Archive | October, 2008


31 October 2008 | 4,515 views

Morris Worm To Turn 20 – How Far Things Have Come

Robert Tappan Morris is a character of Internet lore, anyone who has studied Computer Science, Software Engineering or Computer Security will have heard of this guy. He’s pretty much the fellow that made the Internet famous (for all the wrong reasons) and the first creator of a bit of self-replicating network based malware (now known […]

Continue Reading


30 October 2008 | 14,163 views

Sam Spade – Network Investigation Tool for Windows

Sam Spade is one of the oldest network security tools around in terms of a neat package containing a lot of stuff you need, it’s one of the first things I used when I got into information security and I was on a crusade against spammers and scammers. It has all kinds of useful tools […]

Continue Reading


29 October 2008 | 7,930 views

Google Hacking Back in The News – Google Takes Action

Google hacking was the big thing back in 2004, I actually did a talk on it in Hack in the Box 2004, it’s resurfaced again as a serious threat with Google noticing more queries relating to things like social security numbers. The Google Hacking Database has been active for years now and there are hundreds […]

Continue Reading


28 October 2008 | 10,957 views

sqlmap 0.6.1 released – Automatic SQL Injection Tool

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, […]

Continue Reading


24 October 2008 | 5,805 views

Microsoft Rushes Out Critical RPC Bug Fix

Now this doesn’t happen all that often, it must be really serious! An Out-of-Band patch from Microsoft (since it’s famous ‘Patch Tuesday‘ it only releases patches on the second Tuesday of each month) has been released for a new RPC flaw. I’d imagine it’s similar to the RPC flaw that spawned such disasters as Blaster […]

Continue Reading


23 October 2008 | 24,168 views

XSS-Proxy – Cross Site Scripting Attack Tool

XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The documents, tools and other content on this site assume you have a basic understanding of XSS issues and existing exploitation methods. If you are not famliar with XSS, then I recommend you check out the primer links/docs below to get a better of idea of what […]

Continue Reading


22 October 2008 | 17,599 views

Swiss Researchers Sniff Password from Wired Keyboard

Now this is an interesting twist on an oldschool method of hacking, the monitoring of electromagnetic radiation. You’d think it’d be easier to sniff the traffic from a wireless keyboard, but generally it’s not as they tend to be encrypted. Where as the electromagnetic radiation given off by a wired keyboard is not shielded or […]

Continue Reading


21 October 2008 | 42,557 views

lm2ntcrack – Microsoft Windows NT Hash Cracker (MD4 -LM)

We have covered quite a lot of Password Cracking tools and it’s not often a new one comes out, this one is for quite a specialised purpose (not a general all-purpose password cracker like John the Ripper or Cain & Abel), although you do need to use it alongside JTR. This tool is for instantly […]

Continue Reading


20 October 2008 | 12,036 views

DarkMarket Carding (Credit Card Fraud) Site Part of FBI Sting

You may remember the story about the Pro ATM Hacker ‘Chao’ and his Tips a while back, apparently that was the start of a big global sting operation on credit card fraud. Chao was admin/moderator on a community of carders (where they bought/sold stolen credit card info) called DarkMarket and the first to be busted, […]

Continue Reading


17 October 2008 | 14,309 views

Web-Harvest – Web Data Extraction Tool

Web-Harvest is Open Source Web Data Extraction tool written in Java. It offers a way to collect desired Web pages and extract useful data from them. In order to do that, it leverages well established techniques and technologies for text/xml manipulation such as XSLT, XQuery and Regular Expressions. Web-Harvest mainly focuses on HTML/XML based web […]

Continue Reading