Archive | Privacy


04 March 2014 | 2,350 views

EyeWitness – A Rapid Web Application Triage Tool

EyeWitness is a rapid web application triage tool designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. The author would love for EyeWitness to identify more default credentials of various web applications. So as you find devices which utilizes default credentials, please e-mail him the source code […]

Continue Reading


12 February 2014 | 932 views

The Mask AKA Careto Espionage Malware

So the latest buzz going around is caused by a hacking group that appears to be Spanish and is called The Mask or Careto. The reason there is a fair amount of buzz is their next level espionage malware that has been targeting government institutions, diplomatic offices and embassies, energy, oil and gas companies, research […]

Continue Reading


22 January 2014 | 4,291 views

The 25 Worst Passwords Of 2013 – “password” Is Not #1

The worst passwords of 2013 – really, more like the most common. The majority come from the massive Adobe leak, which contributed over 40 million passwords and skewed the data a fair bit pushing “photoshop” and “adobe123″ into the list. Most of them are no surprise though, we published the top 10 most common passwords […]

Continue Reading


03 December 2013 | 1,754 views

Stuxnet 2 Under Development By Spy Agencies?

It’s been a fair while since we’ve heard a mention of Stuxnet, so the potential for Stuxnet 2 is quite interesting. Of course at this point, it’s pretty much all just rumours – but still I’d be very surprised if such a thing wasn’t already in the works. Apparently in this case, it’s the Saudi […]

Continue Reading


20 November 2013 | 3,690 views

Cupid Media Hack Exposes 42 Million Passwords In Plain Text

42 Million Passwords – now that’s a big number, and the worst part – they aren’t even hashed. Nope, not at all – not even badly. Apparently the intrusion took place earlier this year, in January 2013 – but there was no public announcement. The data was found on the same server where the hacked […]

Continue Reading


04 November 2013 | 857 views

Anonymous Targets Singapore For Proposed Internet Licensing Rules

So the latest news in South East Asia is that someone claiming to be affiliated with Anonymous is waging a digital war against Singapore due to their proposed Internet licensing rules, which are akin to backdoor censorship. You can see the Youtube video here: The Anonymous Legion Threatens Singapore Government They already started by attacking […]

Continue Reading


30 October 2013 | 3,501 views

FoxOne Free OSINT Tool – Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author (th3j35t3r) as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel on a given domain (example.com). The intel gained serves both as actionable […]

Continue Reading


18 June 2013 | 3,091 views

PRISM, Edward Snowden, Big Brother & More Stuff We Already Knew

So there’s been 100s of articles posted about PRISM, which also now has a lengthy Wikipedia article – PRISM (surveillance program). Apparently PRISM (2007-present) is the program that replaces the previous (2001-2007) NSA warrantless surveillance program. So the US government has been watching everyone, no shit (Nineteen Eighty-Four?). PRISM is a clandestine national security electronic […]

Continue Reading


06 November 2012 | 2,183 views

VMWare ESX Source Code Leaked On The Internet

Another big source code leak, this time VMWare ESX, software which I’m sure most of the readers here have used at some point (I know I have). There was a time back in 2006 when VMWare Rootkits seemed like they might be the next big thing, but nothing much ever came out of it. VMware […]

Continue Reading


15 October 2012 | 5,114 views

Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool

Web-Sorrow is a PERL based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on enumeration and collecting information about a target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks. There’s a couple of other tools that […]

Continue Reading