved on a daily basis by full-time penetration testers and web security researchers. Unlike other products, all Websecurify features are designed to be easy to use and to aid the penetration testing process from start to finish in any possible scenario during automated, semi-automated or fully manual penetration tests.

The penetration testing platform is the only one of its kind. Websecurify is in effect built on the top of a browser and can understand all modern web technologies including upcoming web standards and current technologies such as HTML5.

Google Chrome

The Websecurify security testing engine is also available for the Google Chrome (Chromium) web browser. This extension provides intuitive web application security testing environment which is easy to use by everyone: from casual users who want to check the security of their web apps to experienced professionals.

Websecurify for the Google Chrome Web Browser is a perfect fit for busy web developers and penetration testers who are working on the next big thing but must keep the security perimeter tight. For more information visit Chrome Webstore.

Main Features

Some of the main features of Websecurify include:

Available for all major platforms (Windows, Mac OS, Linux) Simple to use user interface Builtin internationalization support Easily extensible with the help of add-ons and plugins Exportable and customisable reports with any level of detail Moduler and reusable design Powerful manual testing tools and helper facilities Team sharing support Powerful analytical and scanning technology Built-in service and support integration Scriptable support for JavaScript and Python Extensible via many languages including JavaScript, Python, C, C++ and Java

More information can be found at the Websecurify website

OSVDB

Go to http://osvdb.org to register your account. After registering, you will receive an email to activate your account.

After the activation of your account, you can login to OSVDB. Go to "Account" -- "API" to copy the API code.

Open a terminal and run:

nano /pentest/enumeration/web/cms-explorer/osvdb.key

Copy the API code onto the osvdb.key file.

Nessus

Go to http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code and select "Using Nessus at Home?" to register.

You will receive an email with instructions on getting a code, then open a terminal and run:

/opt/nessus/bin/nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX

To create a user :

/opt/nessus/sbin/nessus-adduser

(You can leave the rule field empty)

Start the Nessus from the menu of Back|Track 5, "BackTrack" -- "Vulnerability Assessment" -- "Vulnerability Scanners" -- "Nessus" -- "nessus start".

Or, just run:

/etc/init.d/nessusd start

After that, go to https://localhost:8834/

Ever thought that your USB storage device was running slower than it should? It seems that the default settings for Windows 7 regarding the maximum transfer size are quite low (64KB in fact). This means your speeds may in fact be lower than what they potentially could be.

To help with this issue, Microsoft has release an update to help users potentially increase their USB storage device transfer speeds. KB2581464 is the knowledge base article and the KB2581464 fix can be downloaded from here. After the fix you can change the maximum transfer size from 64KB all the way up to 2MB with the following directions:

1. Click on start menu (or press Windows + R keys) and enter regedit

2. Now navigate for following registry path (Note: VVVV represents device descriptor idVendor in hexadecimal and PPPP represents device descriptor idProduct in hexadecimal): HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlusbstorVVVVPPPP

3. Click Edit, point to New, and then click DWORDValue.

4. Type MaximumTransferLength, and then press Enter.

5. Click Edit, and then click Modify.

6. In the Value data box, type a value to specify the maximum transfer size between 65535 (64KB) and 2097120 (2MB)

7. Exit Regedit

The hotfix is compatible with Windows 7, Sp1 & Windows 2008 R2 (32 as well as 64 bit operating system).

Microsoft released a fix today for an issue with network connections being stuck in public mode. When you connect to a network, there is an option called "Treat all future networks that I connect to as public, and don't ask me again" which after selecting, you may not be able to change.

The fix can be downloaded from Microsoft Support KB and then click the Microsoft Fix It button which will download a program. Run that program and it will guide you through the fix.

There are also manual instructions which are:

1. Close or suspend any applications that uses the network.

2. Click Start, type device manager in the Search programs and files box, and then press Enter.

3. Browse list of devices and click to expand Network adapters

4. Right-click on the first adapter under Network Adapters and click Disable. (Repeat this step for all network adapters on your system under Network Adapters). Note: After each change, Device Manager will rescan your hardware. Your monitor may blink when refreshed, this is expected.

5. While still in Device Manager, re-enable only the adapter that is associated with the public-network setting that you are trying to change. (Example, if you're trying to connect to your wireless network, enable the wireless adapter.) Note: Your system will notice your network reappearing and try to connect. This connection attempt may fail, but that's ok, this is expected.

6. Click Start, and type Network and sharing Center in the Search programs and files box, and then click Network and Sharing Center, from the list

7. In the lower left side of the dialog box, click Choose homegroup and sharing options.

8. Click What is a network location?, and select your network location. Note: If you want to continue setting up a homegroup, follow the remaining prompts. But a homegroup isn't required, so you also can simply exit the homegroup setup after you select the correct network location.

9. The last step is to re-enable your remaining adapters, one by one in Device Manager. To do this simply Right-click each of the disabled adapters under Network Adapters and click Enable.

10. When all Network Adapters are enabled, close the Device Manager and you're done.