Archive | Exploits/Vulnerabilities




In 2016 Your Wireless Keyboard Security Still SUCKS – KeySniffer

So you’d probably imagine that Wireless Keyboard Security is a 1998 problem and you shouldn’t even have to worry about that any more. And you’d be wrong – two-thirds of wireless keyboards, from MAJOR manufacturers are not even vaguely secure. It turns out, in 2016 when cryptography is mainstream, open-source and fairly easy to implement […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

ERTS – Exploit Reliability Testing System

ERTS or Exploit Reliability Testing System is a Python based tool to calculate the reliability of an exploit based on the number of times the exploit is able to control EIP register with the desired address/value. It’s created to help you code reliable exploits and take the manual parts out of running and re-running exploits […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

shadow – Firefox Heap Exploitation Tool (jemalloc)

shadow is a new, extended (and renamed version) of a Firefox heap exploitation tool, which is quite a swiss army knife for Firefox/jemalloc heap exploitation. If you want to dive in really deep to this tool, and the technicalities behind it check this out – OR’LYEH? The Shadow over Firefox [PDF] Support shadow has been […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Intel Hidden Management Engine – x86 Security Risk?

So it seems the latest generation of Intel x86 CPUs have implemented a Intel hidden management engine that cannot be audited or examined. We can also assume at some point it will be compromised and security researchers are labelling this as a Ring -3 level vulnerability. This isn’t a new issue though, people have been […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

TeamViewer Hacked? It Certainly Looks Like It

So is TeamViewer Hacked? There’s no definitive answer for now as they aren’t admitting to anything – but it does look very suspicious. The whole service was down for a few hours, the domains were apparently pointing to Chinese IP addresses (DNS Hijacking?) and no-one could login. A whole bunch of users also turned up […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible to remote code execution. It’s pretty widely used software too and very public, if you use an app online that lets […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

So another data breach, and no surprise here, but another dating site. This time the BeautifulPeople.com Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private now is it. And no surprise either the entry point for this leak, was the not-so excellent NoSQL database MongoDB which […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment

Apple Will Not Patch Windows QuickTime Vulnerabilities

Much like Adobe Flash, QuickTime from Apple is a bit of a relic some pretty serious, remote code execution type Windows QuickTime Vulnerabilities were recently discovered by Trend Micro. Apple has officially stated that they won’t be fixing them and the official line on this, is to uninstall QuickTime. I guess a lot of people […]

Tags: , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Windows Hacking | Add a Comment

BADLOCK – Are ‘Branded’ Exploits Going Too Far?

So there’s been hype about this big exploit coming, for over a month, before anything was released. It had a name, a website and a logo – and it was called Badlock. And now it’s out, and it’s more like Sadlock – really a local network DoS against DCE/RPC services on Windows and Linux with […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, General Hacking | Add a Comment

DROWN Attack on TLS – Everything You Need To Know

So SSL in general is having a rough time lately, now with the SSLv2 DROWN attack on TLS. And this is not long after Logjam and a while since Heartbleed, POODLE and FREAK. DROWN is a cross-protocol attack that can decrypt passively collected TLS sessions from up-to-date clients and stands for Decrypting RSA with Obsolete […]

Tags: , , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·