Prevent spammers from sending mails that abuse your domain name using an SPF record

All mail server administrators will have encountered the following problem: spammers send out spam and they spoof the mails so that the sender appears to be a user in the domain you are managing. Unfortunately there is not a lot that can be done to prevent spammers from sending such these spam mail. There is however a way in which receiving mail servers can check whether the mail was send from your mail server or whether is was a spammer who used a mail server that is not authorized to send mails from your domain. This can be accomplished with SPF (Sender Policy Framework).


Scan for POODLE using nmap from a Windows machine

Researchers from the Google Security Team have published findings about a vulnerability in SSL 3.0. CVE-­2014­-3566 has been allocated for this protocol vulnerability. It is possible to use nmap to scan for the presence of this vulnerability by doing a scan on the supported SSL/TLS protocols. This post shows how to scan for the POODLE weakness using nmap.


Translating C++ variable types to AutoIt types when using DllCall

Using DllCall in AutoIt given you enormous power to extend the functionality of AutoIt. It allows you to implement almost everyting in AutoIt that you can implement in C++.
However, one of the most difficult things when working with DllCall is to know how to type the variables that you pass to DllCall.
The table below show how to convert C++ and Windows API types to AutoIt types:

C++ AutoIt


Solution for java.lang.ClassNotFoundException when loading your Burp Suite extention

When building your own Burp Suite extension, it can occur that compiling your code and creating the jar works find, but that you get the exception java.lang.ClassNotFoundException when loading your extention in Burp Suite. This article shows the solution to your problem.

The reason is suite simple: Burp Suite expects to find your implementation in a Java package called "burp". Having the line package burp; in your source files is not enough! You also have to take this into account when creating your jar file.


Creating and building Burp Suite extention using Java command-line tools

Burp Suite allows you to easily write your own plugins, to perform complex and highly customized tasks within Burp. PortSwigger (the developer behind Burp Suite) created a series of blog posts wherein he explains what can be done with Burp Extensions. In his first blog post about the subject (see Writing your first Burp Suite extension) PortSwigger explains how you can build your own extension using an IDE. Some of us prefer however to not use a heavy IDE, but to compile the jar from the command-line. This article show how to use the javac and the jar command to create your Burp extension from the command-line.



Subscribe to RSS