Archive | 2008


31 December 2008 | 3,637 views

Happy New Year For 2009 From Darknet

Well it’s December 31st again that means shortly another year will be over and we will be ushering in 2009. Let’s hope for another year full of exciting tools, new developments, more Microsoft exploits (and timely patches) and interesting issues to discuss. I’d like to take this chance to thank you all for your continuing [...]

Continue Reading


30 December 2008 | 9,114 views

Burp Suite v1.2 Released – Web Application Security Testing & Attack Platform

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility. Burp Suite [...]

Continue Reading


24 December 2008 | 7,069 views

Retarded E-mails – ATM Cards, Very Important Details, VOIP Testing Tools and MORE!

Merry xmas everyone, here is the year end summary of retarded e-mails. We have had a splendid amount of retarded comments recently too and some decent e-mails too (but all asking the same thing “How do I start learning to be a hacker, what should I do, what should I read etc..I’ll write a post [...]

Continue Reading


23 December 2008 | 6,717 views

Microsoft Warns of Serious MS-SQL 2000 & 2005 Vulnerability

Another big flaw has been discovered in Microsoft software just a few days after they broke their patch cycle to issue a patch for the IE bug that allowed remote code execution. This time however it doesn’t really effect home users or the general consumer, it’s a more specific server side vulnerability affecting Microsoft SQL [...]

Continue Reading


22 December 2008 | 10,703 views

MultiInjector v0.3 Released – Automatic SQL Injection and Defacement Tool

You might remember a while ago we posted about MultiInjector which claims to the first configurable automatic website defacement tool, it got quite a bit of interest and shortly after that it was updated. Anyway, good or bad I think people deserve to know what is out there. Features Receives a list of URLs as [...]

Continue Reading


19 December 2008 | 3,858 views

Virtualization Security – IT Managers and Security Experts Disagree

A lot of companies are moving towards virtualization, blade servers and sharing hardware components makes sense when you can have multiple logical servers on one physical machine. I’ve used VMWare in a few situations myself but mostly I don’t see a real requirement for using virtual machines (apart from hosting with a VPS). There have [...]

Continue Reading


18 December 2008 | 6,561 views

sqlmap 0.6.3 Released – Automatic SQL Injection Tool

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back end database management system [...]

Continue Reading


17 December 2008 | 3,234 views

Microsoft Breaks Patch Cycle to Issue IE Patch

Well it has happened before, quite recently in fact – back in October Microsoft rushed out a patch for the RPC exploit, which was the first time in 18 months they had issued an out of band patch. Now just a couple of months later they are releasing another one (which should be available today [...]

Continue Reading


16 December 2008 | 6,430 views

Complemento v0.4b – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool

An interesting collection of tools for pen-testing including a DoS tool (something you don’t often see publicly released). Complemento is a collection of tools that the author originally created for his own personal toolchain for solving some problems or just for fun. Now he has decided to release it to the public. The Tools LetDown [...]

Continue Reading


15 December 2008 | 7,896 views

IE7 Exploit Also Affects IE5, IE6 and IE8! More Users In Trouble

I’m sure you’ve heard about the Microsoft IE7 Exploit that allows Remote Code Execution on XP & Vista, it turns out it’s actually much worse than first expected. The exploit also affects IE5.01, IE6 and IE8 on all OS versions! That’s a pretty worrying turn of events for MS especially as they are seemingly leaving [...]

Continue Reading