Archive | Web Hacking


04 September 2006 | 47,074 views

Teen Data Exposed on Myspace

Ah another flaw in Myspace, this time it’s quite dangerous exposing the details of teenagers. A security hole in the popular MySpace social networking site allowed users to view entries marked “private”, a crucial protection for users aged under 16, according to weekend reports. Though the site is said to have fixed the problem, it […]

Continue Reading

30 August 2006 | 7,527 views

AttackAPI 0.5 – JavaScript Security Tools

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors. The project was primary inspired by the JythonShell applet. At its very early stage AttackAPI was a single extensible web enabled python console with a few modules. The 0.5 release of AttackAPI is purely JavaScript based. This is not a shift in the […]

Continue Reading

29 August 2006 | 12,287 views

Link & Comment Spamming – A possible solution.

Recently one of the sites I am developing for my self was link spammed. Some unpleasant individual decided that it would be fun to post 160 ‘comments’ spread over all the blog posts. All the comments contained was URL’s. Even more stupid they used BB tags, but as I wrote the site it doesn’t use […]

Continue Reading

10 August 2006 | 4,561 views

OWASP – Fortify Bug Taxonomy

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation! It seems very well written too in terms that anyone familiar with software development or programming can understand. Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of […]

Continue Reading

08 August 2006 | 5,078 views

Cyberwar Efforts Step-Up – NASA Sites Hacked

Ah cyberwar, cyber terrorism, efforts are ramping up, more sites are going down. The war in Lebanon is now showing its consequences in the digital world and a huge number of websites has been attacked and defaced as a protest against the invasion of Lebanon by Israel. Today two NASA websites were attacked as well. […]

Continue Reading

07 August 2006 | 11,846 views

Wapiti – Web Application Scanner / Black-box testing

Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, […]

Continue Reading

01 August 2006 | 12,030 views

Israeli Hackers Join the War Against Palestinian Sites

Israeli hackers have decided to ‘help’ and join the war against Palestine. The hackers group that calls itself “IDF” (which also means Israeli Defence Force) has hacked dozens of sites, erased the site content and replaced it the index with a picture of the Lebanon destruction that is made by Israeli Defence Force as an […]

Continue Reading

01 August 2006 | 14,151 views

SpikeSource Spike PHP Security Audit Tool

Spike is an Open Source tool based on the popular RATS C based auditing tool implemented for PHP. The tool Spike basically does static analysis of php code for security exploits, PHP5 and call-time pass-by-reference are currently required, but a PHP4 version is coming out this week. This tool is especially welcomed by Darknet as […]

Continue Reading

31 July 2006 | 6,409 views

WordPress 2.0.4 Released – Fixes Security Issues

Just to let you all know, if you are using WordPress you can upgrade today. The latest stable release of WordPress (Version 2.0.4) is available. his release contains several important security fixes, so it’s highly recommended for all users. We’ve also rolled in a number of bug fixes (over 50!), so it’s a pretty solid […]

Continue Reading

30 July 2006 | 5,926 views HACKED With Cross Site Scripting (XSS) Vulnerability has been hacked via a persistent Cross Site Scripting (XSS) vulnerability in their newly launched Digg-like news service. It seems the attacker did report the flaw to them repeatedly but they didn’t heed and ignored it, so he performed the XSS all over the site. eplawless stated the following: It was me. I did […]

Continue Reading