Archive | January, 2009


30 January 2009 | 7,625 views

Complemento v0.6 – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool

We first wrote about Complemento 0.4b a little while ago when it first hit the public domain just last month (December 2008). Now there have been 2 major updated versions, the latest being 0.6. What is Complemento? Complemento is a collection of tools that the author originally created for his own personal toolchain for solving [...]

Continue Reading


29 January 2009 | 7,326 views

Kyrgyzstan Taken Offline by Huge Denial of Service Attack

Isn’t it amazing in this day and age an entire country can be knocked offline by Denial of Service attacks! You’d have though it wouldn’t happen any more. I do remember the days when it was fairly easy to take one of the smaller ISPs out in UK, so I guess the infrastructure of some [...]

Continue Reading


28 January 2009 | 15,708 views

Independent Web Vulnerability Scanner Comparison – Acunetix WVS, IBM Rational AppScan & HP WebInspect

I saw a relevant paper published today by an individual that claims the comparison was ordered by a penetration testing company (a company which remains unnamed). The vendors were not contacted during or after the evaluation. Testing Procedure The author tested 13 web applications (some of them containing a lot of vulnerabilities), 3 demo applications [...]

Continue Reading


27 January 2009 | 6,444 views

Gary McKinnon Wins Right to Appeal Against Extradition

We’ve been following the case of the ‘NASA Hacker’ Gary McKinnon since it started in April 2006 when we reported the British Hacker Gary McKinnon Fears Guantanamo. So you can see the case has been going on for quite some time, the most recent news we published about it was UK Hacker Gary McKinnon Loses [...]

Continue Reading


26 January 2009 | 35,283 views

List of Famous Hackers in Computer History Both White Hat and Black Hat

This is a very complete list, probably the most complete one I’ve seen and it includes pictures – pictures of people who rarely have their pictures taken or allow them out on the Internet. The list is according to the proper original definition of a Hacker, as taken from the New Hacker’s Dictionary: A person [...]

Continue Reading


23 January 2009 | 41,934 views

CeWL – Custom Word List Generator Tool for Password Cracking

It seems to be trendy lately to make tools which can create custom or more specific word lists for password cracking, just last week we posted about the web application The Associative Word List Generator (AWLG), which crawls the whole web to look for associated words with a given topic. This application is more towards [...]

Continue Reading


22 January 2009 | 11,829 views

Using Twitter for Data Mining and Information Gathering

We’ve mentioned Twitter a few times lately as it has become a larger and larger part of the social web and the premier ‘micro-blogging’ platform. There was a recent Phishing issue on Twitter and before that Twitter Jacking and a CSRF bug that allowed auto-following. Due to the large update of Twitter, the amount of [...]

Continue Reading


20 January 2009 | 14,824 views

Acunetix Web Vulnerability Scanner 6 Review

As you might know if you’ve been reading for some time, I do occasionally review commercial software if it’s interesting and relevant – the last one I remember doing was back in 2007 “Outpost Security Suite PRO Review“. This time it’s for a much more relevant piece of software IMHO, and one which I actually [...]

Continue Reading


19 January 2009 | 10,002 views

Conficker (AKA Downadup or Kido) Infections Skyrocket To An Estimate 9 Million

There hasn’t been a viral outbreak of this scale for quite some time, Conficker or Downadup as it’s known was only fairly recently discovered (Oct 2008) and has already infected an estimated 9 million machines! It’s spreading fast though and it auto-updates itself via downloads from random domains making it almost impossible to stop as [...]

Continue Reading


16 January 2009 | 6,747 views

FireCAT 1.5 Released – Firefox Catalog of Auditing Extensions

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment FireCAT 1.5 will be the last release of this 1.x branch. In fact, we are working on a new improved version 2.0 (management of plugins, instant download from security-database, ability to [...]

Continue Reading