Archive | General Hacking


09 February 2011 | 11,668 views

Penetration Testing Course Pro 1.1 – New Version & New Module

Penetration Testing Course Pro 1.1 release aims at addressing all of the suggestions collected in the first 6 months of activity and adds 1 new module and 50 minutes of video training on Social Engineering Toolkit. As reviewed by us before (eLearnSecurity – Online Penetration Testing Training) this course is becoming a very popular choice [...]

Continue Reading


12 January 2011 | 14,204 views

MagicTree – Penetration Tester Productivity Tool

MagicTree is a penetration tester productivity tool, it allows easy and straightforward data consolidation, querying, external command execution, and report generation. In case you wonder, “Tree” is because its stores all the data in a tree, and “Magic” because it is designed to magically do the most cumbersome and boring part of penetration testing – [...]

Continue Reading


02 December 2010 | 13,900 views

Cloud Computing Use By Criminals Increasing

Over the last couple of years Cloud Computing has started gaining some real leverage, it’s being deployed on a wide scale, it’s becoming more affordable and the platforms supplying such services are becoming more stable. Of course the natural progression of this wider adoption is the focus of the security community and naturally the bad [...]

Continue Reading


27 September 2010 | 4,680 views

TA-Mapper v1.1 – Time and Attack Mapper – Effort Estimator For Pen-Testing

We wrote about this tool back in January 2009 when it was first released, recently v1.1 has become available for download. Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for blackbox security assessment (or Penetration Testing) of applications. This tool provides more accurate estimation when compared to rough estimation. Penetration [...]

Continue Reading


09 August 2010 | 8,637 views

Adobe Scrambling To Fix Another Serious PDF Flaw

It was only the start of July when we talked about Adobe Patching PDF Vulnerabilities Being Exploited In The Wild and once again they are suffering a serious vulnerability which allows code execution from a malicious PDF document. This time the vulnerability came out during Black Hat and it seems to be serious as Adobe [...]

Continue Reading


02 July 2010 | 4,853 views

Adobe Patches PDF Vulnerabilities Being Exploited In The Wild

At least! Adobe has sorted itself out and released patches for 17 critical vulnerabilities in their Reader and Acrobat applications. We reported back in January about Active Exploitation Of Unpatched PDF Vulnerabilities. The latest slew of vulnerabilities has been actively exploited by hackers for at least the past month as detected in the wild by [...]

Continue Reading


27 May 2010 | 38,566 views

eLearnSecurity – Online Penetration Testing Training

Introduction If you are in the information security industry, or plan to be you’ve probably been looking at the various infosec certifications available. Back when I started there really wasn’t anything available, there were no infosec degrees and no professional certs. Only later some high level ones came from SANS, then more jumped on the [...]

Continue Reading


03 May 2010 | 7,472 views

New Malware Variants More Malicious Than ILOVEYOU Bug

So no big surprise here, malware is getting more malicious! It’s good to know though and it’s good that companies out there like Messagelabs, under the watchful eye of Symantec, are trying to measure what is going on in malware land. The malware/worm landscape has always been a fast moving one and my guess is [...]

Continue Reading


14 April 2010 | 7,349 views

Hackers Penetrate Apache.org In Direct Targeted Attack

This is not the first time Apache.org has been hacked, it was comprised back in September 2009 using SSH keys. This time another targeted attack against the site was successful and allowed the attackers to capture the passwords of users logging into the bug-tracking service. It also exposed the entire password list, which sadly although [...]

Continue Reading


23 February 2010 | 8,523 views

US Investigators Pinpoint Author Of Google Attack Code

The big news over the past few months were the Aurora attacks and how they seemed to originate from China, last month Microsoft took the unusual step and released an Out-Of-Band patch for the IE6 0-Day vulnerability used in the attacks. Within the last few days the origin of the code was traced to 2 [...]

Continue Reading