Archive | July, 2007


18 July 2007 | 9,594 views

Intel Core 2 Duo Vulnerabilities Serious say Theo de Raadt

The scariest type of all, hardware vulnerabilities. Security guru and creator of OpenBSD Theo de Raadt recently announced he had found some fairly serious bugs in the hardware architecture of Intel Core 2 Duo processors. He goes as far as saying avoid buying a C2D processor until these problems are fixed. A prominent software developer [...]

Continue Reading


17 July 2007 | 8,597 views

Sandcat by Syhunt – Web Server & Application Vulnerability Scanner

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. This is a [...]

Continue Reading


16 July 2007 | 5,035 views

The Soft Underbelly? – Database Security

It not surprising SQL Injection and database hacking are getting more frequent as people ramp up perimeter security more often than not they forget about interior security, software application security and most of all database security. Of the 2007 total corporate IT budget, respondents said they have allocated 34 percent for database infrastructure and 20.6 [...]

Continue Reading


13 July 2007 | 18,035 views

FG-Injector – SQL Injection & Proxy Tool

FG-Injector Framework is a set of tools designed to help find SQL injection vulnerabilities in web applications, and help the analyst assess their severity. It includes a powerful proxy feature for intercepting and modifying HTTP requests, and an inference engine for automating SQL injection exploitation. Often web developers think that by disabling error messages in [...]

Continue Reading


12 July 2007 | 7,453 views

Hacking with Ramzi

Some light entertainment for once. You all leet. The government better watch out, RAMZI IS IN THE HIZZOUSE. I thanksyou all. Phew.

Continue Reading


10 July 2007 | 17,192 views

PowerShell – More than the command prompt

For this article you should thank Patrick Ogenstad and his comment on my post , because I did not know about PowerShell until he mentioned about it… so a white point for him =) The parts that will follow are snippets from the Getting Started document that comes with it… Abstract Windows PowerShell™ is a [...]

Continue Reading


10 July 2007 | 8,286 views

Pentagon E-mail System HACKED

The Pentagon got owned pretty hard with 1,500 accounts being taken offline due to a hack attack. For once however they did admit the incident and didn’t try to cover it over or brush it off. I guess the amount of attacks they get is exponentially more than other networks…but still, I would have thought [...]

Continue Reading


09 July 2007 | 10,319 views

sqlget v1.0.0 – Blind SQL Injection Tool in PERL

sqlget is a blind SQL injection tool developed in Perl, it lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file. Databases supported: IBM DB2 Microsoft SQL Server Oracle Postgres Mysql [...]

Continue Reading


06 July 2007 | 3,234 views

Apparently 8/10 High Traffic or ‘Big’ Websites are Vulnerable

It seems after a brief scan that about 80% of sites contain common flaws that allows them to be compromised in some way, most often to create phishing sites, steal data and hijack info about clients. An amazing 30% contain a serious vulnerability. Eight out of ten Web sites contain common flaws that can allow [...]

Continue Reading


05 July 2007 | 6,224 views

Proxmon – Proxy Log Monitoring Tool

ProxMon is an extensible Python based framework that reduces testing effort, improves consistency and reduces errors. Its use requires limited additional effort as it processes the proxy logs that you’re already generating and reports discovered issues. In addition to penetration testing, ProxMon is useful in QA, developer testing and regression testing scenarios. Formerly announced as [...]

Continue Reading