Archive | September, 2009


28 September 2009 | 55,155 views

FRHACK OS v1 alpha1 – Pentesting/Security LiveCD

FRHACK OS is an updated/modified version of the latest BackTrack 4 ISO with many updated tools and fixes. This means it’s a fully fledged linux pen-testing/security environment. Some included tools & Updates gcc-4.2 sun-java6-jre sun-java6-plugin spoonwep-wpa-rc3.deb airsnort-0.2.7e.tar.gz wepbuster-1.0_beta_0.6 jbrofuzz-jar-15 wfuzz-1.4 tor-0.2.1.19 privoxy-3.0.8-stable-src ophcrack-3.3.1 vncrack_src-1.21 fuzzgrind_090622 A new version (coming with bug fixes, included rainbow tables, [...]

Continue Reading


24 September 2009 | 28,870 views

Twitter DM Phishing Scam

As Twitter gains momentum there are more and more attacks on it, it’s users and the most recent is a phishing scam via DM (Direct Message). It was uncovered recently that it was being used as a Botnet Control Channel, shortly before that it was subjected to a DoS attack. This isn’t the first time [...]

Continue Reading


21 September 2009 | 30,130 views

Websecurify – Web Security Testing Framework

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies. Key Features JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading [...]

Continue Reading


18 September 2009 | 77,268 views

Nasty Trojan Zeus Evades Antivirus Software

This is one nasty piece of malware, seems like it’s working on a low level as per rootkits, there aren’t many technical details but it may well be operating on a Ring 0 level. The level of detection by AV software is quite scary, especially since the malware is specifically targeting bank login details and [...]

Continue Reading


16 September 2009 | 42,848 views

Flawfinder – Source Code Auditing Tool

Flawfinder is a program that examines source code and reports possible security weaknesses (flaws) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public. It’s a static analysis source code auditing tool. Flawfinder is specifically designed to be [...]

Continue Reading


15 September 2009 | 20,767 views

FreeBSD Local Root Escalation Vulnerability

It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go. It’s a pretty serious flaw this time with root escalation, thankfully it’s only a local exploit though and [...]

Continue Reading


14 September 2009 | 23,807 views

4f: The File Format Fuzzing Framework

4f is a file format fuzzing framework. 4f uses modules which are specifications of the targeted binary or text file format that tell it how to fuzz the target application. If 4f detects a crash, it will log crucial information important for allowing the 4f user to reproduce the problem and also debugging information important [...]

Continue Reading


11 September 2009 | 43,449 views

One Of The World’s Most Prolific Music Piracy Groups Busted

Seems like the Feds have been busy in recent year, all kinds of hackers, phishers an dnow pirates are getting arrested and imprisoned for some serious jailtime. The latest in this strung of busts is the music piracy ground RNS or Rabid Neurosis, very eminent in the scene in the late 90s/early 2000s. With P2P [...]

Continue Reading


10 September 2009 | 15,108 views

Haraldscan – BlueTooth Discovery Scanner

I thought a while ago about posting some stuff on Bluetooth hacking, but never got round to it. Have posted a couple of new articles on Bluetooth but haven’t yet posted any tools. So let’s start with Haraldscan – a Bluetooth discovery scanner. The scanner will be able to determine Major and Minor device class [...]

Continue Reading


09 September 2009 | 13,579 views

Cisco & Microsoft Patch TCP Stack DoS Exploit

A fairly serious flaw that was announced in October 2008 by Outpost24 (and apparently discovered way back in 2005), has finally been patched by the major players Cisco and Microsoft. So far Redhat has offered a workaround for the flaw and Juniper has responded that their equipment is not vulnerable. It could be that Juniper [...]

Continue Reading