Delay or new release?
The new release still stucks. By this I am thinking on the option to drop this release and to wait further 6 weeks until we release the next and better release.
The new release will be based on a different core system and will be far better than the solution we have now with the DSL based solution.
Another delay… hmm…..
Seems that Kryshaam did not made it this week. Sorry for further delay… Overall we will do a complete redesign of DVL.The base DSL seems no more to be the promising solution. The development has started, goal is latest in 6 weeks availability. For the Black Hat Edition: If Kryshaam can not make it until April 25 then I publish the version with the slight bugs in it.
Damn Vulnerable Linux Black Hat Edition ready to go…
Finally the Damn Vulnerable Linux Black Hat Edition is ready to go.
DVL Black Hat Edition is finally finished
DVL Black Hat Edition is finally finished. I do some last tests, then we will provide the image to the mirrors and go public on April 15.
How to setup HLA under DVL
If you want to develop software with HLA Assembly Language, you should add some lines to your .bashrc:
hlalib=/usr/lib/hlalib.a
export hlalib
hlainc=/usr/include/
export hlainc
Then type in the .bashrc directory
.bashrc
We will add this to the next release for you to minimize such effort 
Then try this:
program helloWorld;
#include( “stdlib.hhf” );
begin helloWorld;
stdout.put( “Hello, World of Assembly Language”, nl );
end helloWorld;
save this file as helloWold.hla. The run with ./helloWorld.
DVL Black Hat Edition arriving on April 15.
DVL Black Hat Edition will contains some more tools to play with. You can find the release notes here. Beside all these tools DVL Black Hat Edition will include Metasploit 3.0 (final). The old Metasploit 2.x worked fine under DVL but after updating with 3.0 the dependencies were broken. This is the root cause of the DVL Black Hat Edition delay. Looking forward to see everything working!
JavaScript Hijacking
Fortify Software (www.fortifysoftware.com) just send me a paper on JavaScript Hijacking which has some nice examples included on how to attack Ajax systems. If they work under DVL I will add them.
DVL Documentation Project started.
Today I have started to “glue” the first 60 pages into the DVL Documentation Project. Currently Binary Exploitation is focussed, later we move to PHP and SQL injection topics. hm…. I really hate all this formatting stuff 
Tool integration of DVL Black Hat Edition (DVL 1.1) has just been finalized
The tool integration of DVL Black Hat Edition (DVL 1.1) has just been finalized. Still some few dependency problems with
0xf001 Comments on DVL
0xf001 has given some worthful comments on DVL. I take them serious especially his comments on the tools and documentation - which will be integrated into the next DVL release
thanks Zero to clear up, its very appreciated!of course, I will do send you the stuff. a good list is found at my page which resurrected
from which i want to point out:
- linice (if that would work, i know its quite a challenge. i also didnt hear more than rumors. i try to work on it, first on knoppix)
- fenris (old but excellent. maybe difficult to include, too)
- biev
- khexedit (ok, no kde - no khexedit) || hexedit
- irc clientoptinal, strange ideas
- a copy of the filez folder of my page: documentations
- a copy of the phrack magazines
- why no solutions to the crackmes?i am glad to see lida on there
i admit its interesting to work with it, but its too limited and i did not reach my goals that time. i feel need to mention it, as when it possibly gets so much attention as side effect to your distro. i am working again on a serius replacement.
i looked more into dvl. my opinion is, you could do improvements on “integragtion”. what i mean are for example the context menus. to click “rmb” on desktop offers your dvl menu. that is quite empty
i want to say what i like too: i find it very good, that a RE/hacking dedicated distro is appearing. and i like that there are crackmes included, and you try to set standards. of course they will not please everyone in the first place, but one should try to do something better, i know the efforts of creating a distro, and keeping it up to date.
i will for sure contribute. i want to try to write a crackme. i did not check them for a long time, i found them usually too easy. i try to protect in the way i see it in commercial products. also i will send u a DSL package of review soon.
-
News
-
Security Labs Blog
-
Damn Vulnerable Linux
-
Get in touch
-
Get your free copy!
-
Security Consulting
IITAC offers additional services such as Secure Software Development, Binary Auditing, Copy Protection, Digital Rights Management, Security Concepts and Security Consulting!Scientific Hacking™
Go far beyond classical ethical hacking! Instead of using tools only look under the hood, instead of making multiple choice tests only get certified by true practical assessments!IDA Pro Training
Get trained to analyze malware, vulnerability or copy protections with the no. 1 binary analysis tool IDA Pro!
Cognitive Debugging™
The debugging skill of the programmer is probably the biggest factor in the ability to debug a problem, but the difficulty of software debugging varies. Cognitive Debugging™ trains debugging with respect to brain and mental abilities! Both combined result is most powerful debugging results!Action-based Training™
IITAC professional bootcamps enhances your qualification. We provide courses, seminars, trainings and workshops in the field of IT Security, Secure Software Engineering and Software Engineering. Online training activities are supported by training videos or live online events.Certification acc. ISO 17024
Get certified according to ISO/IEC 17024 100% online! No need to travel around! Learn whenever you want, where you want! Get certified home exercise like… without time pressure!