Archive | 2009


09 January 2009 | 5,474 views

TJX (T.J. Maxx and Marshall’s) Hacker Jailed For 30 Years

You should be familiar with the TJX case by now (TJX Largest Breach of Customer Data in U.S. History) and we’ve been following it here for a couple of years. We reported back in August last year that the TJX Credit Card Hackers were Busted and now one of the 11 guys involved has been [...]

Continue Reading


08 January 2009 | 3,581 views

Time and Attack Mapper AKA TA-Mapper – Time/Effort Estimator Tool For Blackbox Security Assessment

Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for blackbox security assessment (or Penetration Testing) of applications. This tool provides more accurate estimation when compared to rough estimation. Penetration testers who always has hard time explaining/justifying the efforts charged (or quoted) to their customers can find this tool handy by [...]

Continue Reading


07 January 2009 | 7,512 views

Cisco Vulnerability Given ‘Write Once, Run Anywhere’ Treatement

This is an interesting development in router security, Cisco bugs have been popping up now and then – not that often – but usually when they do they are quite serious. The problem with them was you needed so many variations unless you were just targeting one specific router, with that specific version of IOS [...]

Continue Reading


06 January 2009 | 20,806 views

WITOOL v0.1 – GUI Based SQL Injection Tool in .NET

WITOOL is an graphical based SQL Injection Tool written in dotNET. – For SQL Server, Oracle – Error Base and Union Base Interface Features Retrieve schema : DB/TableSpace, Table, Column, other object Retrieve data : retrive paging, dump xml file Log : View the raw data HTTP log Environment OS: Windows 2000/XP/VISTA Requirement: Microsoft .NET(2.0) [...]

Continue Reading


05 January 2009 | 4,654 views

Phishing Attacks Hits Twitter Users – Utilising Direct Messages

I personally received the following direct message on Twitter from someone I know quite well: hey! check out this funny blog about you… http://jannawalitax.blogspot.com/ It’s a link to a fake blogspot URL that redirects to a phishing URL for Twitter, it looks the same as the real login page but the actual URL is: http://twitterblogs.access-logins.com/login [...]

Continue Reading