Archive | April, 2009


14 April 2009 | 4,414 views

Twitter Battered By Powerful Worm Attacks

We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues. It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace. Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered a [...]

Continue Reading


13 April 2009 | 6,995 views

Watcher – Passive Analysis Tool For HTTP Web Applications

Watcher is a run time passive-analysis tool for HTTP-based Web applications. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads, cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more. Major Features: Passive detection of [...]

Continue Reading


10 April 2009 | 9,425 views

Conficker Finally Awakes & Dumps Payload

So it seems something big was brewing with Conficker, they just didn’t want to do what everyone expected and unleash it on April 1st when all eyes were on them. Smart move really, they kept quiet and waited a week or so after before dropping some fairly serious and complex payloads (encrypted rootkits). It seems [...]

Continue Reading


09 April 2009 | 11,793 views

Interceptor – Wireless Wired Network Tap (Fon+)

The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. Most tools are designed to pass a copy of the traffic onto a specified wired interface which is then plugged into a machine to allow a user to monitor the [...]

Continue Reading


08 April 2009 | 2,871 views

Microsoft Puts Hold on Forefront Security Product Range

Microsoft is in the news again, but this time for holding back on something security related. It seems like they want to have some extra time for development, and well perhaps some business related factors come into play too. A lot of Windows networks use ISA (as it used to be called) – in the [...]

Continue Reading


07 April 2009 | 5,854 views

Webtunnel 0.0.5 Released – HTTP Encapsulation and Tunnel Tool

Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server. In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does [...]

Continue Reading


06 April 2009 | 9,533 views

How to Scan for Conficker Worm

A bit of an update to the conficker worm that is supposedly scheduled for new updates and instructions today wednesday 1st. April 2009 and that nobody except for the bad guys knows what those instructions would be. Fyodor has rolled out a new nmap beta release to the nmap scripting engine that enables it to [...]

Continue Reading


03 April 2009 | 7,413 views

UCSniff – VoIP/IP Video Sniffing Tool

UCSniff is an exciting new VoIP Security Assessment tool that leverages existing open source software into several useful features, allowing VoIP owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C, and initially released for Linux systems, the software is freely available for anyone to download, [...]

Continue Reading


02 April 2009 | 7,847 views

Conficker Day – April 1st – Uneventful

So the big Conficker scare of April 1st has passed without any real events, no major sites taken down, no major online terror campaigns spawned. Just a new more sophisticated, harder to stop version of Conficker updating from a longer list of domains. It seems like this malware might be here to stay and infecting [...]

Continue Reading


01 April 2009 | 22,029 views

winAUTOPWN – Windows Autohacking Tool

winAUTOPWN is a TooL to Autohack your targets with least possible interaction. The aim of creating winAUTOPWN is not to compete with already existing commercial frameworks like Core Impact (Pro), Immunity Canvas, Metasploit Framework (freeware), etc. which offer autohacks, but to create a free, quick, standalone application which is easy to use and doesn’t require [...]

Continue Reading