Ah finally a decent 0-day exploit tracker, one that isn’t underground and could be fairly useful to everyone.
0-day as basically stated in the article is an exploit not known publicly or available publicly well before any patches are available, some private groups often have exploits for a year or more before someone else discovers them, [...]
Cain & Abel is easily one of our favourite password crackers here at Darknet, especially because it’s oldskool but still under development, unlike most other projects which have been abandoned as time passed.
Cain & Abel has some awesome stuff built in like native network sniffing and network password grabbing.
Cain & Abel is a password recovery [...]
Social Engineering again, someone praying on xmas spirit and good will to spread their filthy malware.
It quite often happens during festive times, someone hatches a new worm and sends it out packaged as a jolly xmas card or game.
A significant worm outbreak over the new year festivities has put paid to the notion we’ve seen [...]
SIFT has released a new Intelligence Report titled ‘A Web Services Security Testing Framework‘. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications.
Web services are a widely touted technology that aim to provide tangible benefits to both business and [...]
Oh look! Another 0-day in Windows…this time in Media Player, there was a few in Word lately and the latest thing that just hit is an XSS flaw in PDF files online.
I’ll report more on those later.
The Windows Media Player library WMVCORE.DLL contains a potentially exploitable heap buffer overflow in its handling of “REF HREF” [...]
As a security consultant, job functions include Penetration Testing and Vulnerability Assessments. The aim of these types of engagements is to demonstrate risk to the customer. One of the steps involved in demonstrating risk is password auditing (”cracking”) in order to assess the strength and quality of passwords in use in the environment.
On a Windows [...]
Criminals are not stupid, cyber criminals are the same breed, perhaps even smarter than the traditionalists as they are utilising new ways of doing the same old tricks online.
Now the online criminals are recruiting fresh grads to help them push the boundaries further.
Organised crime is “grooming” a new generation of would-be cybercriminals using tactics which [...]
MTR was written by Matt Kimball, with contributions by many people. Take a look at the “AUTHORS” file in the distribution. Roger Wolff took over maintenance of MTR in october 1998.
MTR combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool.
As MTR starts, it investigates the network connection between the [...]
WordPress was “born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL. It is the official successor of b2/cafelog. WordPress is fresh software, but its roots and development go back to 2001. It is a mature and stable product. We hope by focusing [...]
AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies.
AttackAPI 2.0 branch is a lot better then the 1.x. Now [...]
There’s been quite a few Microsoft related exploits recently, but not in Windows, people have moved their focus towards the application layer and the top of the OSI stack.
This time it was a 0-day Vulnerability in Microsoft Word.
The original news comes from SANS Internet Storm Center Diary (ISC).
Microsoft has reported Word 2003, Word 2002, Word [...]
Finally a replacement for the way outdated and rather crappy NmapFE!
Unfortunately sometimes we do have to actually use Windows, and Nmap cleverly overcame the problems with raw sockets on Windows SP2 by using ATM frames instead, so it’s cool.
Now we just need a decent GUI so it fits into the whole scheme of things, and [...]
It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam.
The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20.
20% of the people are sending 80% of the messages, one of the big groups is [...]
SPIKE Proxy is part of the SPIKE Application Testing Suite, It functions as an HTTP and HTTPS proxy, and allows the web developer or web application auditor low level access to the entire web application interface, while also providing a bevy of automated tools and techniques for discovering common problems. These automated tools include:
Automated SQL [...]
It seems like it’s getting really serious in the Gary McKinnon case, he’s facing what looks like his last appeal against the US anti-terror law case against him for hacking some NASA systems by guessing the weak passwords.
Not like he’s really a terrorist, or did any damage…he did something very stupid though, bruised the ego [...]
Recently a bug in certain versions of PHP came to the attention of the Wordpress developers, this bug could cause a security vulnerability in your any blogs running version 2.0.6 or below blog. It was fairly easy to work around, so they decided to release 2.0.7, just 10 days after the release of 2.0.6, to [...]
Data recovery is an important subject and it’s definitely a good thing to have a positive understanding of data recovery and how it could effort you personally or your business.
So someone told me about this Data recovery article which is a decent original reference to data recovery which contains some good original information, links to [...]
This is sad news as PHP hasn’t particularly had a good security record in the past.
He has voiced his frustrations with the internal workings of the PHP team and the development process, he has been working hard to make PHP inherently more secure…But from the look of things it seems like he was having a [...]
Wep0ff is new tool to crack WEP-key without access to AP by mount fake access point attack against WEP-based wireless clients.
It uses combination of fragmentation and evil twin attacks to generate
traffic which can be used for KoreK-style WEP-key recovery.
This tool can be used to mount fake access point attack against WEP-based wireless clients.
This code tested [...]
Ah the old mythical tale of hacking your school to change your grades to straight A’s, well I know people do it, I’ve seen it in the past…but now someone has actually gotten caught for it.
And what’s more..he’s the senior class president!
Cooper City High School’s senior class president was arrested Tuesday and charged in [...]
Ah the logic bomb, a source of humour for many due to it’s frequent showing up in ‘hacking’ movies, and it’s complete mis-use.
ZOMG THE LOGIC BOMB IT’S GONNA PWN US ALL!
A former UBS PaineWebber employee was sentenced to eight years in prison on Wednesday for planting a computer “logic bomb” on company networks and betting [...]
SIP Proxy is an Open Source VoIP security test tool which has been developed by the students Philipp Haupt and Matthias Halimann during their diploma thesis and second student research project at the University of Applied Sciences Rapperswil.
With SIP Proxy you will have the opportunity to eavesdrop and manipulate SIP traffic. Furthermore, predefined security test [...]
Now this is a massive growth, 8000% percent..woah!
Thankfully losses are still ‘modest’ whatever that means, I guess although the attacks grow in
number, awareness an education also increases (in places like UK anyway) so the risk is fairly well mitigated.
UK incidents of phishing scams have grown 8,000 per cent over the last two years, according to [...]
Technitium MAC Address Changer v4 (TMACv4 C4) has been officially released.
Technitium MAC Address Changer allows you to change Machine Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample of information regarding each NIC in the machine. [...]
The famous Phenoelit Default Password List has been updated, it’s been quite some time since an update.
http://www.phenoelit.de/dpl/dpl.html
This is a must have resource on your pen-drive and backed up offline somewhere for those important times when you need to know the login for a router/switch
Web Hack Control Center is a GUI based web server vulnerability scanner or assessment tool. This application gives you the means to identify which security vulnerabilities exist on your web servers by scanning them for the most popular server exploits. WHCC contains a database of thousands of exploits for a variety of web servers. This [...]
This is a bit of hacking in the original sense of the word, taking a $60 router and giving it the capabilities of something costing in the hundreds or thousands (enterprise level).
Of all the great DIY projects at this year’s Maker Faire, the one project that really caught my eye involved converting a regular old [...]
I love the Burp Suite, I really do. It’s pretty much my favourite local proxy program and my favourite suite of tools for security testing web applications (especially the session investigation and manipulation parts).
Another great thing is it’s cross platform, so you don’t have to learn different tools for Windows and Linux.
Basically Burp suite is [...]
Now Vista is actually out we haven’t heard much about it, before it’s commercial release however there was a lot of flaws released and discussion about the (in)security of the OS. The architecture does seem a lot better..
But still it’s from Microsoft, how long until we get a remote root exploit giving the highest level [...]
Introducing a pair of tools that go well together and give you some good control for HTTP transaction analysis and looking at the security of web applications.
Odysseus is a tool designed for testing the security of web applications.
Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy [...]
Towards the end of last year Cafepress.com came under heavy DDoS attack (Distributed Denial of Service) which took it down for some time.
The problem with DDoS attacks is there’s not much you can do to prevent it, if that guy has enough zombies resulting in enough bandwidth, you are going down.
DDoS attacks have gotten pretty [...]
Caecus is a unique tool which can bruteforce some OCR form based protections.
As far as we know at Darknet, this is the only publicly available OCR brute forcing tool.
These scripts generates a digital image as an extra layer of security called OCR. Some versions of this script also use session id’s to keep track [...]
As always, spam filters get better and smarter, but so do spammers..and frankly spammers have more to gain by beating the spam filters so they always work harder and think in more innovative ways.
As they get their spam resembling real emails more and more, the spam filters become less accurate.
On top of that they start [...]
Feature Overview – The Secunia Software Inspector:
Detects insecure versions of applications installed
Verifies that all Microsoft patches are applied
Assists you in updating your system and applications
Runs through your browser. No installation or download is required.
How Does it Work:
The Secunia Software Inspector relies on carefully crafted “Secunia File Signatures” to recognise applications on your system. The detected [...]
Yes it’s been exactly one year since Darknet was relaunched in it’s new form supported by Wordpress and a variety of posts about tools, tutorials and the latest news from the information security and specifically ethical hacking areas.
The first post of the new site:
Welcome to Darknet – The REBIRTH
It’s been an interesting year with 2 [...]
Google started the new year by fixing a serious vulnerability in Gmail.
This was quite an interesting case and once again (as everything relating to web apps seems to be nowdays) it was an XSS flaw that allowed malicious attackers to steal your contact list, leading to some pretty bad information leakage.
Google has fixed a vulnerability [...]
AccessDiver is a security tester for WEB sites. It incorporates a set of powerful features which help you find and organize failures and weaknesses from your web site.
AccessDiver can detect security failures on your web pages. It has multiple efficient tools which will verify the robustness of your accounts and directories [...]
Solaris is pwned by a similar vulnerability to one discovered on AIX systems in 1994.
Yes people that’s 13 years ago…and Sun are still vulnerable, as reported by SANS.
The following will give you root on a lot of Solaris systems:
telnet -l “-froot†[hostname]
Cool eh?
The Internet Storm Center is urging system administrators to disable or restrict telnet [...]
THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment.
It supports a LOT of services and protocols too.
Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols to attack. [...]
A pretty cool song about RFID and RFID hacking from Monochrom.at.
Written and first performed at 23C3 (23rd Chaos Communication Congress) in December 2006 in Berlin as part of monochrom’s ‘Proto-Melodic Comment Squad’.
Users, there’s trouble ahead
I said users, it is totally sad
But users, the future lies in your hand
Cause it’s all about surveillance
Comrades, you don’t know [...]
sqlmap is an automatic blind SQL injection tool, developed in python, capable of enumerating an entire remote database, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.
Features
Test [...]
This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought).
Once again an XSS flaw shows up in MySpace.
digi7al64 found yet another hole in myspace using non-alpha-non-digit exploit. Again, [...]
Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It’s terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can [...]
I saw a pretty interesting article a few days attempting to reverse engineer the mosaic tool used often online to obscure sensitive or confidential information.
The article shows that the mosaic isn’t actually very random, and in a way you can brute force reverse engineer the mosaic to reveal the contents before they were obscured.
It’s ok [...]
Google has fixed a security flaw in its desktop search software that created a means for hackers to rifle through personal files on users’ PCs.
A failure in Google Desktop to “properly encode output containing malicious or unexpected characters” created a means for hackers to cross from the web environment to the desktop application environment.
So if [...]
LFT
LFT, short for Layer Four Traceroute, is a sort of ‘traceroute’ that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, et al.
What makes LFT [...]
This is a pretty cool new development, something straight out of a Tom Clancy thriller or a spy/hacker movie.
Introducing Spy Coins! People are actually being warned about picking up stray coins as they might have surveillance devices inside.
Can the coins jingling in your pocket trace your movements? The Defense Department is warning its American contractor [...]
ADtool is a neat tool to help you list all the machines that are part of an Active Directory driven domain or network.
It is intended to help pentesters and admins in their day to day work, there are some other tools that can accomplish the work for listing domain servers, but unfortunately all other tools [...]
It’s good to have a variety of Operating Systems in your hacking lab at home, it helps you get familiar with them..as to break things, you have to know how they work first.
So get to know Solaris, they have some pretty neat security related software inside their OS and generally are pretty good when it [...]
Michael Daw has collected some WEB backdoors to exploit vulnerable file upload facilities and others. It’s a pretty useful library for a variety of situations, especially for those doing web application security audits and web app security.
Understanding how these backdoors work can also help security administrators implement firewalling and security policies to mitigate obvious attacks.
All [...]
A paper about cracking SHA-1 originally surfaced in 2005, from a fairly reputable scientific source in China, it was widely publicised nor talked about much.
But then recently, just last month China managed to make a wave out of it, almost 2 years after the initial ‘report’.
It was even Slashdotted on January 20th 2007, the article [...]
Handy Recovery is pretty neat software, there is occasions when I’m using Windows and I need to recover something or I’ve deleted something by mistake (I have a habit of using SHIFT+DEL so it’s not even in the recycle bin.
I usually use Active Undelete and was pretty happy with it, I got a chance to [...]
…finally after three months of inactivity (exams, parties and so) I made some time to write this virus and this article… so for the ones who read this series… ENjOY =)
The Old School Virus
Yeah, I gave up writting infant-b because even the [a] version was full of bugs, and had to logicaly restructure the code [...]
Recently a fairly huge credit card breach occurred involving a large retail company called TJX, with more than 2,000 retail stores.
Some pretty well known brands there, I know I’ve used some of them…the sad part is they themselves still haven’t worked out the extent of the damage done to their information.
For me this has serious [...]
Of course it’s a small article about md5… I really wondered how many Micro$oft Windows users check the md5 sum of programs that they download from the internet…
Do you really trust that much the mirror websites?
Even I could set up a mirror website for any download website and spread malformed packages to include, trojans, backdoors, [...]
Some sneaky hacker got into the Wordpress download server and placed a backdoor in the latest available version (2.1.1).
Luckily within a day someone reported the exploit to the Wordpress team and they took the site down to investigate.
This morning we received a note to our security mailing address about unusual and highly exploitable code in [...]
An Austrian web site called AV Comparatives has done an ‘independent‘ test of 17 different Anti-Virus products and released the results online.
On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products. In order to get tested by us, [...]
There are not many good tools for replaying traffic, most people use WireShark (formely known as Ethereal) for capturing the traffic, but what happens if you want to take that capture and reply it over the wire?
Someone has this problem so they decided to code their own solution, thankfully for us! There are quite a [...]
It didn’t take them long! A while ago some smart chaps worked out the a way to extract the HD DVD and Blu-ray Disc “volume keys” to decrypt AACS DRM on individual films (This was about 2 months ago).
Now they have cracked the scheme behind it, the so called “processing key” used to decrypt the [...]
The Common Password Problem.
Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, this [...]
A massive online heist, some (like McAfee) claim it’s the biggest ever online sting involving a bank, it’s comes in at about half a million pounds or or $1.1 million USD.
Using some l33t0 custom trojan, it seems to be more a case of lack of education and the whole situation could have been avoided by [...]
A new tool dealing with web sessions was recently announced, it’s called stompy, a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they’re predictable or simply vulnerable to brute-force attacks, we do have a problem.
The [...]
Ah another trojan, this time targeting MSN Live logins for. The trojan has been made public by some kind citizen calling himself “Our Godfather” on the BitTorrent network.
The sad thing is…I guess it works and hundreds of people will have installed it.
Malware designed to steal users’ Windows Live Messenger password has been released onto the [...]
ADN – Active Directory Navigator is a little tool to visually explore an Active Directory and perform a simple dictionary attack against users’ password.
You can download the tool here:
ADN – Active Directory Navigator
MD5 4a1e3bb33a25d91d7d7a70877f8374ef
SHA1 a0bf80e9426835b88cc6604784d2d949efe5645f
Notes: It requires .NET framework and PCSoft framework
It’s a scary thought to find out perhaps a quarter of Internet connected machines could be zombies…The sad part is, I think it could well be true, as most of the non tech savvy Internet users I know still use Internet Exploder and their machines are riddled with crapware, trojans, viruses and spyware.
Imagine how many [...]
Technika was developed for the computer security professionals to automate common exploitative task from the browser. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page just like Greasemonkey (spawn processes, unrestricted XMLHttpRequest connections and sockets). You can autorun bookmarklets and perform safe operations on the currently [...]
Backup Platinum is an Windows platform backup program to make another copy of your important stuff so if your PC burns/gets pwned/crashes etc you won’t lose everything.
It supports backup by Hard or USB drives, CD-R/W or DVD±R/RW media, FTP server or Local Area Network (LAN).
It’s easy enough to download and install, you can grab it [...]
Clustered Firewalls? What on earth next, beowulf IDS systems?
Check Point has added cluster support and more granular controls to its virtual firewall software, memorably named Check Point VPN-1 Power VSX NGX.
Virtual firewalls can now be distributed around a server cluster, with standby firewalls on alternative servers. System administrators can also shift processor power around, taking [...]
This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers.
The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a [...]
Well at least it shows the Internet is not very susceptible to such attacks due to its distributed nature, even if the root nameservers are down, the DNS system still functions.
This was a pretty heavy attack though and the most significant in the past 5 years or so, someone testing their ego I guess.
I CAN [...]
OWASP JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data.
The purpose of this application is to provide a single, [...]
After the web 2.0 hacking with firefox and its plugins article I wrote some months ago, recently I found a new way to transform firefox in the ultimate pen-testing tool… actually it has been lying in my inbox for days…
…new Firefox Framework Map collection of the most useful security oriented extensions. We called the framework [...]
Agnitum Outpost Firewall Pro is a software based firewall I respect a lot, and used to actually use…It used to be fairly light weight, secure and had some good features the other firewalls at the time didn’t have (system file integrity checking and so on).
But nowadays with NAT routers, the need for desktop firewalls is [...]
Finally it’s out of BETA, Metasploit Framework Version 3.0 has been released and it’s a lot more Windows friendly.
The Metasploit Framework (”Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide [...]
(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. It can be distributed only in the form of the original non-modified PDF document.
ISSUE 1.10 (February 2007) – DOWNLOAD
Microsoft Windows Vista: significant security improvement?
Review: GFI Endpoint Security 3
Interview with Edward Gibson, Chief Security Advisor at Microsoft UK
Top 10 [...]
Black hat hackers vs White hat professionals – This is the Black & White Ball
The Black & White Ball will be held at the stylish Ministry of Sound venue in London, the date is to be confirmed (but it will be in September).
In security parlance, the terms Black Hat and White Hat refer to hackers [...]
Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout [...]
It seems like people that make malware are getting more specific nowadays, the are no longer writing random self-propagating worms or trojans just for the sake of knowledge or notoriety.
Far more common nowadays is malware for specific purposes to capture login or banking details for certain sites or organisations.
This time it’s a custom trojan targetting [...]
What is PHProxy?
PHProxy is a Web HTTP proxy programmed in PHP to bypass firewalls and other proxy restrictions through a Web interface very similar to the popular CGIProxy. School/country/company blocked your favorite Website? Look no further!
The server that this script runs on simply acts as a medium that retrives resources for you. The only IP [...]
The Chaos Communication Camp is an international, five-day open-air event for hackers and associated life-forms. The Camp features three conference tracks with interesting lectures, workshops and other stuff.
Chaos Communication Camp 2007 will take place at a brand new location at the Airport Museum Finowfurt, directly at Finow airport. So if you like, you can directly [...]
There is another option for DNS Brute Forcing which uses threads, so may be faster than TXDNS 2.0 which we posted about recently.
What does it do?
This program was written to extract valid hosts of a domain that deny zone transfers.
The program supports:
IPv4 => IP Address of [...]
As with the UK, many phones in the US are sold under contract and are given at very discounted rates or even free in some cases if you sign a contract for year withe service provider.
Before that it was illegal to unlock your phone but finally in November 2006 it came out in court [...]
FSUM is a fast and handy command line utility for file integrity verification. It offers a choice of 13 of the most popular hash and checksum functions for file message digest and checksum calculation.
You can easily use FSUM with a batch wrapper to do automated file integrity monitoring, and use something like blat to email [...]
BackTrack is the result of the merging of the two innovative penetration testing live linux distributions Auditor security collection and Whax. By combining the best features from both distributions and putting continous development energy, the most complete and finest security testing live distro was born: BackTrack
BackTrack v.2.0 is finally released, it’s been a long wait [...]
I’ve heard this ‘rumour’ plenty of times, I always suspected it was true and Adobe have said similar things about their software.
If you are going to pirate, Microsoft wants you to pirate their software as when you go legit you are already locked in to their proprietary system.
All the more grounds for OSS if you [...]
Damn Vulnerable Linux (DVL) is a Linux-based (modified Damn Small Linux) tool for IT-Security & IT-Anti-Security and Attack & Defense. It was initiated for training tasks during university lessons by the IITAC (International Institute for Training, Assessment, and Certification) and S²e – Secure Software Engineering in cooperation with the French Reverse Engineering Team.
Damn Vulnerable Linux [...]
Ah another way for phishers and people wanting to steal login credentials to con IE7 users.
Yet another reason to use Firefox or Opera?
Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had.
The flaw lies in the way IE7 processes a locally stored HTML error message page that is [...]
I’ve known for a while you can buy software for spamming and MFA (Made for Adsense) site generation for a few hundred USD which utilises Google’s Blogger platform (blogspot.com sites).
You will have seen all the splogs as they are called (spam blogs) hosted on Blogger, a lot of them scrape Darknet articles and repost them [...]
Gomor released a LLTD (Link Layer Topology Discovery Protocol) implementation written in Perl (using Net::Frame framework).
You may use this two modules to write fuzzers, or anything.
You can find the modules here:
Net Frame LLTD
Techm4sters e-mailed us recently to let us know about their new security distro called ProTech, we haven’t had time to download it and test it yet but it certainly looks promising.
- What is PROTECH? Protech is a very light live security distribution based on Ubuntu Linux.
- Is this like Nubuntu? It is similar, yes! But [...]
It just goes to show, sometimes the simple things are the most effective. A box of chocolates can defeat all the most hi-tech security systems if you add a little charm.
21 million Euros of diamonds, that’s one hell of a catch.
A thief has evaded one of the world’s most expensive hi-tech security systems, and [...]
A new version of SSA (Security System Analyzer) has been released – version 1.5.1.
SSA is a scanner based on OVAL, the command line tool provided by MITRE is not very easy to use so the guys at Security Database decided to write a GUI to make it simple to use and understand and then free [...]
I have noticed an increase in Spam activity lately, especially in Spam blog comments there has been a noticeable surge in the frequency and number.
That’s why we’ve implemented stricter measures against spammers on Darknet and our other sites.
It seems there has been a big raise in the number of bot infected systems, so it’s suggested [...]
This was the idea with which I have won the regional web apps contest… well actually I did a CMS but the security part of it was the most appreciated. Maybe because it was weird, you’ll see…
Classical Login scripts
What exactly do classical login scripts do… they get the password from the database by querying it [...]
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
This is everywhere today. Every major news site has this ‘magic’ number in it. Digg.com had stories with more than 24.000 diggs (that’s actually the first time I see that many).
In case you’ve been in a cave for the [...]
What is Scapy?
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery [...]
This site is dedicated as a repository for “hacking” programs for Windows and Linux. Please note that hacking means nothing but tweaking or cleverly resolving a problem. Use the programs as you wish, but this site or its provider are not responsible in terms of how you use these programs, (i.e. for educational purposes only).
http://www.leetupload.com/
The [...]
Recently GFI launched a free, online portable storage device scanner called EndPointScan.
http://www.endpointscan.com
EndPointScan, is an industry-first, free online service that allows anyone to check what devices are or have been connected to computers on their network and by whom.
Using this diagnostic tool, one can identify those areas where the use of portable storage devices could pose [...]
Agnitum Outpost Security Suite Pro is a step up from their Agnitum Outpost Firewall PRO
with a more wholistic look at security.
The suite also includes pre-emptive threat protection, anti-spam protection and safe-surfing.
The Software is fairly sizeable at around 36MB, you can download it here, for a 30 day free trial.
As I’ve mentioned before I think [...]
Apologies for the recent down-time at Darknet, the longest we’ve had so far I think.
The disk-array crashed completely, hardware fault, so rebuilding and recovering the data from the bad disk, then restoring everything was a fairly long process.
The site was back up quite early but the database inaccessible due to the taxing of the processor [...]
The VoIP Security Alliance (VOIPSA) is pleased to announce the public release of its VoIP security tool list. Check it out at:
http://www.voipsa.org/Resources/tools.php
This VoIP Security Tool List provides categories, descriptions and links to current free and commercial VoIP security tools.
This list was developed to address the current void of VoIP security testing resources and sites, [...]
Basically Ubuntu Ultimate Edition is Ubuntu Edgy Eft with a whole lot of software pre-added.
Sadly the author had to removed Java, Flash and Acrobat reader due to licensing agreements. But don’t worry as there is a custom repository in the release which includes all of these and much more.
SMP Support (dual core CPUS) / works [...]
A reader e-mailed me a while ago about a fairly comprehensive SQL Injection ‘Cheat Sheet’ they had created and posted up.
I compared it to the other ones I had bookmarked, and it was different enough to be worth posting.
Currently only for MySQL and Microsoft SQL Server, some ORACLE and some PostgreSQL. Most of samples are [...]
ISIC is a suite of utilities to exercise the stability of an IP Stack and its component stacks (TCP, UDP, ICMP et. al.) It generates piles of pseudo random packets of the target protocol. The packets be given tendencies to conform to. Ie 50% of the packets generated can have IP Options. 25% of the [...]
A while ago some updates of pwdump and fgdump were released, namely pwdump6 1.5.0 as well as fgdump 1.5.0.
Version 1.5.0 of both programs takes advantage of some changes which makes them less likely to be detected by antivirus, at least as of today. This will be particularly helpful to those of you dealing with [...]
Another flaw in Cisco’s IOS, this time a problem with FTP, the mechanism used to update the firmware on Cisco devices (routers & switches mostly).
You really don’t want someone playing around with your configuration files on your router do you?
IOS FTP, which comes disabled by default in IOS, is used to upload IOS software images [...]
Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis is perfect for automation and scripting.
Nemesis can natively craft and inject packets for:
ARP
DNS
ETHERNET
ICMP
IGMP
IP
OSPF
RIP
TCP
UDP
Using the IP [...]
Another to add to your list and your RSS feedreader, Google Online Security Blog.
Online security is an important topic for Google, our users, and anyone who uses the Internet. The related issues are complex and dynamic and we’ve been looking for a way to foster discussion on the topic and keep users informed. Thus, we’ve [...]
Foundstone Blast v2.0 is a small, quick TCP service stress test tool. Blast does a good amount of work very quickly and can help spot potential weaknesses in your network servers.
Features:
/trial switch adds the ability to see how the buffer looks before sending it
/v switch adds verbose option – off by default
/nr switch turns off [...]
Redseal is launching a free offer next week for security consultants, pen testers and auditors.
Redseal develops a product called Security Risk Manager (SRM), it does the following – (non sales overview)
Imports firewall and router configuration files
Audits and checks them for errors, mis configurations, redundant rules, checks against best practices etc
Draws a network topography [...]
Technitium MAC Address Changer v4.5 has been released.
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample of information regarding each NIC in the machine. Every NIC [...]
From now on we will be having a commenter of the month competition here at Darknet to encourage quality comments and discussion.
We hope to get more interactive here and we will be giving out prizes sponsored by GFI such as PSP’s iPods and other cool stuff bundled with goodies from GFI such as mugs, key-chains [...]
SQLiX, coded in Perl, is a SQL Injection scanner, able to crawl, detect SQL injection vectors, identify the back-end database and grab function call/UDF results (even execute system commands for MS-SQL). The concepts in use are different than the one used in other SQL injection scanners. SQLiX is able to find normal and blind SQL [...]
More Google News this week after Google Launches Online Security & Malware Blog, now they have acquired a web security startup called GreenBorder.
Google Inc. said on Tuesday it has bought Internet security startup GreenBorder Technologies Inc., which creates secure connections to protect e-mail and Web users from malicious or unwanted computer code.
Terms of the deal, [...]
Sguil (pronounced sgweel) is probably best described as an aggregation system for network security monitoring tools. It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you [...]
The best commenter of the month competition is now running, as sponsored by GFI the best commenter of the month will win a PSP or iPod each month!
More details will be revealed as we go along.
Along with that you get the chance to win some pretty cool GFI merchandise, they sent some to me, [...]
Well this is a harsh turn of events, a while back an ‘ethics expert’ said Wifi Jacking is OK, now this poor guy has got pretty harshly screwed for using an open wireless connection from a nearby coffeeshop.
A Michigan man has been fined $400 and given 40 hours of community service for accessing an [...]
SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries (there is some code in there for pycurl, [...]
Our Polish friend and expert security researcher, Michal Zalewski (lcamtuf), known for his endless stream of vulnerabilities in all manners of software, has struck again.
This time with some pretty serious flaws in both Internet Exploder Explorer and Firefox. This time it’s 4, 2 in IE and 2 in Firefox.
The first which effects fully patched IE6 [...]
PRIAMOS is a powerful SQL Injector & Scanner
You can search for SQL Injection vulnerabilities and inject vulnerable string to get all Database names, Tables and Column data with the injector module.
You should only use PRIAMOS to test the security vulnerabilities of your own web applications (obviously).
The first release of PRIAMOS contain only SQL Server Database [...]
Phishers never give up, password theft protected pages? But what about password protected messenger application… No more to say check it out (lame)…
Link :: www.ourgodfather.com
Another Yahoo anti-phising (did you know?):
zahoo.com (also yahoo, for the ones that have inverted keyboard y-z)
Or half-open scanning technique is the first of three to come series about stealth scanning… The other two are Xmas/Fin/Null and idle/zombie scan techniques…
Intro
This is a series of three to come articles about stealth scanning, everything that I am going to present is hping oriented so if you want to learn this techniques you’d better [...]
I was thinking that the darknet authors should create videos when they write about different tools… It should be fun to see presentations… and also would bring darknet more hits…
I made a video for my previous article, and uploaded it to youtube: stealth techniques – syn
…for better quality download it: here
Is any author on darknet [...]
There has been an explosion of fuzzing tools lately, quite a few we have mentioned here on Darknet.
Someone else noticed this, and wondered where is the Perl framework to complete the family? With that in mind he spent the last few months working on something that should fill the gap – Fuzzled.
Fuzzled is a [...]
Finally a new Phrack! Phrack 64 has been released a while back at the end of May, and it’s been quite a wait.
At the beginning in 1985, Phrack started as an anarchy magazine. You can learn from the first issues how to create your own bomb or how to seriously take advantage of the world [...]
Another video in 2-3 days… I think i this becoming like a mania for me… Anyway in this video i played around with netstat so that for those who do not play with it could see the possibilities it offers to us… no more tutorials like:
netstat -a
to view all you connections
the end
… because I have [...]
Trinity Rescue Kit or TRK is a free live Linux distribution that aims specifically at recovery and repair operations on Windows machines, but is equally usable for Linux recovery issues.
It is possible to boot TRK in three different ways:
As a bootable CD which you can burn yourself from a downloadable isofile
From a USB stick/disk (optionally [...]
Ah, FBI slammed again, it’s not the first time this has happened.
Remember when a Consultant Breached FBI’s Computers?
It also reminds me of when Homeland Security Scored an F for Internal Security AGAIN.
The Government Accountability Office, the federal government’s watchdog agency, Thursday released a report critical of the FBI’s internal network, asserting it lacks security controls [...]
Some cool free tools made by folks from the French Honeynet Project.
FakeNetBIOS is a family of tools designed to simulate Windows hosts on a LAN. The individual tools are:
FakeNetbiosDGM (NetBIOS Datagram)
FakeNetbiosNS (NetBIOS Name Service)
Each tool can be used as a standalone tool or as a honeyd responder or subsystem.
FakeNetbiosDGM sends NetBIOS Datagram service packets on [...]
An interesting snippet from last month, AOL seems to have a strangely configued password system.
Users can enter up to 16 characters as a password, but the system only reads the first 8 and discards the rest. They are basically truncating the password at 8 characters.
A reader wrote in Friday with an interesting observation: When he [...]
sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment.
It should be used by penetration testers to help and automate the process of taking [...]
This is some pretty interesting news, rather than trying to cover things up like normal during July the Philippine government will be soliciting hackers to test the security of their Internet voting system.
I think it’s a great initiative from the International Foundation for Electoral System.
Local and foreign computer hackers will be tapped to try and [...]
The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators
What’s New in KcPentrix 2.0
Now release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a network, from [...]
ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
ProxyFuzz is a good tool for [...]
At Black Hat Europe (in Amsterdam) security experts from India (Nitin and Vipin Kumar of NV labs) demonstrated a special boot loader that gets around Vista’s code-signing mechanisms. Known as VBoot and launching from a CD and booting Vista it can make on-the-fly changes in memory and in files being read.
In a demonstration, the “boot [...]
We got an e-mail a while back about this new and apparently simple Oracle Application Server scanner.
It detects web pages, DADs (Database Access Descriptors) and test applications installed by default.
It may be useful for system hardening and pen-test.
You can download OAPScan here:
OAPScan.tar.gz
Ah so this is what you’ve been waiting for!
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June, we are now in the second month of the competition with new runnings starting yesterday, July 1st – Sponsored by GFI.
We are offering some [...]
tcpxtract is a tool for extracting files from network traffic based on file signatures. Extracting files based on file type headers and footers (sometimes called “carving”) is an age old data recovery technique. Tools like Foremost employ this technique to recover files from arbitrary data streams. tcpxtract uses this technique specifically for the application of [...]
Well this is my last week of exams, and today I got a free day, tomorrow it will be maths… Anyway while waiting for somebody I got bored and decided to make a small (tiny) video about piping data under windows, you know | …
In Unix-like computer operating systems, a pipeline is the original [...]
Selenium is a test tool for web applications. Selenium tests run directly in a browser, just as real users do. And they run in Internet Explorer, Mozilla and Firefox on Windows, Linux, and Macintosh. No other test tool covers such a wide array of platforms.
Browser compatibility testing. Test your application to see if it works [...]
Recently a new Trojan popped up that mimics the Windows activation interface, phishing for credit card details and even the PIN number.
The Trojan itself isn’t particularly advanced technically, it’s mostly just a social engineering attack.
Symantec is reporting on a Trojan horse that mimics the Windows activation interface.
What they are calling Trojan.Kardphisher doesn’t do most of [...]
ProxMon is an extensible Python based framework that reduces testing effort, improves consistency and reduces errors. Its use requires limited additional effort as it processes the proxy logs that you’re already generating and reports discovered issues. In addition to penetration testing, ProxMon is useful in QA, developer testing and regression testing scenarios.
Formerly announced as ScarabMon [...]
It seems after a brief scan that about 80% of sites contain common flaws that allows them to be compromised in some way, most often to create phishing sites, steal data and hijack info about clients.
An amazing 30% contain a serious vulnerability.
Eight out of ten Web sites contain common flaws that can allow attackers to [...]
sqlget is a blind SQL injection tool developed in Perl, it lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file.
Databases supported:
IBM DB2
Microsoft SQL Server
Oracle
Postgres
Mysql
IBM Informix
Sybase
Hsqldb
Mime
Pervasive
Virtuoso
SQLite
Interbase/Yaffil/Firebird (Borland)
H2
Mckoi
Ingres
MonetDB
MaxDB
ThinkSQL
SQLBase
Evasion features:
Full-width/Half-width Unicode encoding
Apache non [...]
The Pentagon got owned pretty hard with 1,500 accounts being taken offline due to a hack attack. For once however they did admit the incident and didn’t try to cover it over or brush it off.
I guess the amount of attacks they get is exponentially more than other networks…but still, I would have thought they [...]
For this article you should thank Patrick Ogenstad and his comment on my post , because I did not know about PowerShell until he mentioned about it… so a white point for him =)
The parts that will follow are snippets from the Getting Started document that comes with it…
Abstract
Windows PowerShell™ is a new Windows command-line [...]
Some light entertainment for once.
You all leet.
The government better watch out, RAMZI IS IN THE HIZZOUSE.
I thanksyou all.
Phew.
FG-Injector Framework is a set of tools designed to help find SQL injection vulnerabilities in web applications, and help the analyst assess their severity. It includes a powerful proxy feature for intercepting and modifying HTTP requests, and an inference engine for automating SQL injection exploitation.
Often web developers think that by disabling error messages in their [...]
It not surprising SQL Injection and database hacking are getting more frequent as people ramp up perimeter security more often than not they forget about interior security, software application security and most of all database security.
Of the 2007 total corporate IT budget, respondents said they have allocated 34 percent for database infrastructure and 20.6 percent [...]
Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes.
The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.
This is a pretty nifty [...]
The scariest type of all, hardware vulnerabilities. Security guru and creator of OpenBSD Theo de Raadt recently announced he had found some fairly serious bugs in the hardware architecture of Intel Core 2 Duo processors.
He goes as far as saying avoid buying a C2D processor until these problems are fixed.
A prominent software developer with a [...]
The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.
The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for [...]
Metasploit is a great tool, but it’s not the easiest to use and some people get completely lost when trying to get the most out of it.
To help you guys out here is a bunch of links, videos, tutorials and documents to get you up to speed.
You can start with this, a good flash tutorial [...]
There is a virus on the net from a long time, the damage inflicted by it is unstoppable, or at least that was though, check it out yourself
…just kidding, it does not exist but such a virus would be something great =)
Piggy is yet another tool for performing online password guessing against Microsoft SQL servers.
It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations).
It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
Piggy v1.0.1 by patrik@cqure.net
——————————–
usage: piggy [options]
options:
[...]
Since Ubuntu is getting so fantastically popular nowadays I thought this might be useful to some of you.
I personally think Ubuntu is great, the features, ease of installation, stability and especially the work they have done on things like wireless drivers make it a breeze to get up and running.
It is a pretty secure distro [...]
Dr.Morena is a tool to confirm the rule configuration of a Firewall.
The configuration of a Firewall is done by combining more than one rule. Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration [...]
An interesting happening this week, some ISP’s have been jacking the DNS entries for certain IRC networks to crack down on zombie/bot infections.
Is it ethical? Should they be doing this to their users?
I first got wind of this from a post on Full Disclosure mailing list from an IRC network administrator.
You can read that e-mail [...]
Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. It a [...]
Seems like a social engineering type attack again relying on human ignorance and stupidity. Based around some kind of malware reporting back to a central repository.
Remember kids if a deal is too good to be true…it isn’t.
Hackers stole information from the U.S. Department of Transportation and several U.S. companies by seducing employees with fake job-listings [...]
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.
The tool is based on dictionaries and ranges, you choose where you want to bruteforce [...]
A while back a reader e-mailed us about a new site they have called Security Freak, the site is about informatin security education and is mostly using video lectures to illustrate and convey the lessons.
Security-Freak.net is an attempt to lower the entry barrier for starting computer security research. The author has noticed that during his [...]
So, I guess you guys are wondering who has won the July contest? It was a pretty close call.
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June, we have just finished the second month of the competition in July and are [...]
What is open music?
Open Music is music that is shareable, available in “source code” form, allows derivative works and is free of cost for non-commercial use. It is the concept of “open source” computer software applied to music.
And it has a license as source code programs have too. Even more it comes under 2 [...]
The first Link Layer Discovery Protocol Fuzzer is now available, test cases are also ready to be used along with the tool. The fuzzing architecure makes it easy to extend the tool with new test cases and more LLDP compliant devices arise.
LLDP is a Layer 2 protocol which allows network devices to advertise their identity [...]
Judging by figures alone, Vista is more secure than Mac OSX and Linux? I somehow find this a rather strange claim, I guess these things are always subjective.
Most numbers can be moulded into any shape you want, and can show any result you like.
According to the numbers given in a new report from Microsoft, Windows [...]
Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products.
Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the one who [...]
Not just attempts, but 844 successful intrusions over the past two years, quite a scary statistic no?
They are actually having a subcommittee hearing entitled “Hacking the Homeland”.
This includes all kinds of intrusions including web site hacks, viruses, worms and other kinds of intrusion.
DHS and its constituent agencies have suffered more than 800 serious computer security [...]
XSS Warning is a extension/add-on for Firefox that filters malicious values to prevent Cross Site Scripting (XSS) attacks by malicious URLs (assuming you have Javascript enabled).
XSS Warning 0.1.8 beta protect from:
URL attack
Redirect attack
Link code injection
Compatible with Firefox: 1.5 – 2.0.0
You can install and read more about XSS Warning here:
http://www.gianniamato.it/project/extension/xsswarning/
As we followed the Gary McKinnon case quite closely whilst it was happening, here’s the latest update.
At least he seems to be getting a break in the case as he’s won the right to have his extradition case heard by the House of Lords.
Gary McKinnon, the ex-systems administrator accused of conducting the biggest military hack [...]
mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force).
You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the language used [...]
Daniel has received his prices for winning the June competition.
Doesn’t he look smart!
He’s happy! I want a silver PSP too *sigh* so sad they give it to other people haha.
So keep commenting guys and keep up the good discussion, in the world of blogs you ‘tip’ the author by leaving comments. It makes us happy [...]
Elcomsoft is quite a well known firm when it comes to password ‘recovery’, I have used their products in the past when I was in a fix and I needed a password that had been, you know…lost.
They rose to fame in 2001 after cracking Adobe’s eBook format.
Recently they announced a fairly serious backdoor in Quicken [...]
rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesn’t require the presence of RTCP packets (voipong needs them) that aren’t always transmitted from the recent VoIP clients.
The RTP sessions are composed by [...]
So the latest news is that the RFID chips in electronically enabled passports are NOT encrypted, which bright spark came up with that idea?
Ok so you implement ‘more secure’ RFID passports, and leave all the data in plain text for anyone to tamper with – nice!
So what do you think they are gonna do about [...]
The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments.
PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer and read [...]
After almost a year of intensive development and internal use, Immunity (The guys who bought us CANVAS) has announced the public release of Immunity Debugger v1.0. The main objective for this tool was to combine the best of commandline based and GUI based debuggers.
Immunity Debugger is a powerful new way to write exploits, analyze malware, [...]
Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft.
Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ’security level’.
You can read the report here:
Vista 6 Month Vuln Report [PDF]
The Microsoft “researcher” claims that Windows Vista is exponentially less vulnerable [...]
A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features:
Audit
SQL injection detection
XSS detection
SSI detection
Local file include detection
Remote file include detection
Buffer Overflow [...]
The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA.
A while back the FCC announced the wanted to crack down on Caller ID spoofing as it was still too easy.
The amount of the forfeiture penalty (…) shall not exceed $10,000 for each violation, or 3 times [...]
Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits.
Unfortunately, this manual vulnerability search is a very tiresome and error-prone task.
Pixy is a Java program that performs automatic [...]
Teredo is a platform-independent protocol developed by Microsoft, which is enabled by default in Windows Vista. Teredo provides a way for nodes located behind an IPv4 NAT to connect to IPv6 nodes on the Internet. However, by tunneling IPv6 traffic over IPv4 UDP through the NAT and directly to the end node, Teredo raises some [...]
KGB Keylogger from Refog Software is a decent light weight Key Logger.
KGB Keylogger is a multi-functional keyboard tracking software that is widely used by both regular users and IT security specialists for tracking the key strokes typed on a given machine.
KGB Keylogger Features at a Glance
Stealth mode and visible mode of work;
Logs keyboard input, including [...]
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. It can be used to turn your favorite browser (Firefox) into a powerful security framework.
FireCAT comes from “Firefox Catalog of Auditing Toolbox”
Changes for FireCAT 1.1
+ Category Network Utililies
- Added ffsniff to subcat “Sniffers”
- Added CrossFTP to subcat FTP (thanks to Benjamin [...]
A while back Microsoft UK got hacked by some Saudi Hackers, Microsoft is always one of the top targets for renegades and ‘cyber-terrorists’ as the high profile nature of the company can give some publicity to their causes.
This was less than a month after Technet got owned.
I don’t think they are ever going to lay [...]
New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!).
For those that don’t know what pwdump or gfdump are..
pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, [...]
Similar to the Hacker Challenge in 2006, it is being run by a U.S. company performing security testing and security metric research. The purpose of this challenge is to evaluate the effectiveness of software protections. The results of this effort will be used to improve protection measures.
There will be three distinct, yet related, phases to [...]
Ah it’s that time again! It wasn’t as close as last month, but it was pretty close again.
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June and July. We have just finished the third month of the competition in August and [...]
ServiceCapture runs on your pc and captures all HTTP traffic sent from your browser or IDE. It is designed to help Rich Internet Application(RIA) developers in the debugging, analysis, and testing of their applications.
You can download the free trial below. After it is installed and running, visit the Macromedia Exchange with your web browser (some [...]
The details are still a bit shaky, but this news has been making the rounds.
Apparently the the hack attack in June on the Pentagon may have been carried out by the Chinese Military (People’s Liberation Army).
One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the [...]
Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.
EtherPEG was a program that sniffed for JPEGs passing by on the AirPort networks at MacHack, and showed them on the huge screen [...]
PIRANA is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform.
PIRANA’s goal is to test whether or not any vulnerability exists on the content [...]
After the recent fiasco about the Pentagon being Hacked by Chinese Military another few governments have piped up with information about cyber surveillance by China.
The latest is France.
It seems like right now china has it’s fingers in many pies.
France has become the fourth country to speak out against hackers in China [...]
Flare processes an SWF and extracts all scripts from it. The output is written to a single text file. Only ActionScript is extracted, no text or images. Flare is freeware. Windows, Mac OS X and Linux versions are available.
The main purpose of decompiler is to help you recover your own lost source code. However, there [...]
Seen as though we get a lot of searches for PSP firmware updates and information about homebrew, I thought I’d post about this which popped up a few months ago.
In what undoubtedly will be remembered as a historic and life-changing event for PSP enthusiasts everywhere, a group of coders (Noobz and [...]
Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive.
The headers and footers can be specified by a configuration [...]
More hacker humour – this is a good one!
—
So I’ve been a professor at this ‘little school’ for a while now. I love my job. My classes contain students from all age groups. I have a few 17 year old high schoolers that are here because they are bored during the summer. I have a [...]
IPAudit monitors network activity on a network by host, protocol and port. It listens to a network device in promiscuous mode, and records every connection between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them, and the port numbers (if they are communicating [...]
I’ve seen this from quite a few sources so it seems it’s fairly legitimate, it seems all major websites have some flaws in the way they implement cookies meaning they are vulnerable to certain types of attack.
The only current solution seems to be using full time SSL or https connections full-time, if any of you [...]
The LORCON packet injection library provides a high level interface to transmit IEEE 802.11 packets onto a wireless medium. Written for Linux systems, this architecture simplifies the development of 802.11 packet injection through an abstraction layer, making the development of auditing and assessment tools driver- independent.
Using LORCON, developers can write tools that inject packets onto [...]
I’m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed.
Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in voting applications.
Now [...]
WEP is a protocol for securing wireless LANs. WEP stands for “Wired Equivalent Privacy” which means it should provide the level of protection a wired LAN has. WEP therefore uses the RC4 stream to encrypt data which is transmitted over the air, using usually a single secret key (called the root key or WEP key) [...]
Gentoo Pulls the Plug after Getting Pwned
Gentoo pulled quite a few of it’s servers recently following the discovery of a fairly severe flaw in it’s systems.
Just to show that Linux systems aren’t invulnerable and immune to all security issues.
Ubuntu suffered quite heavily recently too, so don’t assume just because you use Linux you’re safe.
[...]
I was looking through my toolbox to see what else is useful and I came across this one, httprint – the only caveat is that it’s a little out of date. It still does a good job though.
httprint is a web server fingerprinting tool.
It relies on web server characteristics to accurately identify web servers, despite [...]
This case has been going on for a while but obviously hush hush, being that it is the largest breach of customer data in U.S. History. The details of the case have only started emerging in the last couple of months.
Information Week published a good article covering what has been going on recently.
Amazing the amount [...]
aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact, aircrack is a set of tools for [...]
The purpose of the scoring scale CCWAPSS is to share a common evaluation method for web application security assessments/pentests between security auditors and final customers.
This scale does not aim at replacing other evaluation standards but suggests a simple way of evaluating the security level of a web application.
CCWAPSS is focused on rating the security level [...]
Competition time again! It wasn’t that close this month, activity seems to have dropped off a bit, but we had a wider variety of comments and some good quality – which is important!
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June [...]
This is a cool tool I found recently amongst all the flame wars in the security mailing lists, someone developed this tool to profile the semantics of text.
Basically you pump in a load of e-mails from a known source, then compare it to the anonymous socks and see what probability it is that they are [...]
This has been floating around for a while and you might have noticed a warning on some German based security sites that they’ve had to move their tools due to this new legislation known as 202(c) – a couple of examples are KisMAC and Phenoelit.
Basically the new law prohibits manufacturing, programming, installing, or spreading software [...]
SQL Power Injector is a graphical application created in .NET 1.1 that helps the penetrating tester to inject SQL commands on a web page.
For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode).
Moreover this application will get [...]
It seems like spammers, scammers, phishers and now malware authors are starting to leverage blogs more and more, especially Blogger/Blogspot as Google tend to be quite slow in responding and sometimes don’t respond at all.
This makes it an ideal platform for dodgy behaviour as the crooks have adequate lead time to con/infect people before they [...]
SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features :
OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications
Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define a [...]
There was a massive failure on our web-host resulting in almost 100% data loss, our own back-up was from September 10th so we are trying to restore the site to full capacity as we speak.
It’s in a bit of a mess at the moment, but we’ll get it back up to speed at latest by [...]
Heard about the recent server crash, and I also fell a bit alerted by this incident, because I as the web hosting providers don’t do regular backup…. anyway what am I going to talk about now? Bookmarklets, we all know them, there new, hip, and full of color ….
What are bookmarklets? Little javascript snippets that [...]
Ok I’ve just painstakingly restored all the posts I could find since September 10th until now from Google Cache.
I’ve worked out the maximum posts missing would be 1 as I could get the cache back to September 12th and the latest post before that is September 10th, or I might not have posted on September [...]
This is not exactly new news either, these kind of toolkits have been on sale for a long time, virus generators, trojan toolkits, now they are getting more polished, more stream-lined, more expensive and more easily available.
News of them is hitting the mainstream media..
Malicious hackers are producing easy to use tools that automate attacks to [...]
HttpBee is a swiss-army-knife tool for web application hacking. It is multi-threaded, embedded with scriptable engine and has both command-line and daemon mode (if executed in daemon mode, HttpBee can become an agent of a distributed framework).
This is a tool for more advanced users and there isn’t much documentation so if anyone feels like writing [...]
It seems India are getting serious about terrorist activities being co-ordinated via the Internet, they are starting to run extremely deep surveillance on many cyber-cafes in Mumbai.
The solution appears to be some kind of ‘legal’ trojan system that will collect logs and send them to the police.
The Mumbai police will soon have khabris deployed (not [...]
CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license.
The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it can be [...]
If you remember a while back we mentioned PDF & Image Attachment Spam – The New Problem with E-mail, now we have another ‘innovation’ in spamming..
MP3 spam!
It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast.
Spammers are back with [...]
So I’ve got a VPS set-up for Darknet, it’s not quite a dedicated server or a co-lo but it’s pretty close and it’s much more affordable!
Can’t beat a bit of root access so I can rysnc things off to another box.
The box will be backed up off-site every day anyway, and I’ll pull back-ups daily [...]
What is this?
Metagoofil is a tool for written in Python for extracting the metadata from public documents (pdf,doc,xls,ppt) available in the target websites. This information could be useful because you can get valid usernames, or people names, for using later in brute force password attacks (vpn, ftp, webapps etc.)
How it works?
The tool first queries Google [...]
Wanna work on a web reconnaissance tool?
Want to have your name in readme file?
Got bored and want to help somebody?
Well then darknet readers this is your chance, because I need people to help me on a project I started a while ago called Website Anatomy, to find out what it is about check out the [...]
A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.
Some ISPs are resorting to a new tactic to increase revenue: inserting [...]
As mentioned in the previous FireCAT 1.1 post, FireCAT 1.2 was released last month.
If you aren’t aware, FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.
Changes for FireCAT 1.2
Renamed subcategory “Social Engineering” to “Data mining”
Bibirmer updated location (thanks to Zagrodzki Krzysztof from Telekomunikacja Polska)
Enhanced History Manager (to new subcategory Misc [...]
If you remember we mentioned Fuzzled a little while back, the PERL fuzzing framework. Apparently Fuzzled 1.1 should be coming out soon.
Fuzzled is a powerful fuzzing framework. Fuzzled includes helper functions, namespaces, factories which allow a wide variety of fuzzing tools to be developed. Fuzzled comes with several example protocols and drivers for them.
Someone was [...]
The concept of passing the hash on Windows came about a while ago, now there’s a tool for it in it’s second revision (which fixed some problems with foreign language Windows versions and Windows 2003).
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools [...]
Just a quick note as I know many of you guys are in corporate security positions and might be looking for some of the solutions GFI offers.
They are having a Q4 promotion with up to 50% off on some of their products/services.
GFI MailEssentials – 25%
GFI MailEssentials & GFI MailSecurity Suite – 25%
GFI MailSecurity – 50%
GFI [...]
This story reads like something from one of those glamourised Hollywood ‘hacker’ movies like Swordfish or Antitrust.
The legendary MPAA hacker has been revealed, and it looks like he himself got social engineered and dumped…he should have realised when you are playing with unscrupulous people you are setting yourself up to get screwed.
Promises of Hollywood fame [...]
WSBang is designed to be a lightweight, open source fuzzer for web services. It takes as input the URL or file system location of a WSDL for the web service to be tested. Upon completion, a simple HTML view of the test results will be displayed.
Method parameters are fuzzed based on their type [...]
If I recall this is not the first time this has happened, delivering viral payloads via banner ads and flaws in scripting.
It seems that malware peddlers are getting more aggressive though, it obviously shows there is actual monetary value in infecting people and stealing their data.
A subtle form of social engineering too, by leveraging on [...]
Competition time again!
We unfortunately lost quite a few comments due to the server crash in early October, but activity after that was pretty good with some excellent quality comments.
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June and July. We have [...]
Seen as though untidy was mentioned again fairly recent, it sparked my memory that I have a fairly old draft regarding untidy the XML Fuzzer.
Fuzzing is definitely becoming an important part of Pen Testing and especially application security – we’ve published about quite a few and I’m sure there are more in development.
Anyway, back [...]
Interesting research from Elcomsoft, using the parallel processing capacity of graphics cards to speed up the password cracking process.
Pretty inventive thinking, as graphics cards get more and more powerful, and they are created to do massive parallel tasks for all the latest and greatest games, why not apply it to password cracking!
A technique for cracking [...]
Skavenger? Yes, because scavenger is already used?!?
What is skavenger? Skavenger is a source code auditing tool, firstly though for php, but also used for any kind of source code file; as long as you know what to look for…
Yes I thought is as a replacement tool for egrep/sed under Windows! because not everybody installs cygwin [...]
WifiZoo is a tool to gather wifi information passively. Similar to dsniff but for wireless work, the author wanted to do something wifi-related somewhat helpful in wifi pentesting. Something of an extension of Ferret from Errata.
It’s essentially a tool to get information from open wifi networks without joining any network, and covering all wifi [...]
Apparently he stopped his naughty activities back in 2006, but still…a guy that is supposed to securing machines was installing malware and had a bot totaling about a quarter of a million zombies.
Most used for info gathering, Paypal accounts and installing Malware for comission, he claims to have made $19,000 in a week installing TopConverting [...]
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
We did mention it back in August when it first hit the streets.
With new QT interface:
If you haven’t used it for a [...]
We recently reported on thousands of people being hooked by big sites distributing malware, it now seems Doubleclick was the one at fault.
It’s a pretty neat trick and a good spin on Social Engineering leveraging on the trustworthy nature of the sites.
CNN even?
Rogue anti-spyware software that pushes fraudulent PC scans has found its way [...]
It’s been a long time coming but here it is, after almost a year (Remember Medusa 1.3?) finally version 1.4 is here!
Version 1.4 of Medusa is now available for public download!
What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net.
The Key Features are as [...]
So what’s coming next, after Storm you might ask. You might remember Storm Worm Descending on Blogspot recently and other news about Botnets spiraling out of control accounting for almost 25% of online computers.
Well apparently next will be p2p or peer to peer Botnets which could literally blow Storm away.
You know about the Storm Trojan, [...]
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process [...]
Apple has admitted that is has at LEAST three serious design weaknesses in it’s new application based firewall being rolled out with Mac OS X ‘Leopard’.
It comes (somewhat oddly) only 24 hours after a Mac OS X security update that fixed 41 OS X and Safari security vulnerabilities.
Previously independent researchers proved that Apple’s claim that [...]
SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features :
OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications
Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define [...]
It seems Wi-Fi is actually extremely common, in fact in a recent poll up to 45% do it! I guess most people here have, I admit I do even with my phone when I’m out and about I’ll use any WiFi point that works.
We can blame it on the manufacturers for having lax default security [...]
tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like ‘tcpdump’ shows a summary of packets seen on the wire, but usually doesn’t store the data that’s actually being transmitted. In contrast, tcpflow [...]
It seems Phishing is have effects in ways that weren’t originally obvious, it comes back to the same topic we generally discuss here when it comes to security and consumers.
IGNORANCE.
Someone consumers see a Phishing attempt from ‘Brand X‘ as a negative against that brand…even though it has absolutely nothing to do with the brand and [...]
A freeware tool to trace TCP/UDP sessions and fetch application data from snoop or tcpdump logs. This is a type of “any-snarf” program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG), SMTP emails and so on from the captured data inside network traffic logs.
Similar to tcpflow which we mentioned recently.
A [...]
Ah it seems some companies are having the same idea as me, consoles might well be the next infection vector for zombie style botnets, they have good processing power, the current generation has ample hard-drive space and they are network connected.
The difference with consoles is they tend to be turned off when not in use [...]
The firewall test suite fwtest is a security auditing tool made up of two parts: the test control application fwtest and optionally one or two helper processes named fwagent. The test control application fwtest starts up the python interpreter with the given test script. The test script controls the packet data flow between two virtual [...]
Interesting, a new arena for marketing spin and sales talk – the auctioning of exploits.
WabiSabiLabi is pushing hard for a good price for a ClamAV vulnerability and exploit that it has gotten hold of, it’s dosing it up with a good portion of spin to make it seem like the next big thing – I [...]
The newest version of Technitium MAC Address Changer was released a while back, v4.7. There are some minor changes and it’s looking to be pretty polished for a free tool.
Of course some might say “It’s just a registry entry? What’s the big deal?” Well this just makes it easier, especially when you are doing audits [...]
It seems like malware numbers are going up, rather than down as I would expect. But then if you think about it as a numbers game, the more people that come online – the more in absolute terms that are going to have nefarious intent. This means more hackers, more script kiddies and more malware.
It’s [...]
The MSF eXploit Builder (MSF-XB) is a free win32 application (GUI) that wants to be an Exploit Development Platform. The main goal is to speed up the exploit development process, this is accomplished by using the powerful functionalities and neat design of The Metasploit Framework.
MSF-XB automatically generates MSF compliants exploits modules.
The MSF-XB package also includes [...]
Competition time again!
As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June and July. We have just finished the sixth month of the competition in November and are now in the seventh, starting a few days ago on December 1st – Sponsored [...]
It’s that time of the year, our annual christmas present – the Sans Top 20 Vulnerabilities for 2007.
The SANS Top 2007 list is not “cumulative.” We include only critical vulnerabilities from the past year or so. If you have not patched your systems for long time, it would be wise to patch the vulnerabilities listed [...]
Scanrand is extremely quick and effective port scanner. It works by forking two distinct processes:
One to send the initial queries
One to receive responses and reconcile them from the above
This makes it extremely fast.
If you haven’t heard of the suite, Scanrand is one of the five tools in Paketto Keiretsu by Dan “Effugas” Kaminsky [...]
It looks like there is a fairly serious vulnerability in some of the popular media player packages out in the wild packaged as a MP4 file (due to the MP4 codec from 3ivx), it effects Windows Media Player 6.4 and Windows Media Player Classic, which are made by Microsoft, and AOL’s Winamp version 3.5.
All the [...]
KisMAC is an opensource and free stumbler/scanner application for Mac OS X. It has an advantage over MacStumbler/iStumbler/NetStumbler in that it uses monitor mode and passive scanning.
KisMAC supports several third party PCMCIA cards – Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB Prism2 is supported as well, and USB Ralink support is in development. All [...]
Seen as though we’ve been having a good bash on Microsoft recently, here’s some more relevant news. The December update from Microsoft has delivered patches for 11 series flaws spanning both IE6 & IE7 and all their currently supported operating systems (Windows 2000, Windows XP and Windows Vista).
So if you are running Windows, make sure [...]
At last a new major release of Nmap!
If for some odd reason you don’t already know what Nmap is, it is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host [...]
A new generation of phishing attacks is being studied jointly by Google and Georgia Institute of Technology, it seems the bad guys are getting some smarter ideas.
They are using Open Recursive DNS servers to poison DNS queries and return false information, thus luring consumers to even more realistic phishing domains.
Researchers at Google and the Georgia [...]
Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.
Advantages of Pcapy
Works with [...]
Quite a few people seem to be interested in this tool, so here is the latest revision – Inguma 0.0.6.
For those that don’t know, Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, [...]
A new worm has hit Google’s Orkut and it seems to be hitting it pretty hard, it’s infected via the scrapbook feature and is adding hundreds of thousands of users, similar to the Myspace worm (Samy) that hit in October 2005.
It seems to be fairly unmalicious, more of a ‘look at me – see what [...]
Another one that has been a long time coming, but finally here it is! Nikto 2.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items [...]
I’d just like to take this opportunity to wish you all a jolly and safe Christmas, enjoy some time with your families and friends.
Relax, have some food, some drinks and some fun.
I’d like to thank you all for your continued support, reading, rss subscriptions and especially to those who actively comment.
I really enjoy each and [...]
It looks like the malware guys are indeed getting more tricky, and this time it has an effect on multiple parties. It deprives Google of the impressions from the adverts and potentially can infect surfers with some nasty malware.
Again it’s using the hosts file, redirecting Google’s own ads to those from a nefarious source.
A security [...]
This is a pretty neat tool for those using Squid Cache and looking for a pro-active tool for securing web acccess in their company (or house if you have a devious sibling).
The goal of Whitetrash is to provide a user-friendly and sysadmin-friendly proxy that makes it significantly harder for malware to use HTTP and SSL [...]
Storm is back in the festive season spreading some xmas and new year love. They even have a new year greeting site ready for spreading New Year related Storm Worm variants.
Social Engineering again, people are always more susceptible during holidays, I guess they are happy and less paranoid.
The Storm Worm gang are spreading seasonal ill-will. [...]
wsScanner is a toolkit for Web Services scanning and vulnerability detection.
This tool has the following functions:
Discovery tool
By leveraging search engine this tool helps in discovering Web Services running on any particular domain or with certain name pattern.
Vulnerability detection
It is possible to enumerate and profile Web Services using this tool and one can follow it [...]
