Archive | March, 2011


30 March 2011 | 6,659 views

NASA Systems At Risk From Hacking Attacks

It’s not surprising really, when I learned that the recently retired NASA space shuttle was still using 5.25″ floppy drives – I suspected that much of the NASA IT architecture was probably antiquated. Also the recent SCADA related security scare, indicated the industrial and large-scale systems probably aren’t the most secure around. Combine those two [...]

Continue Reading


29 March 2011 | 10,603 views

T50 – Experimental Mixed Packet Injector & Network Stress Testing Tool

T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform “Stress Testing”. It is a powerful and an unique packet injection tool, that is capable of the below: 1 – Send sequentially (i.e., ALMOST on the same time) the following protocols: ICMP: Internet Control Message Protocol IGMP: Internet Group [...]

Continue Reading


25 March 2011 | 8,600 views

RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken

About a week ago we tweeted about the “Open Letter” from RSA to customers, a rather vague letter. If you haven’t read it yet, you can do so here. To summarise, they basically said “Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. [...] Our investigation also revealed [...]

Continue Reading


24 March 2011 | 8,952 views

CAT – Web Application Security Test & Assessment Tool

CAT is designed to facilitate manual web application penetration testing for more complex, demanding application testing tasks. It removes some of the more repetitive elements of the testing process, allowing the tester to focus on individual applications, thus enabling them to conduct a much more thorough test. Conceptually it is similar to other proxies available [...]

Continue Reading


23 March 2011 | 7,348 views

Exploits For Popular SCADA Programs Made Public

SCADA is not something we’ve mentioned before, we have covered related areas with articles such as – Industrial Control Systems Safe? I Think Not. Plus the whole Stuxnet thing which was able to attack nuclear plants. In a way I find it ironic because so much more emphasis these days is put on the security [...]

Continue Reading


22 March 2011 | 9,996 views

Smooth-Sec – All In One Pre-Configured IDS/IPS System

Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) Linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring. Smooth-Sec is built on Ubuntu 10.04 LTS using the TurnKey Core base as development platform. Functionality is the key point that allows a user to [...]

Continue Reading


21 March 2011 | 13,054 views

Dutch Court Rules Wi-Fi Hacking Legal In Holland

Interesting case and a very interesting interpretation of the laws of Holland which lead to this decision which means the Dutch can hack in Wireless routers legally. We published a story about the ethics of jacking open Wi-Fi connections way back in 2006, when a supposed ethics expert said it was ok: Jacking Wifi is [...]

Continue Reading


18 March 2011 | 20,680 views

Wophcrack – Web Based Interface For Ophcrack Password Cracking Tool

I’m assuming everyone reading already knows about Ophcrack – the awesome time/memory trade-off password cracker. Well here is a nifty web-based interface for it. Rainbow Tables are really useful when cracking password hashes, but one major disadvantage of these tables is their size which can be hundreds of gigs for complex tables. The author thought [...]

Continue Reading


17 March 2011 | 13,966 views

Web Hacking Incident Database Shows DoS Attacks On The Rise

It seems like the formidable Anonymous army has managed to change the weighting of stats collected by the Web Hacking Incident Database (WHID) with it’s vast array of DDoS attacks. We’ve reported on a couple of them like back in December when the WikiLeaks Attacks Caused Rival DDoS Retaliation. There have been a whole lot [...]

Continue Reading


16 March 2011 | 29,857 views

Ophcrack 3.3.1 & LiveCD – Free Rainbow Table Password Cracking Tool

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. It works based on a time-memory trade-off using rainbow tables. This is a new variant of [...]

Continue Reading