Archive | October, 2008


16 October 2008 | 5,100 views

E-mail Scammers Target Microsoft Users

Microsoft users are being targeted again by malware via e-mail, scammers/spammers never give up and for once the e-mail looks fairly legitimate. Usually this kind of ‘baitware’ is riddled with terrible grammar and horrible spellings, do make sure you brief the less security aware friends you have about this though just in case. Email scams [...]

Continue Reading


15 October 2008 | 14,665 views

Firewalk – Firewall Ruleset Testing Tool

This is another oldskool tool, but still relevant! TCP and UDP still work in the same way and firewalls/edge devices are still often configured wrongly. Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or [...]

Continue Reading


14 October 2008 | 10,974 views

Hacker Posts List of Compromised User Accounts Online

It seems that people are truly shocked when their identities get exposed, and the vast majority use the same single password for ALL of their online accounts. That’s just crazy! A ‘kind-hearted’ hacker recently exposed a bunch of online accounts (with passwords) to gain himself more status in a hacker forum (l33t sk1llz dudebro!). WHEN [...]

Continue Reading


13 October 2008 | 13,897 views

p0f – Advanced Passive OS Fingerprinting Tool

Ah can’t believe I haven’t posted about this one before, one of my favourite tools! It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time. OS fingerprinting is a very important part of a pen-test during the information gathering stage. P0f v2 is a [...]

Continue Reading


10 October 2008 | 5,520 views

Symantec to Buy MessageLabs (Email Spam and Web Traffic Filter)

Some interesting security industry news, it seems like Symantec is really setting itself up to be the Microsoft of the security world. They are buying up anything and everything and merging it into the Symantec borg…things that are successful of course. Their latest acquisition is the popular MessageLabs, a good example of both cloud computing [...]

Continue Reading


09 October 2008 | 17,767 views

NetStumbler – Windows Freeware to Detects Insecure Wireless Networks

Another one from the old school, this tool has been around forever since way before wardriving was fashionable and when people still used pringles cans for antenna boosting. It’s a favourite amongst Windows users, although it can’t do any real hacking (like breaking a WEP key) – it’s extremely fast and effecient in the detection [...]

Continue Reading


08 October 2008 | 4,305 views

MI6 Sells Digital Camera on Ebay Containing Terrorist Images

Another classic data leakage….and once again it happened on Ebay! This time it’s a British agency known as MI6 (Secret Intelligence Service) demonstrating a distinct lack of intelligence. How on earth does something like even happen? Even smaller agencies and companies I’ve worked with have rigorous data destruction policies when old equipment is recycled or [...]

Continue Reading


06 October 2008 | 6,657 views

fwknop – Port Knocking Tool with Single Packet Authorization

Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the “FireWall KNock OPerator”, and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a [...]

Continue Reading


03 October 2008 | 8,435 views

THC-ePassports – THC Clones Biometric ePassport – Elvis Presley Passport

I guess most people have been led to believe this new generation of ePassports or biometric passports are more secure, will help us keep our privacy intact and help us mitigate against identity theft. Well how wrong the propaganda is! THC (famous for their tools and research in security) has just released some technical information, [...]

Continue Reading


01 October 2008 | 26,409 views

Superscan v4.0 – Fast TCP & UDP Port Scanner for Windows

This is another tool that has been around for a long time and I’ve been using it for years since it’s earliest versions, oddly however I’ve never posted about it. So here it for the few of you that haven’t heard of it, probably the best port scanner on the Windows platform, very fast and [...]

Continue Reading