Internet Explorer 7 (IE7) Vulnerability Hits the Streets

This was a while back, but with Microsoft’s security record it’s pretty much inevitable.. Even before release (as with Vista) flaws were found. Introduction A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information. Please use the test below, to see an example of how […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

Writing Worms for Fun or Profit

0x00: Preface Media, kindly supported by AV “experts”, drawn apocalyptical vison of desctruction caused by stupid M$ Outlook / VisualBasic worm, called “ILOVEYOU”. Absurdal estimations – $10M lost for “defending the disease”, especially when you take a look at increasing with the speed of light value of AV companies market shares, made many people sick. […]

Tags: , , , , , , , , , ,

Posted in: Malware, Old Skool Philes, Programming | Add a Comment

the Art of Virology 01h

In this part we will discuss the basic framework of a computer virus… The basics of a virus consists of two elementary procedures (others will tell you three). These are: a search routine a infection routine [anti-detection routines] The search routine This routine will have to be a more delicate one [but not hard to […]

Tags: , , , ,

Posted in: Virology | Add a Comment

Metasploit 2.7 Released – Automated Hacking

The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment. Windows users are encouraged to update as soon […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment

Oracle MEGA Patch Fixes 101 Security Bugs

Oracle in its very own style recently published a mega patch, it could be called the mother of all patches. Actually 101 bugs…the scary part is 45 can be exploited remotely. Oracle published the mother of all security patches containing 101 fixes for flaws in its database, application server, E-Business Suite and PeopleSoft and JD […]

Tags: , , , , , , ,

Posted in: Database Hacking, Exploits/Vulnerabilities | Add a Comment

Vulnerability Assessment and Operational Security Testing Methodology (VAOST) – version 0.2 released

Here is a newly released VA methodology, the author believes it to be more focused, and thus cost effective VA process. It may map to internal work, but it is probably more suited to external sites. It’s gone through a couple of revisions so it’s a bit more polished now. You can find the notes […]

Tags: , , , , , , ,

Posted in: General Hacking, Network Hacking | Add a Comment

AttackAPI 0.8 JavaScript Hacking Suite Available

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found at […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Hackers’ Project – Browser Exploit Code Hiding

Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM “can create […]

Tags: , , , , , , , ,

Posted in: Programming, Web Hacking | Add a Comment