Archive | February, 2007


14 February 2007 | 316,060 views

THC-Hydra – The Fast and Flexible Network Login Hacking Tool

THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment. It supports a LOT of services and protocols too. Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols […]

Continue Reading


13 February 2007 | 8,216 views

0-day Vulnerability Effects Solaris – Disable Telnet NOW!

Solaris is pwned by a similar vulnerability to one discovered on AIX systems in 1994. Yes people that’s 13 years ago…and Sun are still vulnerable, as reported by SANS. The following will give you root on a lot of Solaris systems:

Cool eh? The Internet Storm Center is urging system administrators to disable or […]

Continue Reading


12 February 2007 | 17,017 views

AccessDiver – Web Site Security Testing Tool

AccessDiver is a security tester for WEB sites. It incorporates a set of powerful features which help you find and organize failures and weaknesses from your web site. AccessDiver can detect security failures on your web pages. It has multiple efficient tools which will verify the robustness of your accounts and directories accurately. So, you […]

Continue Reading


09 February 2007 | 5,704 views

Google Fixes Serious Vulnerability in Gmail

Google started the new year by fixing a serious vulnerability in Gmail. This was quite an interesting case and once again (as everything relating to web apps seems to be nowdays) it was an XSS flaw that allowed malicious attackers to steal your contact list, leading to some pretty bad information leakage. Google has fixed […]

Continue Reading


08 February 2007 | 4,898 views

Happy 1 Year Anniversary to the Relaunch of Darknet

Yes it’s been exactly one year since Darknet was relaunched in it’s new form supported by WordPress and a variety of posts about tools, tutorials and the latest news from the information security and specifically ethical hacking areas. The first post of the new site: Welcome to Darknet – The REBIRTH It’s been an interesting […]

Continue Reading


07 February 2007 | 3,561 views

Secunia Releases Software Inspector

Feature Overview – The Secunia Software Inspector: Detects insecure versions of applications installed Verifies that all Microsoft patches are applied Assists you in updating your system and applications Runs through your browser. No installation or download is required. How Does it Work: The Secunia Software Inspector relies on carefully crafted “Secunia File Signatures” to recognise […]

Continue Reading


06 February 2007 | 5,192 views

Spam on the Increase – Image Spam Accounting for More

As always, spam filters get better and smarter, but so do spammers..and frankly spammers have more to gain by beating the spam filters so they always work harder and think in more innovative ways. As they get their spam resembling real emails more and more, the spam filters become less accurate. On top of that […]

Continue Reading


05 February 2007 | 17,451 views

Caecus – Web Brute Forcing Tool with OCR Support

Caecus is a unique tool which can bruteforce some OCR form based protections. As far as we know at Darknet, this is the only publicly available OCR brute forcing tool. These scripts generates a digital image as an extra layer of security called OCR. Some versions of this script also use session id’s to keep […]

Continue Reading


03 February 2007 | 5,975 views

Cafepress.com Under Heavy DDoS Attack

Towards the end of last year Cafepress.com came under heavy DDoS attack (Distributed Denial of Service) which took it down for some time. The problem with DDoS attacks is there’s not much you can do to prevent it, if that guy has enough zombies resulting in enough bandwidth, you are going down. DDoS attacks have […]

Continue Reading


02 February 2007 | 11,041 views

Odysseus Win32 Proxy & Telemachus HTTP Transaction Analysis

Introducing a pair of tools that go well together and give you some good control for HTTP transaction analysis and looking at the security of web applications. Odysseus is a tool designed for testing the security of web applications. Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical […]

Continue Reading