Archive | 2014


25 October 2014 | 361 views

Microsoft Zero Day OLE Vuln Being Exploited In Powerpoint

So the latest news is, don’t open any .ppt files if you aren’t entirely sure where they came from as there is a Microsoft Zero Day vulnerability in OLE (Object Linking and Embedding) handling in Microsoft Office that is currently being exploited in the wild by malicious Powerpoint slide decks. Not that anyone reading this [...]

Continue Reading


23 October 2014 | 1,270 views

Pipal – Password Analyzer Tool

Pipal is a password analyzer tool that can rapidly parse large lists of password and output stats on the contents. Pipal will provide you with stats on things like the most frequently used password, password lengths, dates (months/days/years) or numbers used, the most common base words and much more. It also makes recommendations based on [...]

Continue Reading


21 October 2014 | 1,597 views

Apple’s OS X Yosemite Spotlight Privacy Issues

So Apple pushed out it’s latest and great OS X version 10.10 called Yosemite, but it’s facing a bit of an uproar at the moment about some Spotlight privacy issues. For those who are not familiar, Spotlight is some kinda of super desktop search that searches everything on your computer (and now also the Internet) [...]

Continue Reading


18 October 2014 | 1,782 views

RIPS – Static Source Code Analysis For PHP Vulnerabilities

RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced [...]

Continue Reading


16 October 2014 | 2,749 views

Everything You Need To Know About POODLE SSLv3 Vulnerability

So yah, it’s been quite a year – not long after Heartbleed and then Shellshock we now have POODLE SSLv3 vulnerability. Yes, that’s right – POODLE. It is actually an acronym this time though, yay (Padding Oracle On Downgraded Legacy). Is it a huge risk? Not really as it doesn’t allow any type of remote [...]

Continue Reading


14 October 2014 | 786 views

ThreadFix – Vulnerability Aggregation & Management System

ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and applications. The system allows companies to correlate testing results and streamline software remediation [...]

Continue Reading


10 October 2014 | 1,345 views

Retarded E-mails – Satilight Hacking, Website Cloning, Detailo & More!

It’s been a good 3 years since my last entry in this category and I’ve had a steady stream of retarded e-mails recently fit for posting. Plus I actually had 1-2 people e-mail me and tell me they missed the posts in the Retards category and that it always gave them a good laugh – [...]

Continue Reading


08 October 2014 | 2,030 views

IPFlood – Simple Firefox Add-on To Hide Your IP Address

IPFlood (previously IPFuck) is a Firefox add-on created to simulate the use of a proxy. It doesn’t actually change your IP address (obviously) and it doesn’t connect to a proxy either, it just changes the headers (that it can) so it appears to any web servers or software sniffing – that you are in fact [...]

Continue Reading


06 October 2014 | 1,071 views

JPMorgan Hacked & Leaked Over 83 Million Customer Records

So yah last week we all discovered, OMG JPMorgan Hacked! This set a lot of people on edge as JPMorgan Chase & Co is the largest US bank by assets – so it’s pretty seriously business. The breach happened back in July and was only disclosed last Thursday due to a filing to the US [...]

Continue Reading


03 October 2014 | 2,577 views

iSniff-GPS – Passive Wifi Sniffing Tool With Location Data

iSniff GPS is a passive wifi sniffing tool which sniffs for SSID probes, ARPs and MDNS (Bonjour) packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based solely on information each device discloses about previously [...]

Continue Reading