Archive | Exploits/Vulnerabilities

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows

PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment

HD Moore’s Company BreakingPoint Suffers DNS Attack

It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint. It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking, Spammers & Scammers | Add a Comment

Site Guesses Your Gender via Browsing History

This is a pretty old issue, but this is an interesting new implementation of an old idea. Using your browser history and by matching your browsing habits the site attempts to guess your gender with a weighting system according to the gender demographics for a list of fairly popular sites. It’s not super accurate unless […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment

Pass-The-Hash Toolkit v1.4 Released for Download

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Password Cracking, Windows Hacking | Add a Comment

Widespread Flaws in Online Banking Systems

After a recent survey it shows online banking may not be as secure as you might think. People tend to think banks are the pinnacle of security and that assumption continues to their websites. Sadly however, even in my own personal experience, the truth is far from that. Many many banks have flaws that can […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment

Exploit for Kaminsky DNS Bug Goes Wild

There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild. To top that, they have already been ported into Metasploit! I hope all the major ISPs are in a patching frenzy right now and not thinking to themselves […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking, Web Hacking | Add a Comment

Zodiac – DNS Protocol Monitoring and Spoofing Tool

Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet routines or packet […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking | Add a Comment

Which Browser Users Are More Secure?

Some new statistics just came out regarding Browser Security, this is more in terms of which users are most likely to apply patches and be using the most secure version. I would have thought Firefox would have been pretty high since the newer series prompt automatically new patches. My only guess is a lot of […]

Tags: , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities | Add a Comment

China Home to at Least HALF of Malicious Web Sites

It looks like China is becoming a hotbed for malware and malicious websites (those sites that push malware infections via browser exploits). They often used to be found in Korea and Taiwan and parts of Eastern Europe. According to the latest data more than half of the sites are now located in China. More than […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Malware, Web Hacking | Add a Comment

Virus Variant Extorts You by Encrypting Your Files

Malware authors are getting sneaky again, in the latest turn of events they have started encrypting your files and holding them at ransom! You have to pay up to get the ‘decryptor’ and get access to your files again. This is pretty dangerous…and cunning too. It’s not easily broken either, they are using RSA 1024-bit […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Malware, Spammers & Scammers | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·