Archive | Exploits/Vulnerabilities




Fitbit Vulnerability Means Your Tracker Could Spread Malware

So it seems there is a Fitbit vulnerability involving the BlueTooth implementation that can be used to embed self replicating malware onto the wearable fitness tracker. I actually own a Fitbit, and have had previous models too, so this is quite interesting to me. The malware could spread to your PC/Laptop if you’re using the […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking, Malware | Add a Comment

OWASP WebGoat – Deliberately Insecure Web Application

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques. In each lesson, users must demonstrate their understanding of a […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

WinRAR Vulnerability Is Complete Bullshit

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation. I got interested (obviously..as that’s what I do here) and went to read about it, I have to call pretty sketchy, non-technical reporting from the The Register for once, it seems like […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

XcodeGhost iOS Trojan Infected Over 4000 Apps

So the recent XcodeGhost iOS Trojan Infection has escalated quickly, an initial estimate of 39 infected apps has rapidly increased to over 4000! You can see the FireEye announcement here: Protecting Our Customers from XcodeGhost XCodeGhost is the first instance of the iOS App Store distributing a large number of trojanized apps, the malicious/infected apps […]

Tags: , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Malware | Add a Comment

WhatsApp Web vCard Vulnerability Exposed 200M Users

So it seems there was a lot of noise about the WhatsApp Web vCard Vulnerability with over 200 Million people using the desktop version of WhatsApp – it’s a fairly large cache of users to go after. Disclosed by Check Point security, the vulnerability is exploited by sending a vCard contact containing malicious code to […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types. Techniques such […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking | Add a Comment

The Jeep HACK – What You Need To Know

So yah, the big news this week everyone is shouting about is about the Fiat Chrysler Automobiles (FCA) owned Jeep Hack involving the new Cherokee which has remote control software which allows access to the engine, aircon, audio system and brakes – basically the whole car can be controlled remotely as long as you know […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

Dharma – Generation-based Context-free Grammar Fuzzing Tool

Dharma is a tool used to create test cases for fuzzing of structured text inputs, such as markup and script. It takes a custom high-level grammar format as input, and produces random well-formed test cases as output – it can be used as a grammar fuzzing tool. API programming is complex and subtle programming mistakes […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Hacking Team Hacked – What You Need To Know

So the Internet has been blowing up for the last few days about an Italian information security company called Hacking Team getting pwned – they were already pretty famous for their software RCS (Remote Control Software) also known as Galileo. In modern digital communications, encryption is widely employed to protect users from eavesdropping. Unfortunately, encryption […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Legal Issues | Add a Comment

AddressSanitizer – A Fast Memory Error Detector

AddressSanitizer (aka ASan) is a very fast memory error detector for C/C++, Tthe average slowdown of the instrumented program is ~2x. The tool works on x86 Linux and Mac, and ARM Android. AddressSanitizer is based on compiler instrumentation and directly-mapped shadow memory. The tool consists of a compiler instrumentation module (currently, an LLVM pass) and […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·