Archive | February, 2009


26 February 2009 | 24,336 views

SSLstrip – HTTPS Stripping Attack Tool

This tool provides a demonstration of the HTTPS stripping attacks that was presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which [...]

Continue Reading


25 February 2009 | 7,370 views

Hackers Targeting Xbox Live Players with DoS Attacks

Well the day has come when money-minded botnet owners have turned their services towards online gaming. For a small fee (USD20) you can get someone to set you up with the software to ‘boot’ people from the Xbox Live network. It’s always been a problem in gaming, if something can get hold of your IP [...]

Continue Reading


24 February 2009 | 7,167 views

WMAT Released – Web Mail Auth Tool For Testing Web Mail Logins

WMAT is Web Mail Auth Tool that provide some essential functions for testing web mail logins, written in python with support of pyCurl. How it works? It is very simple, You give WMAT file with usernames, file with passwords, URL of web mail app and chose pattern for attack. Patterns are XML files that define [...]

Continue Reading


23 February 2009 | 5,583 views

Hackers Target 0-Day Vulnerability In Adobe PDF Reader & Acrobat

Another flaw in the Adobe product suite! It seems like PDF is turning into a complex animal, complexity of course always brings more security issues. It was only back in February last year when there was a bug in Adobe Reader, and almost exactly a year later another one. This time it’s a zero-day just [...]

Continue Reading


20 February 2009 | 6,501 views

DShield Web Honeypot Project – Alpha Version Released

For those of you who are not familiar with DShield (where have you been? under a rock?) it’s a Cooperative Network Security Community. Basically what that means is they collect firewall logs and map out the trends. Like when there was a worm going around that bruteforced SSH2 you could see a spike in port [...]

Continue Reading


19 February 2009 | 25,418 views

Satellite Feed Hacking – Your Data Isn’t Private!

Hardware hacking is an interesting area and something not too many people get into as the soldering irons, capacitors and chipsets seem daunting. I did have a play around with cable boxes and satellite feeds in my earlier years and was surprised to find how insecure they were. Most traffic is transmitted unencrypted, the stuff [...]

Continue Reading


18 February 2009 | 41,043 views

Fast-Track 4.0 – Automated Penetration Testing Suite

The latest big buzz is Fast-Track released recently at ShmooCon by Securestate, basically Fast-Track is an automated penetration suite for penetration testers. For those of you new to Fast-Track, Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally [...]

Continue Reading


17 February 2009 | 16,271 views

NSA Together With Mitre CWE and SANS Identifies Top 25 Programming Errors

Secure programming is a huge issue and it’s the lack of it that causes all the problems we have with vulnerabilities and the exploits associated with them. If everywhere developers followed secure programming practices we wouldn’t have buffer overflow issues or unsanitized parameters leading to SQL Injection. The NSA (National Security Agency), working with MITRE, [...]

Continue Reading


16 February 2009 | 52,630 views

BackTrack BETA 4 Released for Public Download

The Remote Exploit Development Team is happy to announce the release of BackTrack 4 Beta. In this latest version of BackTrack 4 there have been some conceptual changed and some new and exciting features. The most significant of these changes is the expansion from the realm of a Pentesting LiveCD towards a full blown “Distribution”. [...]

Continue Reading


13 February 2009 | 5,184 views

Microsoft Offers $250K Bounty for Conficker Author

We did mention Conficker when it broke out back in January causing one of the largest scale infections ever seen (an estimated 9 million machines in just a few months). The latest news is that Microsoft are offering a bounty to catch the author of the malware, we have seen this back in 2003/4 (The [...]

Continue Reading