Archive | Exploits/Vulnerabilities




Google Releases New Browser Chrome – Vulnerabilities on First Day

So as most of you probably know the big buzz on the Internet last week was that Google (after supporting Firefox for so long) have actually launched their own browser. It’s cooled Google Chrome. Now of course in typical Google fashion they call it BETA software, and a number of flaws have popped up during […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

ISR-evilgrade – Inject Updates to Exploit Software

ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims DNS […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

OpenVAS – Open Vulnerability Assessment System (Nessus is Back!)

As you all probably known since version 3 Nessus turned to a proprietary model and started charging for the latest plugins locking most of us out. Now we finally have a new, properly organised forked development with the name of OpenVAS – at last a decent and free Vulnerability Scanner! OpenVAS stands for Open Vulnerability […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking | Add a Comment

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows

PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment

HD Moore’s Company BreakingPoint Suffers DNS Attack

It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint. It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking, Spammers & Scammers | Add a Comment

Site Guesses Your Gender via Browsing History

This is a pretty old issue, but this is an interesting new implementation of an old idea. Using your browser history and by matching your browsing habits the site attempts to guess your gender with a weighting system according to the gender demographics for a list of fairly popular sites. It’s not super accurate unless […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment

Pass-The-Hash Toolkit v1.4 Released for Download

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Password Cracking, Windows Hacking | Add a Comment

Widespread Flaws in Online Banking Systems

After a recent survey it shows online banking may not be as secure as you might think. People tend to think banks are the pinnacle of security and that assumption continues to their websites. Sadly however, even in my own personal experience, the truth is far from that. Many many banks have flaws that can […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment

Exploit for Kaminsky DNS Bug Goes Wild

There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild. To top that, they have already been ported into Metasploit! I hope all the major ISPs are in a patching frenzy right now and not thinking to themselves […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking, Web Hacking | Add a Comment

Zodiac – DNS Protocol Monitoring and Spoofing Tool

Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet routines or packet […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·