Archive | September, 2006


29 September 2006 | 8,637 views

Google Eavesdropping Software

This is a little scary, intensely personal ads which to be frank are getting a little invasive as it is..It’s like the part in minority report where the billboards scan your eyes and talk to you using your name and history of purchases. It looks like it might be happening sooner than we think. The [...]

Continue Reading


28 September 2006 | 9,431 views

Security Compass Web Application Analysis Tool – SWAAT

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature [...]

Continue Reading


27 September 2006 | 29,614 views

Super Mega Wi-Fi Hacking Machine – Janus Project

Apart from the fact Janus is almost like Anus this is a very cool project. Seriously this is really geeky stuff, but super cool. If you think seeing a dozen wireless networks makes your computer the ultimate scanning box, think again. A small security firm has made a portable computer that is capable of scanning [...]

Continue Reading


26 September 2006 | 9,358 views

Nerdcore Hits the Streets – Geek Music for the Masses

Something a little off-topic for once, nerdcore is getting big! Geek music is hitting the streets. Gangsta is dead. Grime is a bore. There’s a new beat on the street and it’s called Nerdcore. This geeky hip hop subgenre, also dubbed CS rap (that’s computer science, yo!), is finally booting up with the release of [...]

Continue Reading


25 September 2006 | 17,227 views

FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability

A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID [...]

Continue Reading


24 September 2006 | 6,592 views

Most Damaging Computer Attacks Rely on Stolen Logins

A sterling case for two factor authentication if I ever saw one. The rule is use two of the 3 methods of authentication, if possible use all 3. What you have (A USB key or Token) What you are (Biometrics – Fingerprint or Iris scan) What you know (A password or passphrase) More than 8 [...]

Continue Reading


22 September 2006 | 5,265 views

SIFT Web Method Search Tool

SIFT has just published a world-first tool for identifying rogue web methods. The Web Method Search tool is a Windows based application that uses a hybrid dictionary attack in an attempt to find unpublished administrative and other web services functions. As web services are becoming more prevalent, poor security practices from previous generations of application [...]

Continue Reading


21 September 2006 | 6,821 views

DOE Hit By Hackers and Covered Up

Ahah! More government cover-ups? This one was a while back too. Digging on those archives right now yah. A hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department’s nuclear weapons agency, scary eh? The US government security really does scare me sometimes, their internal departments [...]

Continue Reading


20 September 2006 | 40,634 views

Domain Stealing or How to Hijack a Domain

Please note this is an old technique again, just for learning purposes, learn how the old techniques worked and why they worked, then try and discover new ways to do things. Summary The sole purpose of the information contained in this advisory is to point out the flaws in InterNIC’s domain name handling system and [...]

Continue Reading


20 September 2006 | 5,117 views

China Outlaws Private E-mail Servers

Ah China, always been famous for repressing their population, now there repression is moving onto the Internet and using digital means.. Just like the so called ‘Great Firewall of China’, I’ve been meaning to do an article about that for quite some time, I have something drafted. Anyway the latest thing China has done has [...]

Continue Reading