Archive | November, 2011


29 November 2011 | 10,658 views

Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones

This is certainly an interesting acquisition and not one I would have expected, I’m not even exactly sure what Twitter is planning and why they would want a company focused on mobile encryption (and specifically on the Android platform). I can’t see any real corporate use for Twitter, so they won’t be pushing the security [...]

Continue Reading


25 November 2011 | 12,677 views

VoIP Hopper 2.01 Released – IP Phone VLAN Hopping Tool

VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in Cisco, Avaya, and Nortel environments. This requires two important steps in order for the tool to traverse [...]

Continue Reading


23 November 2011 | 13,985 views

X-Scan by XFocus – Basic Free Network Vulnerability Scanner

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address range or stand-alone computer by multi-threading method, plug-ins are supported. This is an old tool (last update in 2005), but some people still find it useful and there are certain situations where it can be useful (especially in those jurassic companies using [...]

Continue Reading


22 November 2011 | 10,292 views

OpenPGP JavaScript Implementation Enables Encrypted Webmail

This is a pretty interesting progression in the encryption field, I’m pretty sure most of us here will use some kind of key based e-mail encryption (PGP/GPG etc) and various different software based implementations. Or perhaps some of you already use something totally web-based like Hushmail, the story is that researchers in Germany have managed [...]

Continue Reading


21 November 2011 | 13,515 views

sqlsus 0.7.1 Released – MySQL Injection & Takeover Tool

sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface, you can retrieve the database(s) structure, inject your own SQL queries (even complex ones), download files from the web server, crawl the website for writable directories, upload and control a backdoor, clone the database(s), and much more…Whenever [...]

Continue Reading


18 November 2011 | 8,776 views

Julian Assange Hires Pirate Bay Lawyer

We do write about Julian Assange from time to time – the last time was about WikiLeaks Attacks Causing Rival DDoS Retaliation. Sadly however, the legal issues Mr Assange is facing are nothing to do with his rather famous site, but rather to do with rape. Keep your dick in your pants son, especially if [...]

Continue Reading


17 November 2011 | 9,446 views

GoLISMERO – Web Application Mapping Tool

GoLISMERO helps you to map a web application, displaying the results in a readable format for security auditors and also prepares the results for integration with other web hacking tools as w3af, wfuzz, netcat, nikto, etc. Features Map a web aplication. Show all links and forms params as confortable format. Save results with some formats: [...]

Continue Reading


15 November 2011 | 20,400 views

Private Signed Certificate From Malaysian Government Used To Spread Malware

It wasn’t too long ago (about 6 months) when we reported about Malaysia Government Sites Under Attack From Anonymous – which was somewhat suspicious. And well that’s about the only story we’ve had about Malaysia really. Perhaps that incident and spate of attacks and intrusions had something to do with this most recent story, the [...]

Continue Reading


14 November 2011 | 9,047 views

w3af v1.1 Released For Download – Web Application Attack & Audit Framework

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross [...]

Continue Reading


09 November 2011 | 8,973 views

Apple Bans Security Researcher Charlie Miller For Exposing iOS Exploit

The latest wave in the infosec world is that Apple has banned the well known security researcher – Charlie Miller – from it’s developer program for exposing a new iOS exploit. It’s not really the smartest move as I’m pretty sure anyone as smart as Charlie Miller still has plenty of options – use another [...]

Continue Reading