Archive | Programming




Damn Vulnerable Web App – Learn & Practise Web Hacking

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote […]

Tags: , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming, Web Hacking | Add a Comment

fm-fsf – Freakin’ Simple Fuzzer – Cross Platform Fuzzing Tool

fm-fsf is a new fuzzer/data scraper that works under OSX, Linux (with Mono) and Windows (.NET Framework). Fuzzing tools are always useful if you are looking at discovering some new flaws in a software or web service. Quick Info FSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data. It […]

Tags: , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Fiddler – Web Debugging Proxy For HTTP(S)

Recently I posted about Charles Web Debugging Proxy and quite a few people mentioned they had been using Fiddler. Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and “fiddle” with incoming or outgoing data. Fiddler includes […]

Tags: , , , , , , , , , , ,

Posted in: Network Hacking, Programming, Web Hacking | Add a Comment

Charles Web Debugging Proxy – HTTP Monitor & Reverse Proxy

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). Charles can act as a man-in-the-middle for HTTP/SSL communication, enabling you to […]

Tags: , , , , , , , , , , ,

Posted in: Network Hacking, Programming, Web Hacking | Add a Comment

Microsoft Open Source Security Tool – !exploitable Crash Analyzer

Finally Microsoft is doing something proactive and perhaps even slightly ahead of the game, a real game-change for the security community. They have released a new AND open-source tool to make debugging easier, it gives developers a lot of help during the release cycle to build more secure software. Mostly because it takes the legwork […]

Tags: , , , , , , , , , , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Programming, Security Software | Add a Comment

Google Native Client Security/Hacking Contest – Win $8,192 USD!

What is Native Client? Native Client is an open-source research technology for running x86 native code in web applications, with the goal of maintaining the browser neutrality, OS portability, and safety that people expect from web apps. We’ve released this project at an early, research stage to get feedback from the security and broader open-source […]

Tags: , , , , , , ,

Posted in: General Hacking, Programming | Add a Comment

fzem – MUA (Mail User Agent) / Mail Client Fuzzer

fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses. Purpose fzem’s purpose is to fuzz MUAs as they process email content and handle server reponses. How does it work? fzem has the three main mail protocols implemented as well as […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

NSA Together With Mitre CWE and SANS Identifies Top 25 Programming Errors

Secure programming is a huge issue and it’s the lack of it that causes all the problems we have with vulnerabilities and the exploits associated with them. If everywhere developers followed secure programming practices we wouldn’t have buffer overflow issues or unsanitized parameters leading to SQL Injection. The NSA (National Security Agency), working with MITRE, […]

Tags: , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

ohrwurm – RTP Fuzzing Tool (SIP Phones)

ohrwurm is a small and simple RTP fuzzer, it has been tested it on a small number of SIP phones, none of them withstood the fuzzing. Features: reads SIP messages to get information of the RTP port numbers reading SIP can be omitted by providing the RTP port numbers, so that any RTP traffic can […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Programming | Add a Comment

Modern Exploits – Do You Still Need To Learn Assembly Language (ASM)

This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not? For those that aren’t what it is, it’s pretty much the lowest level programming languages computers understand without resorting to simply 1’s […]

Tags: , , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·