Archive | Programming


14 June 2007 | 6,183 views

Fuzzled – PERL Fuzzing Framework

There has been an explosion of fuzzing tools lately, quite a few we have mentioned here on Darknet. Someone else noticed this, and wondered where is the Perl framework to complete the family? With that in mind he spent the last few months working on something that should fill the gap – Fuzzled. Fuzzled is [...]

Continue Reading


17 May 2007 | 10,395 views

ISIC – IP Stack Integrity & Stability Checker

ISIC is a suite of utilities to exercise the stability of an IP Stack and its component stacks (TCP, UDP, ICMP et. al.) It generates piles of pseudo random packets of the target protocol. The packets be given tendencies to conform to. Ie 50% of the packets generated can have IP Options. 25% of the [...]

Continue Reading


28 April 2007 | 16,130 views

login (security through obscurity) – weird PHP script

This was the idea with which I have won the regional web apps contest… well actually I did a CMS but the security part of it was the most appreciated. Maybe because it was weird, you’ll see… Classical Login scripts What exactly do classical login scripts do… they get the password from the database by [...]

Continue Reading


23 April 2007 | 13,679 views

LLTD – Link Layer Topology Discovery Protocol

Gomor released a LLTD (Link Layer Topology Discovery Protocol) implementation written in Perl (using Net::Frame framework). You may use this two modules to write fuzzers, or anything. You can find the modules here: Net Frame LLTD

Continue Reading


10 January 2007 | 8,896 views

AttackAPI 2.0 Alpha – JavaScript Hacking Suite

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. AttackAPI 2.0 branch is a lot better then the 1.x. [...]

Continue Reading


13 December 2006 | 8,401 views

Backframe (Formerly Backweb) JavaScript Attack Console

There has been a recent release of Backframe (Formerly Backweb) Attack Console. Backframe Attack Console was started as an experiment to create a full featured attack console for exploiting web browsers, web users and remote applications. Those who are familiar with XSS Proxy or even BEEF might already be familiar with the core principles of [...]

Continue Reading


08 December 2006 | 9,566 views

Linux Reverse Engineering Hacker Challenge

The first round results of the Linux Reverse Engineering Hacker Challenge are out! http://www.hackerchallenge.org It was expected that an intermediate hacker with Linux experience should be able to defeat the protection(s) in less than 10 hours. Participants may earn up to $4100 USD. A total of 93 individuals registered to participate in the first Hacker [...]

Continue Reading


05 December 2006 | 8,069 views

Metasploit 3.0 Beta 3 Released

The Metasploit Framework is an advanced open-source exploit development platform. The 3.0 tree represents a complete rewrite of the 2.0 codebase and provides a scalable and extensible framework for security tool development. The 3.0 Beta 3 release includes support for exploit automation, 802.11 wireless packet injection, and kernel-mode payloads. Windows users are now presented with [...]

Continue Reading


02 December 2006 | 17,227 views

Writing Worms for Fun or Profit

0x00: Preface Media, kindly supported by AV “experts”, drawn apocalyptical vison of desctruction caused by stupid M$ Outlook / VisualBasic worm, called “ILOVEYOU”. Absurdal estimations – $10M lost for “defending the disease”, especially when you take a look at increasing with the speed of light value of AV companies market shares, made many people sick. [...]

Continue Reading


19 November 2006 | 7,226 views

Hackers’ Project – Browser Exploit Code Hiding

Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM “can create [...]

Continue Reading