Archive | August, 2006


12 August 2006 | 9,162 views

TCPReplay suite 3.0.beta10. Released

Another good tool updated! TCPReplay suite 3.0.beta10 has been released. For those that don’t know Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you to [...]

Continue Reading


10 August 2006 | 4,544 views

OWASP – Fortify Bug Taxonomy

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation! It seems very well written too in terms that anyone familiar with software development or programming can understand. Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of [...]

Continue Reading


08 August 2006 | 5,060 views

Cyberwar Efforts Step-Up – NASA Sites Hacked

Ah cyberwar, cyber terrorism, efforts are ramping up, more sites are going down. The war in Lebanon is now showing its consequences in the digital world and a huge number of websites has been attacked and defaced as a protest against the invasion of Lebanon by Israel. Today two NASA websites were attacked as well. [...]

Continue Reading


07 August 2006 | 11,538 views

Wapiti – Web Application Scanner / Black-box testing

Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, [...]

Continue Reading


04 August 2006 | 4,766 views

419 Scammers Duplicate Interpol Site

Scammers are getting more inventive and so it seems more technically advanced. They have actually duplicated the Interpol site to dupe people. 419 advanced fee scammers have created an exact copy of the Interpol website, which is expected to be used to dupe victims into believing they are dealing with the real International Criminal Police [...]

Continue Reading


03 August 2006 | 4,468 views

eEye Duster – Dead/Uninitialized Stack Eraser

Duster is the Dead/Uninitialized Stack Eraser, an injectable DLL that causes uninitialized stack and heap memory in its host process to be wiped over with a specific value. It is intended as a crude tool to assist in the run-time discovery of uninitialized memory usage problems by increasing the chances that the host process will [...]

Continue Reading


02 August 2006 | 7,026 views

eEye Binary Diffing Suite (EBDS)

The eEye Binary Diffing Suite (EBDS) is a free and open source set of utilities for performing automated binary differential analysis. This becomes very useful for reverse engineering patches as well as program updates. The first tool is BDS, the Binary Diffing Starter from Andre Derek Protas. This tool helps reverse engineers with batch-analysis of [...]

Continue Reading


02 August 2006 | 14,331 views

Firefox Extension Spyware – FormSpy

The antivirus specialists at McAfee have warned of a Trojan that disguises itself as a Firefox extension. The trojan installs itself as a Firefox extension, presenting itself as a legitimate existing extension called numberedlinks. It then begins intercepting passwords and credit card numbers entered into the browser, which it then sends to an external server. [...]

Continue Reading


01 August 2006 | 11,970 views

Israeli Hackers Join the War Against Palestinian Sites

Israeli hackers have decided to ‘help’ and join the war against Palestine. The hackers group that calls itself “IDF” (which also means Israeli Defence Force) has hacked dozens of sites, erased the site content and replaced it the index with a picture of the Lebanon destruction that is made by Israeli Defence Force as an [...]

Continue Reading


01 August 2006 | 13,656 views

SpikeSource Spike PHP Security Audit Tool

Spike is an Open Source tool based on the popular RATS C based auditing tool implemented for PHP. The tool Spike basically does static analysis of php code for security exploits, PHP5 and call-time pass-by-reference are currently required, but a PHP4 version is coming out this week. This tool is especially welcomed by Darknet as [...]

Continue Reading