Archive | November, 2006


30 November 2006 | 12,408 views

Hacking Tor – A Flaw Appears?

It seems finally someone has found a flaw in the way Tor works, a way to beat it and find out who is using the system. Perhaps an end to the most anonymous system on the Internet? I got this info fresh from SANS. One of our readers sent in a very worrying analysis of [...]

Continue Reading


28 November 2006 | 7,464 views

the Art of Virology 01h

In this part we will discuss the basic framework of a computer virus… The basics of a virus consists of two elementary procedures (others will tell you three). These are: a search routine a infection routine [anti-detection routines] The search routine This routine will have to be a more delicate one [but not hard to [...]

Continue Reading


27 November 2006 | 19,729 views

Metasploit 2.7 Released – Automated Hacking

The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment. Windows users are encouraged to update as soon [...]

Continue Reading


24 November 2006 | 3,879 views

Oracle MEGA Patch Fixes 101 Security Bugs

Oracle in its very own style recently published a mega patch, it could be called the mother of all patches. Actually 101 bugs…the scary part is 45 can be exploited remotely. Oracle published the mother of all security patches containing 101 fixes for flaws in its database, application server, E-Business Suite and PeopleSoft and JD [...]

Continue Reading


23 November 2006 | 6,426 views

Vulnerability Assessment and Operational Security Testing Methodology (VAOST) – version 0.2 released

Here is a newly released VA methodology, the author believes it to be more focused, and thus cost effective VA process. It may map to internal work, but it is probably more suited to external sites. It’s gone through a couple of revisions so it’s a bit more polished now. You can find the notes [...]

Continue Reading


22 November 2006 | 14,905 views

Web 2.0 Hacking with Firefox and it’s plugins

A dream come true, would I say… recently found this article on securityfocus, it’s awesome… all that you need (beside Firefox) is pointed out in the article, so go on, what are you waiting for… http://www.securityfocus.com/infocus/1879

Continue Reading


21 November 2006 | 7,804 views

AttackAPI 0.8 JavaScript Hacking Suite Available

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found at [...]

Continue Reading


19 November 2006 | 7,229 views

Hackers’ Project – Browser Exploit Code Hiding

Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM “can create [...]

Continue Reading


17 November 2006 | 5,680 views

w3bfukk0r 0.2 Forced Browsing Tool Released

w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:

Note: Not all webservers are handling HTTP status codes [...]

Continue Reading


15 November 2006 | 4,072 views

McAfee buying Tel Aviv startup Onigma for $15-25 million cash

Data security giant McAfee has bought a young Tel Aviv startup, Onigma, for somewhere between $15 million to $25 million cash, surmise hi-tech circles. McAfee will be integrating the Onigma technology in its enterprise security solution, and will be recruiting dozens more Israeli developers for the startup, which will become a local R&D center. Onigma [...]

Continue Reading