Archive | Programming




Charles Web Debugging Proxy – HTTP Monitor & Reverse Proxy

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). Charles can act as a man-in-the-middle for HTTP/SSL communication, enabling you to […]

Tags: , , , , , , , , , , ,

Posted in: Network Hacking, Programming, Web Hacking | Add a Comment

Microsoft Open Source Security Tool – !exploitable Crash Analyzer

Finally Microsoft is doing something proactive and perhaps even slightly ahead of the game, a real game-change for the security community. They have released a new AND open-source tool to make debugging easier, it gives developers a lot of help during the release cycle to build more secure software. Mostly because it takes the legwork […]

Tags: , , , , , , , , , , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Programming, Security Software | Add a Comment

Google Native Client Security/Hacking Contest – Win $8,192 USD!

What is Native Client? Native Client is an open-source research technology for running x86 native code in web applications, with the goal of maintaining the browser neutrality, OS portability, and safety that people expect from web apps. We’ve released this project at an early, research stage to get feedback from the security and broader open-source […]

Tags: , , , , , , ,

Posted in: General Hacking, Programming | Add a Comment

fzem – MUA (Mail User Agent) / Mail Client Fuzzer

fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses. Purpose fzem’s purpose is to fuzz MUAs as they process email content and handle server reponses. How does it work? fzem has the three main mail protocols implemented as well as […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

NSA Together With Mitre CWE and SANS Identifies Top 25 Programming Errors

Secure programming is a huge issue and it’s the lack of it that causes all the problems we have with vulnerabilities and the exploits associated with them. If everywhere developers followed secure programming practices we wouldn’t have buffer overflow issues or unsanitized parameters leading to SQL Injection. The NSA (National Security Agency), working with MITRE, […]

Tags: , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

ohrwurm – RTP Fuzzing Tool (SIP Phones)

ohrwurm is a small and simple RTP fuzzer, it has been tested it on a small number of SIP phones, none of them withstood the fuzzing. Features: reads SIP messages to get information of the RTP port numbers reading SIP can be omitted by providing the RTP port numbers, so that any RTP traffic can […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Programming | Add a Comment

Modern Exploits – Do You Still Need To Learn Assembly Language (ASM)

This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not? For those that aren’t what it is, it’s pretty much the lowest level programming languages computers understand without resorting to simply 1’s […]

Tags: , , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

ISR-evilgrade – Inject Updates to Exploit Software

ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims DNS […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

WikiScanner – Find Interesting Anonymous Edits on Wikipedia

Now this isn’t a new tool, and it’s not quite up to date as the author hasn’t updated it for a while – but it’s still exceedingly cool! As you know most IP addresses are registered to companies or organizations in blocks, so you can identify which network an edit is coming from as Wikipedia […]

Tags: , , , , , ,

Posted in: General Hacking, Privacy, Programming | Add a Comment

Tmin – Test Case Optimizer for Automated Security Testing

Tmin is a simple utility meant to make it easy to narrow down complex test cases produced through fuzzing. It is closely related to another tool of this type, delta, but meant specifically for unknown, underspecified, or hard to parse data formats (without the need to tokenize and re-serialize data), and for easy integration with […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·