Archive | Exploits/Vulnerabilities


26 June 2007 | 11,627 views

The Kcpentrix Project – Penetration Testing Toolkit LiveDVD

The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators What’s New in KcPentrix 2.0 Now release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a […]

Continue Reading


25 June 2007 | 6,905 views

Hackers Invited to Crack Internet Voting

This is some pretty interesting news, rather than trying to cover things up like normal during July the Philippine government will be soliciting hackers to test the security of their Internet voting system. I think it’s a great initiative from the International Foundation for Electoral System. Local and foreign computer hackers will be tapped to […]

Continue Reading


06 June 2007 | 10,146 views

Zalewski (lcamtuf) Strikes Again – More Vulnerabilites in IE and Firefox

Our Polish friend and expert security researcher, Michal Zalewski (lcamtuf), known for his endless stream of vulnerabilities in all manners of software, has struck again. This time with some pretty serious flaws in both Internet Exploder Explorer and Firefox. This time it’s 4, 2 in IE and 2 in Firefox. The first which effects fully […]

Continue Reading


21 May 2007 | 8,758 views

Cisco IOS FTP Backdoor Ripe for Hackers

Another flaw in Cisco’s IOS, this time a problem with FTP, the mechanism used to update the firmware on Cisco devices (routers & switches mostly). You really don’t want someone playing around with your configuration files on your router do you? IOS FTP, which comes disabled by default in IOS, is used to upload IOS […]

Continue Reading


07 May 2007 | 21,354 views

Hacker Files, Tools & Software Repository – leetupload.com

This site is dedicated as a repository for “hacking” programs for Windows and Linux. Please note that hacking means nothing but tweaking or cleverly resolving a problem. Use the programs as you wish, but this site or its provider are not responsible in terms of how you use these programs, (i.e. for educational purposes only). […]

Continue Reading


26 April 2007 | 3,711 views

SSA 1.5.1 Released – Security System Analyzer an OVAL Based Scanner

A new version of SSA (Security System Analyzer) has been released – version 1.5.1. SSA is a scanner based on OVAL, the command line tool provided by MITRE is not very easy to use so the guys at Security Database decided to write a GUI to make it simple to use and understand and then […]

Continue Reading


18 April 2007 | 8,372 views

IE 7 Flaw Could Help Phishers – Error Message Processing

Ah another way for phishers and people wanting to steal login credentials to con IE7 users. Yet another reason to use Firefox or Opera? Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had. The flaw lies in the way IE7 processes a locally stored HTML error message […]

Continue Reading


30 March 2007 | 12,242 views

Metasploit Exploit Framework Version 3.0 Released

Finally it’s out of BETA, Metasploit Framework Version 3.0 has been released and it’s a lot more Windows friendly. The Metasploit Framework (“Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a […]

Continue Reading


21 March 2007 | 5,832 views

Technika – Automate Common Exploit Tasks

Technika was developed for the computer security professionals to automate common exploitative task from the browser. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page just like Greasemonkey (spawn processes, unrestricted XMLHttpRequest connections and sockets). You can autorun bookmarklets and perform safe operations on the currently […]

Continue Reading


06 March 2007 | 6,807 views

WordPress Download Server Compromised (2.1.1) – Get 2.1.2 NOW!

Some sneaky hacker got into the WordPress download server and placed a backdoor in the latest available version (2.1.1). Luckily within a day someone reported the exploit to the WordPress team and they took the site down to investigate. This morning we received a note to our security mailing address about unusual and highly exploitable […]

Continue Reading