Archive | May, 2008


14 May 2008 | 7,248 views

browserrecon – Passive Browser Fingerprinting

Most of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks. Client-based attacks, especially targeting web clients, are becoming more and more popular. [...]

Continue Reading


13 May 2008 | 3,760 views

oCERT – Responsing to Flaws in Open Source Software

So a new initiative – the Open Source Computer Emergency Response Team known as oCERT has been set up one of the main sponsors being Google (read more here – Contributing to Open Source Software Security). The oCERT project is a public effort providing security handling support to Open Source projects affected by security incidents [...]

Continue Reading


12 May 2008 | 12,933 views

Metagoofil v1.4 Released – Metadata and Information Gathering Tool

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website. It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn and so [...]

Continue Reading


09 May 2008 | 19,177 views

Want Some COFEE? Microsoft Computer Online Forensic Evidence Extractor

Microsoft helping the good guys eh? I had someone ask me if I can get a hold of this so I did some checking up on.. I’d guess MS is doing this to sell additional software and services, but either way its a good thing to make a portable, easy to use and effective forensics [...]

Continue Reading


08 May 2008 | 3,894 views

April Commenter of the Month Competition Winner!

Competition time again! As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the eleventh month of the competition in April and are now in the twelfth, starting a few days ago on May 1st – Sponsored by GFI. [...]

Continue Reading


07 May 2008 | 8,767 views

rtpbreak 1.3a Released – RTP Analysis and Hacking

rtpbreak 1.3a has been released, we initially brought you news of this tool back in August 2007 with the first announcement of rtpbreak. With rtpbreak you can detect, reconstruct and analyze any RTP session. It doesn’t require the presence of RTCP packets and works independently form the used signaling protocol (SIP, H.323, SCCP etc). The [...]

Continue Reading


06 May 2008 | 6,149 views

Patch Window Shrinking – Semi-Automated Reverse Engineering

As far as I know this has been happening for some time, sometimes a patch comes out for a vulnerability that many people don’t know about (including the hackers) so they will see what problem the patch fixes (possibly through reverse engineering) then develop an exploit to leverage on the flaw. It seems things are [...]

Continue Reading


05 May 2008 | 14,960 views

Sandman – Read the Windows Hibernation File

This is a pretty new tool and a very cool one, Hibernation is a fairly new feature for Windows so it’s good to see a new tool targeting that. Microsoft provides a feature called Hibernation also know as suspend to disk that aims to save the system state into an undocumented file called hiberfil.sys. This [...]

Continue Reading


02 May 2008 | 6,963 views

US Really Owns Your Data Now!

A while back we reported how US customs owns your data, now it’s getting even worse. 10 days ago the US appeals court gave them rights to COPY all your data without notice even if there are no suspicions. Anyone want to talk about dilution of intellectual property? Privacy? Or just basic human rights.. In [...]

Continue Reading