PHP Security Specialist (Stefan Esser) Resigns

This is sad news as PHP hasn’t particularly had a good security record in the past. He has voiced his frustrations with the internal workings of the PHP team and the development process, he has been working hard to make PHP inherently more secure…But from the look of things it seems like he was having […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, General News, Web Hacking | Add a Comment

Data Recovery – A Decent Article

Data recovery is an important subject and it’s definitely a good thing to have a positive understanding of data recovery and how it could effort you personally or your business. So someone told me about this Data recovery article which is a decent original reference to data recovery which contains some good original information, links […]

Tags: , , , , ,

Posted in: Forensics, General Hacking | Add a Comment

WordPress 2.0.7 Follows Hot on the Tail of WordPress 2.0.6

Recently a bug in certain versions of PHP came to the attention of the WordPress developers, this bug could cause a security vulnerability in your any blogs running version 2.0.6 or below blog. It was fairly easy to work around, so they decided to release 2.0.7, just 10 days after the release of 2.0.6, to […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Pentagon Hacker Gary McKinnon Appeals against US Extradition

It seems like it’s getting really serious in the Gary McKinnon case, he’s facing what looks like his last appeal against the US anti-terror law case against him for hacking some NASA systems by guessing the weak passwords. Not like he’s really a terrorist, or did any damage…he did something very stupid though, bruised the […]

Tags: , , , , , , , , , , ,

Posted in: General News, Legal Issues | Add a Comment

SPIKE Proxy – Application Level Security Assessment

SPIKE Proxy is part of the SPIKE Application Testing Suite, It functions as an HTTP and HTTPS proxy, and allows the web developer or web application auditor low level access to the entire web application interface, while also providing a bevy of automated tools and techniques for discovering common problems. These automated tools include: Automated […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment

Rock Phish Group Accounts for 50% of Online Scams?

It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam. The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20. 20% of the people are sending 80% of the messages, one of the big […]

Tags: , , , , , , , , , , , , , ,

Posted in: General News, Phishing, Spammers & Scammers | Add a Comment

Nmapview – Graphical Interface (GUI) for Nmap on Windows

Finally a replacement for the way outdated and rather crappy NmapFE! Unfortunately sometimes we do have to actually use Windows, and Nmap cleverly overcame the problems with raw sockets on Windows SP2 by using ATM frames instead, so it’s cool. Now we just need a decent GUI so it fits into the whole scheme of […]

Tags: , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

Microsoft Word 0-day Exploits – QUESTION.DOC

There’s been quite a few Microsoft related exploits recently, but not in Windows, people have moved their focus towards the application layer and the top of the OSI stack. This time it was a 0-day Vulnerability in Microsoft Word. The original news comes from SANS Internet Storm Center Diary (ISC). Microsoft has reported Word 2003, […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

AttackAPI 2.0 Alpha – JavaScript Hacking Suite

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. AttackAPI 2.0 branch is a lot better then the 1.x. […]

Tags: , , , , , ,

Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment

WordPress 2.0.5 Trackback Vulnerability with Exploit

WordPress was “born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL. It is the official successor of b2/cafelog. WordPress is fresh software, but its roots and development go back to 2001. It is a mature and stable product. We hope by focusing […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment