Archive | June, 2011


29 June 2011 | 12,081 views

Groupon India Subsidiary Leaks 300,000 Plain Text User Passwords

Oh look! Another data-leak, this was was pretty bad as it contained plain-text passwords (who on earth doesn’t hash their passwords in the DB in 2011?!). Anyway this time it was a Groupon subsidary – Sosata.com which managed to leak the e-mail addresses and plain-text passwords for 300,000 users AND on top of that, Google [...]

Continue Reading


28 June 2011 | 22,310 views

Metasploitable – Test Your Metasploit Against A Vulnerable Host

Ok so you’ve got Metasploit loaded up, you’ve read the Metasploit Tutorials & Watched the Videos – but you’ve still got no idea what to do next and don’t have anything to test against. It’s not exactly new, but I guess a lot of people still don’t know about it. Basically if you don’t know [...]

Continue Reading


27 June 2011 | 6,095 views

Last Chance To Get 10% Off Penetration Testing – Student Course

A couple of weeks back we posted about the new course suited to beginners by eLearnSecurity – we also offered an exclusive 10% Discount for Darknet readers – Penetration Testing – Student Course/Training by eLearnSecurity (Get 10% Off Until June 30th!). This is just a reminder that this offer expires in THREE days on June [...]

Continue Reading


23 June 2011 | 6,831 views

ksymhunter – Routines For Hunting Down Kernel Symbols

Routines for hunting down kernel symbols from from kallsyms, System.map, vmlinux, vmlinuz, and remote symbol servers. Examples:

And..

You can download ksymhunter v1.0 here: ksymhunter.tar.gz Or read more here.

Continue Reading


21 June 2011 | 9,788 views

Hackers Exploiting Latest Adobe Flash Bug On Large Scale

It’s very out of character for Adobe – but they’ve actually released two out of band patches in the last week or so. They’ve had to patch 4 times in the past 2 months – that’s a total of 6 times in 2011 so far – with 5 out of those 6 being for critical [...]

Continue Reading


20 June 2011 | 10,973 views

Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool

It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range [...]

Continue Reading


16 June 2011 | 10,188 views

Malaysia Government Sites Under Attack From Anonymous

The big news in Asia this week is that Anonymous has found a new target – the Malaysian government. Recently the Internet regulator in Malaysia (SKMM) issued a notice to all the ISPs in the South-East Asian country to block 10 domains associated with copyright infringement. Following that, Anonymous released a manifesto against the Malaysian [...]

Continue Reading


15 June 2011 | 8,819 views

Skipfish 1.94b Released – Active Web Application Security Reconnaissance Tool

It’s been a while since we last mentioned Skipfish, it was back in March 2010 when they first came out. Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the [...]

Continue Reading


13 June 2011 | 7,268 views

IMF (International Monetary Fund) Suffer Major Breach In Sophisticated Cyberattack

Oh dear, another big organization has fallen foul to the whole RSA SecurID hack – it seems that way anyway. In combination with a Spear Phishing attack (similar to the one carried out on high level US officials via Gmail recently) hackers have busted the IMF wide open. It seems to be a very targeted [...]

Continue Reading


09 June 2011 | 10,257 views

Penetration Testing – Student Course/Training by eLearnSecurity

Introduction You may remember a while back we reviewed the Penetration Testing – Pro course by eLearnSecurity here – eLearnSecurity – Online Penetration Testing Training and we posted about the course update here – Penetration Testing Course Pro 1.1 – New Version & New Module. The latest news is they’ve come out with a truly [...]

Continue Reading