WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, [...]
It looks like Obama is taking a serious stance on Cyber Security and Cyber Crime with his introduction of a new position which will be known as the ‘Cyber Czar’.
As a senior White House official this is quite a serious position with the responsibility of protecting both the US government networks and looking out for [...]
It’s been a while since the last update of Technitium back in June 2008, the latest release is v5 R2 with support for Windows 7 RC.
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a [...]
The latest news is a few million Chinese Internet users had trouble accessing any websites yesterday due to a DDoS attack on the DNS system from one of the countries registrars.
It just shows that China has an inherently weak infrastructure if such a large portion of people can be disrupted with an attack to a [...]
BugSpy is an interesting web site I came across recently, put together using a Python Framework (django) it aggregates bugs from as many open source projects as it can find. Preferably critical bugs.
You can search by tag (e.g java, email or php ) or by product name (e.g Ubuntu, Typo3 or Samba).
http://bugspy.net/
[...]
I thought this would have been stamped out by now, but sadly it’s still going on. With the advent of cheap web hosting and easy to use CMS systems like Wordpress more and more people are managing their own websites (gone are the days of Geocities).
More people with websites means more FTP details to be [...]
It’s been a few months since the last Retard Update, and it’s definitely been slower since I posted the disclaimer and link on the Contact Page.
There have been some weird ones, one worders, one liners and stuff in foreign languages.
Anyway let’s get started with a classic ‘script-kiddy I can’t operate my computer‘ type mail.
lloyd wrote:
hey [...]
You may remember we wrote about Samurai being released back in November 2008, it’s been quite a while since the last update.
The authors have updated and fixed a number of issues with the environment as well as improved performance of the java based tools. They have also included a virtual machine of the environment. [...]
This latest mass infection is through a vector I really don’t understand, see as though you can legitimately download Windows 7 from Microsoft.
I guess people just prefer BitTorrent downloads to HTTP downloads, and whoever had this smart idea capitalized on that.
Microsoft should perhaps do something about that and put out a legitimate BitTorrent copy. I [...]
Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management [...]
After our recent story about the trading of BlackBerries for data theft the issue has emerged again this time more towards the secure disposal of data stored on PC hard disks.
If a company or organisation has a decent data/information security policy in place (Like ISO27001 for example) they should have a secure destruction/disposal policy as [...]
Durzosploit is a JavaScript exploit generation framework that works through the console. This goal of that project is to quickly and easily generate working exploits for cross-site scripting vulnerabilities in popular web applications or web sites.
Please note that Durzosploit does not find browser vulnerabilities, it only is an framework containing exploits you can use.
At present [...]
The number of Crackberry Blackberry users is increasing exponentially – especially since they released the much sexier Bold and the latest touch-screen Storm.
The latest revelation is that used BlackBerries are being traded, not by the value of the phone but by the value of the data contained on the phone!
It just shows most companies still [...]
Just to put a downer on all the script kiddies, this utility WILL NOT hack/crack Facebook passwords or accounts.
You need to feed it biscuits (cookies) before you can do anything.
You can get the target’s cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing, Scroogle search or however you like.
Once you have the cookies you can use [...]
We did mention Torpig in passing back in January 2008 when talking about the Mebroot rootkit which digs down deep into the Master Boot Record.
It seems like Torpig has been pretty active since then and the latest break is that some security researchers have managed to infiltrate the botnet and collect some data on what [...]
Recently I posted about Charles Web Debugging Proxy and quite a few people mentioned they had been using Fiddler.
Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and “fiddle” with incoming or outgoing data. Fiddler includes a [...]
