Archive | October, 2007


31 October 2007 | 6,349 views

FireCAT 1.2 Released – Firefox Catalog of Auditing Extensions

As mentioned in the previous FireCAT 1.1 post, FireCAT 1.2 was released last month. If you aren’t aware, FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. Changes for FireCAT 1.2 Renamed subcategory “Social Engineering” to “Data mining” Bibirmer updated location (thanks to Zagrodzki Krzysztof from Telekomunikacja Polska) Enhanced History […]

Continue Reading


30 October 2007 | 3,876 views

Web Integrity Checker – ISPs Inserting Ads Into Web Content

A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing. Some ISPs are resorting to a new tactic to increase revenue: […]

Continue Reading


28 October 2007 | 4,790 views

Scavenging for project members on Darknet

Wanna work on a web reconnaissance tool? Want to have your name in readme file? Got bored and want to help somebody? Well then darknet readers this is your chance, because I need people to help me on a project I started a while ago called Website Anatomy, to find out what it is about […]

Continue Reading


26 October 2007 | 14,650 views

Metagoofil 1.2 – Metadata Extractor Tool

What is this? Metagoofil is a tool for written in Python for extracting the metadata from public documents (pdf,doc,xls,ppt) available in the target websites. This information could be useful because you can get valid usernames, or people names, for using later in brute force password attacks (vpn, ftp, webapps etc.) How it works? The tool […]

Continue Reading


25 October 2007 | 4,398 views

VPS – Virtual Private Server for Darknet

So I’ve got a VPS set-up for Darknet, it’s not quite a dedicated server or a co-lo but it’s pretty close and it’s much more affordable! Can’t beat a bit of root access so I can rysnc things off to another box. The box will be backed up off-site every day anyway, and I’ll pull […]

Continue Reading


24 October 2007 | 3,267 views

The Next Evolution – GFI Uncovers MP3 Spam

If you remember a while back we mentioned PDF & Image Attachment Spam – The New Problem with E-mail, now we have another ‘innovation’ in spamming.. MP3 spam! It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast. Spammers […]

Continue Reading


23 October 2007 | 4,382 views

CORE GRASP – PHP Web Application Protection Software

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations. As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license. The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it […]

Continue Reading


22 October 2007 | 6,047 views

Police to Monitor Indian Cyber-Cafes

It seems India are getting serious about terrorist activities being co-ordinated via the Internet, they are starting to run extremely deep surveillance on many cyber-cafes in Mumbai. The solution appears to be some kind of ‘legal’ trojan system that will collect logs and send them to the police The Mumbai police will soon have khabris […]

Continue Reading


19 October 2007 | 15,219 views

HttpBee – Web Application Hacking Toolkit

HttpBee is a swiss-army-knife tool for web application hacking. It is multi-threaded, embedded with scriptable engine and has both command-line and daemon mode (if executed in daemon mode, HttpBee can become an agent of a distributed framework). This is a tool for more advanced users and there isn’t much documentation so if anyone feels like […]

Continue Reading


18 October 2007 | 6,375 views

Cyber Crime Toolkits Go On Sale

This is not exactly new news either, these kind of toolkits have been on sale for a long time, virus generators, trojan toolkits, now they are getting more polished, more stream-lined, more expensive and more easily available. News of them is hitting the mainstream media.. Malicious hackers are producing easy to use tools that automate […]

Continue Reading