Archive | October, 2007


16 October 2007 | 2,288 views

Posts Restored & Business (almost) Back to Usual

Ok I’ve just painstakingly restored all the posts I could find since September 10th until now from Google Cache. I’ve worked out the maximum posts missing would be 1 as I could get the cache back to September 12th and the latest post before that is September 10th, or I might not have posted on [...]

Continue Reading


13 October 2007 | 4,995 views

bookmark me

Heard about the recent server crash, and I also fell a bit alerted by this incident, because I as the web hosting providers don’t do regular backup…. anyway what am I going to talk about now? Bookmarklets, we all know them, there new, hip, and full of color …. What are bookmarklets? Little javascript snippets [...]

Continue Reading


11 October 2007 | 3,233 views

Server Crash

There was a massive failure on our web-host resulting in almost 100% data loss, our own back-up was from September 10th so we are trying to restore the site to full capacity as we speak. It’s in a bit of a mess at the moment, but we’ll get it back up to speed at latest [...]

Continue Reading


09 October 2007 | 2,727 views

SSA Version 1.5.2 – OVAL Vulnerability Assessment Software

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied. Features : OVAL-compatible product SCAP (Security Content Automation Protocol) Perform a deep inventory audit on installed softwares and applications Scan and map vulnerabilities using non-intrusive techniques based on schemas Detect and [...]

Continue Reading


08 October 2007 | 6,495 views

Storm Worm Descends on Blogspot

It seems like spammers, scammers, phishers and now malware authors are starting to leverage blogs more and more, especially Blogger/Blogspot as Google tend to be quite slow in responding and sometimes don’t respond at all. This makes it an ideal platform for dodgy behaviour as the crooks have adequate lead time to con/infect people before [...]

Continue Reading


05 October 2007 | 22,228 views

Official release of SQL Power Injector 1.2 – Download Now!

SQL Power Injector is a graphical application created in .NET 1.1 that helps the penetrating tester to inject SQL commands on a web page. For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Moreover this application [...]

Continue Reading


04 October 2007 | 7,069 views

New German Hacking Law 202(c) – Sites Close & Possible Backfire

This has been floating around for a while and you might have noticed a warning on some German based security sites that they’ve had to move their tools due to this new legislation known as 202(c) – a couple of examples are KisMAC and Phenoelit. Basically the new law prohibits manufacturing, programming, installing, or spreading [...]

Continue Reading


03 October 2007 | 4,528 views

unmask.py – Statistical E-mail & Blog Profiling

This is a cool tool I found recently amongst all the flame wars in the security mailing lists, someone developed this tool to profile the semantics of text. Basically you pump in a load of e-mails from a known source, then compare it to the anonymous socks and see what probability it is that they [...]

Continue Reading


03 October 2007 | 2,671 views

September Commenter of the Month Competition Winner!

ompetition time again! It wasn’t that close this month, activity seems to have dropped off a bit, but we had a wider variety of comments and some good quality – which is important! As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of [...]

Continue Reading


02 October 2007 | 20,809 views

Common Criteria Web Application Security Scoring (CCWAPSS) Released

The purpose of the scoring scale CCWAPSS is to share a common evaluation method for web application security assessments/pentests between security auditors and final customers. This scale does not aim at replacing other evaluation standards but suggests a simple way of evaluating the security level of a web application. CCWAPSS is focused on rating the [...]

Continue Reading