Archive | Exploits/Vulnerabilities

Advertisements


14 November 2007 | 8,445 views

Inguma 0.0.5 Released for Download – Penetration Testing Toolkit

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. We did mention it back in August when it first hit the streets. With new QT interface: If you haven’t used […]

Continue Reading


09 October 2007 | 2,739 views

SSA Version 1.5.2 – OVAL Vulnerability Assessment Software

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied. Features : OVAL-compatible product SCAP (Security Content Automation Protocol) Perform a deep inventory audit on installed softwares and applications Scan and map vulnerabilities using non-intrusive techniques based on schemas Detect and […]

Continue Reading


24 September 2007 | 4,393 views

Voting Machines Lose to Hackers Again

I’m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed. Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in voting […]

Continue Reading


20 September 2007 | 4,810 views

Major Web Vulnerability Effects Yahoo, MSN, Google and More

I’ve seen this from quite a few sources so it seems it’s fairly legitimate, it seems all major websites have some flaws in the way they implement cookies meaning they are vulnerable to certain types of attack. The only current solution seems to be using full time SSL or https connections full-time, if any of […]

Continue Reading


10 September 2007 | 8,300 views

PIRANA – Exploitation Framework for Email Content Filters

PIRANA is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform. PIRANA’s goal is to test whether or not any vulnerability exists on the […]

Continue Reading


31 August 2007 | 46,568 views

Download pwdump6 and fgdump version 1.6.0 available now.

New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!). For those that don’t know what pwdump or gfdump are.. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on […]

Continue Reading


27 August 2007 | 10,222 views

Pixy – New & Free Open-source XSS and SQL Injection Scanner for PHP Programs

Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task. Pixy is a Java program that performs […]

Continue Reading


21 August 2007 | 5,686 views

Vista Security Claims Debunked – Figures Skewed

Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft. Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’. You can read the report here: Vista 6 Month Vuln Report [PDF] The Microsoft “researcher” claims that Windows Vista […]

Continue Reading


06 August 2007 | 19,232 views

Inguma – Penetration Testing Toolkit

Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the one […]

Continue Reading


20 July 2007 | 229,553 views

Learn to use Metasploit – Tutorials, Docs & Videos

Metasploit is a great tool, but it’s not the easiest to use and some people get completely lost when trying to get the most out of it. To help you guys out here is a bunch of links, videos, tutorials and documents to get you up to speed. You can start with this, a good […]

Continue Reading


Advertisements