Grey bar Blue bar
Share this:

Mon, 8 Oct 2007

Suru Version 2.0

We are pleased to announce the release of Suru version 2.0, our MITM proxy.

Suru has now been rewritten to work with the .Net 2 runtime environment and includes all the features of the original 1.x stream, as well as numbers of enhancements and upgrades.

Features which have been added since the last 1.1 stable release include the following:

  • Upstream proxy support
  • Response timing for timing-based attacks
  • Highlighting of search terms in the request editor and the browser
  • Neater and sortable request and fuzz list boxes
  • Request interception
There is currently a known bug when using Suru 2.0 with Mac OS/X and Parallels, but we hope to have the issue ironed out as soon as possible and will release a fix for this in the very near future.

Please visit for more information.

Mon, 30 Jul 2007

Suru version 1.2 Beta

Suru version 1.2 beta is a fairly comprehensive upgrade to Suru, our MITM assessment tool.

Suru version 1.2 comes with a number of bug fixes and enhancements, including the following:

- Support for upstream proxy servers with basic auth. - Request timing - Highlighting of requests in both the request editor and the browser - Enhanced sorting of requests - Neater request and fuzz result lists

Suru version 1.2 Beta can be downloaded from

This is a beta version, so we'd really appreciate it if any bugs discovered can be forwarded to


The SensePost research team.

Tue, 3 Jul 2007

SensePost Training at Black Hat Las Vegas

The Black Hat Briefings is arguably the most significant technical security conference in the world. It takes every year in Las Vegas and also includes a series of diverse technical training courses. For the sixth time this year SensePost will be presenting a series of courses from our 'Hacking By Numbers' range at the briefings. There are a number of courses catered for most levels of technical experience, starting with 'Cadet Edition' for novices and ending with 'Combat' for expert level hackers.

Like every every year our course content, labs and tools are updated to reflect the most current thinking, both at SensePost and in the industry at large. Some of the changes and updates include:

- Students receive free versions of all SensePost tools - Wikto, Aura, Suru, BidiBlah, etc - Students receive free additional tools training on the newest versions of all SensePost tools - in the evenings after courses finish - Combat now includes four brand new labs, including Ajax hacking, SQL truncation, a touch of reversing on top of the timeless classics - Bootcamp now covers Metasploit 3.0 and Nessus 3.0.6, OllyDebug and lots more Web Application hacking - Cadet now covers Wikto 2.0, Google Hacking with Aura and the newest versions of BiDiBLAH.

All courses have been scheduled so that students can follow at least one progression - from Cadet to Bootcamp or from Bootcamp to Combat.

Read more:

Or register online: index.html

We look forward to seeing you there!