New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!). For those that don’t know what pwdump or gfdump are.. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on [...]
A while back Microsoft UK got hacked by some Saudi Hackers, Microsoft is always one of the top targets for renegades and ‘cyber-terrorists’ as the high profile nature of the company can give some publicity to their causes. This was less than a month after Technet got owned. I don’t think they are ever going [...]
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. It can be used to turn your favorite browser (Firefox) into a powerful security framework. FireCAT comes from “Firefox Catalog of Auditing Toolbox” Changes for FireCAT 1.1 + Category Network Utililies – Added ffsniff to subcat “Sniffers” – Added CrossFTP to [...]
KGB Keylogger from Refog Software is a decent light weight Key Logger. KGB Keylogger is a multi-functional keyboard tracking software that is widely used by both regular users and IT security specialists for tracking the key strokes typed on a given machine. KGB Keylogger Features at a Glance Stealth mode and visible mode of work; [...]
Teredo is a platform-independent protocol developed by Microsoft, which is enabled by default in Windows Vista. Teredo provides a way for nodes located behind an IPv4 NAT to connect to IPv6 nodes on the Internet. However, by tunneling IPv6 traffic over IPv4 UDP through the NAT and directly to the end node, Teredo raises some [...]
Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task. Pixy is a Java program that performs [...]
The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA. A while back the FCC announced the wanted to crack down on Caller ID spoofing as it was still too easy. The amount of the forfeiture penalty (…) shall not exceed $10,000 for each violation, or [...]
A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features: Audit SQL injection detection XSS detection SSI detection Local file include [...]
Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft. Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’. You can read the report here: Vista 6 Month Vuln Report [PDF] The Microsoft “researcher” claims that Windows Vista [...]
After almost a year of intensive development and internal use, Immunity (The guys who bought us CANVAS) has announced the public release of Immunity Debugger v1.0. The main objective for this tool was to combine the best of commandline based and GUI based debuggers. Immunity Debugger is a powerful new way to write exploits, analyze [...]
© Darknet – The Darkside 2000-2012. Don't Learn to HACK - Hack to LEARN.
Posted in: 
Recent Comments