Archive | Privacy


15 October 2012 | 5,024 views

Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool

Web-Sorrow is a PERL based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on enumeration and collecting information about a target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks. There’s a couple of other tools that [...]

Continue Reading


16 July 2012 | 2,547 views

Yahoo! Voices Hacked With SQL Injection – Passwords In Plaintext

There’s been a few HUGE cases of large sites being hacked and exposing either plaintext or extremely poorly encrypted passwords, it happened to LinkedIn not that long ago – and the latest case is of Yahoo!. It wasn’t the main site, but with almost half a million username and password combos exposed – it’s a [...]

Continue Reading


25 April 2012 | 4,467 views

creepy – A Geolocation Information Aggregator AKA OSINT Tool

creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to [...]

Continue Reading


16 April 2012 | 639 views

Android Trojan Targets Japanese Market – Steals Personal Data

Early last year we wrote about China Facing Problems With Android Handsets & Pre-installed Trojans, then later last year there was a possibility Cybercrooks May Be Able To Force Mobile Phones To Send Premium-Rate SMS Messages. The latest news about Android malware is malicious apps that are in the official Google marketplace (called Play) – [...]

Continue Reading


02 April 2012 | 7,101 views

GooDork – Command Line Google Dorking/Hacking Tool

GooDork is a simple python script designed to allow you to leverage the power of Google Dorking straight from the comfort of your command line. There was a GUI tool we discussed a while back similar to this – Goolag – GUI Tool for Google Hacking. GooDork offers powerful use of Google’s search directives, by [...]

Continue Reading


12 March 2012 | 5,221 views

Former LulzSec Leader Sabu Flips Sides & Informs For The FBI

This is pretty epic, the big buzz last week was all about Sabu and how he was a traitor to LulzSec and Anonymous. Now most people think things like these only happen in the movies, secret arrests followed by strong-arm tactics to make the perp turn and be an informant for the feds. Sounds like [...]

Continue Reading


07 March 2012 | 7,919 views

Goofile v1.5 – Search For A Specific File Type In A Given Domain.

Use this tool to search for a specific file type in a given domain – inspired by TheHarvester. Usage

-d: domain to search -f: filetype (ex. pdf) Written in Python and tested on 2.5 and 2.7. Please submit any bug reports or requests to the author. You can download Goofile v1.5 here: goofilev1.5.zip Or [...]

Continue Reading


31 January 2012 | 20,202 views

theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool

theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources supported [...]

Continue Reading


12 January 2012 | 9,902 views

Sprint Adds Google Wallet Into New NFC Capable Phones

Oh look, another aspect of security and privacy to consider as Google pushes its’ mobile payment solution ‘Wallet’ onto two new NFC capable phones – the Galaxy Nexus & LG Viper. If you haven’t heard of the service you can find out more here – Google Wallet (Wikipedia). The main concern here (security wise) is [...]

Continue Reading


05 December 2011 | 13,291 views

GCHQ Code Breaking Challenge Solved Through Googling

This is quite an amusing story, I’m sure many of you have read about the ‘hacking challenge’ set up by GCHQ and that they are looking to hire hackers cyber-security specialists through non-traditional channels. The thing that tickled me was, well there were two things actually..one that the challenge site was coded in ASP and [...]

Continue Reading