Archive | April, 2008


16 April 2008 | 23,891 views

Hackers Could Become The Hacked?

It looks like someone is going after the bad guys in a new way, by hacking them back! It’s no news to us that many hacking tools and script kiddy trojan kits are badly programmed..a lot of them have back-doors and the client-side tools have easy exploits that enable you to take over the ‘hackers’ […]

Continue Reading


15 April 2008 | 19,752 views

sqlninja 0.2.2 Released for Download – SQL Injection Tool

Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of […]

Continue Reading


14 April 2008 | 3,812 views

Keep on Fuzzing! Advice

As you will have noticed we’ve posted quite a number of Fuzzing Tools built around different frameworks and in different languages..most for difference targets/purposes too. Fuzzing has definitely exploded in the last year or so as more people try and understand it and code tools to automate the process. There are tools for Web Services […]

Continue Reading


11 April 2008 | 4,910 views

WSGW – Web Security Gateway for Secure Apache

The Web Security Gateway is a security-centric distribution of the Apache web server, bundled with additional security modules, and configured as a front-end (reverse) HTTP proxy. The goal is to mirror most of the features of commercial web application “firewalls”, with free and Open-Source software. The Web Security Gateway provides a configurable caching, authentication, input […]

Continue Reading


10 April 2008 | 7,534 views

Spammers Harnessing Web Mail Servers – Gmail & Yahoo! Throttled

It seems like spammers are now moving to automated spam via popular web mail services as a way to bypass IP-blacklisting services. It’s a large advantage for them as they can still use botnet sources to generate the e-mail but the source IP address will be from a ‘trusted’ domain such as Gmail or Yahoo!. […]

Continue Reading


09 April 2008 | 15,082 views

Wfuzz v1.4 Released for Download – Bruteforcing & Fuzzing Web Applications

A new version of Wfuzz is available, many improvements and fixes since first release which was in the middle of 2007. Fuzzing is definitely in, an article was posted recently about how everyone should keep on fuzzing! Will post it up soon. Wfuzz is a tool designed for bruteforcing Web Applications, it can be used […]

Continue Reading


08 April 2008 | 6,440 views

Kraken Botnet Twice The Size Of Storm

We wrote a while back about a new wave of sophisticated botnets, which were predicted to overtake Storm and become the largest infectors online. It seems like it’s come true, after extensive research Damballa has uncovered the biggest botnet ever, which at present has over 400,000 unique IPs (in a space of only 24 hours) […]

Continue Reading


07 April 2008 | 3,342 views

March Commenter of the Month Competition Winner!

Competition time again! As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the tenth month of the competition in March and are now in the eleventh, starting a few days ago on April 1st – Sponsored by GFI. […]

Continue Reading


04 April 2008 | 19,234 views

ProxyStrike – Active Web Application Proxy

ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so ProxyStrike was born. Right now it has available […]

Continue Reading


03 April 2008 | 6,087 views

Biometric Keylogger Can Grab Fingerprints

Well this is quite scary as biometrics are touted as the ultimate in security and two factor authentication with biometrics is about as ‘heavy’ as most places get. The fact that the biometric data can be ‘sniffed’ reconstructed and re-used…is worrying to say the least. Do any of you have biometric measures in your workplace? […]

Continue Reading