Archive | Exploits/Vulnerabilities




pwntools – CTF Framework & Exploit Development Library

pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. Command-line frontends for some of the functionality are available: asm/disasm: Small wrapper for various assemblers. constgrep: Tool for finding constants defined in header files. cyclic: […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities | Add a Comment

ATM Hacked Using Samsung Galaxy S4 & USB Port

A pretty interesting black box daughter board attack on ATM via USB, the crowd cry ATM Hacked! Yah it was, and it was triggered using a mobile phone to actually activate the attack, showing it’s fairly complex and also abstracting the actual attacker from being physically there. The guy carrying the black box can’t actually […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

InsomniaShell – ASP.NET Reverse Shell Or Bind Shell

InsomniaShell is a tool for use during penetration tests, when you have ability to upload or create an arbitrary .aspx page. This .aspx page is an example of using native calls through pinvoke to provide either an ASP.NET reverse shell or a bind shell. ASP.NET is an open source server-side Web application framework designed for […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment

Sony Pictures Hacked – Employee Details & Movies Leaked

Sony hasn’t always had the best of times when it comes to being hacked, back in 2011 Sony basically had to rebuild the PlayStation Network (PSN) because of a hack which rendered the service off-line for almost a whole week. Plus the fact the PSN hack could have leaked up to 10 million user accounts […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment

Gruyere – Learn Web Application Exploits & Defenses

This codelab is built around Gruyere – a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Gruyere has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Critical XSS Flaw Affects WordPress 3.9.2 And Earlier

So it’s been a while since we’ve talked about any flaws in WordPress – because usually they are pretty dull and require such an obscure set of circumstances, that they are unlikely to ever occur in the wild. The most recent time was this year actually, but was a DoS attack, which is not THAT […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Microsoft Schannel Vulnerabilty – Patch It NOW

So yah, it seems like every implementation of TLS is broken and some may say this Microsoft Schannel vulnerabilty is actually worse than Heartbleed. Why is it worse you ask? Because it allows remote code execution, which honestly – is about as bad as it gets. This is a critical update, a really, really critical […]

Tags: , , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities, Windows Hacking | Add a Comment

Serious Linux/UNIX FTP Flaw Allows Command Execution

A lot of old bugs have been biting us on the butt lately, and here’s another to add to the list. This week it was discovered a fairly nasty FTP Flaw Allows Command Execution when using the old but still fairly widely used. tnftp client It’s a fairly unlikely set of circumstances however, and it […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Linux Hacking, Network Hacking | Add a Comment

Microsoft Zero Day OLE Vuln Being Exploited In Powerpoint

So the latest news is, don’t open any .ppt files if you aren’t entirely sure where they came from as there is a Microsoft Zero Day vulnerability in OLE (Object Linking and Embedding) handling in Microsoft Office that is currently being exploited in the wild by malicious Powerpoint slide decks. Not that anyone reading this […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

Everything You Need To Know About POODLE SSLv3 Vulnerability

So yah, it’s been quite a year – not long after Heartbleed and then Shellshock we now have POODLE SSLv3 vulnerability. Yes, that’s right – POODLE. It is actually an acronym this time though, yay (Padding Oracle On Downgraded Legacy). Is it a huge risk? Not really as it doesn’t allow any type of remote […]

Tags: , , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities, Network Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·