Metasploit 2.7 Released – Automated Hacking

The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment. Windows users are encouraged to update as soon […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment

Oracle MEGA Patch Fixes 101 Security Bugs

Oracle in its very own style recently published a mega patch, it could be called the mother of all patches. Actually 101 bugs…the scary part is 45 can be exploited remotely. Oracle published the mother of all security patches containing 101 fixes for flaws in its database, application server, E-Business Suite and PeopleSoft and JD […]

Tags: , , , , , , ,

Posted in: Database Hacking, Exploits/Vulnerabilities | Add a Comment

Vulnerability Assessment and Operational Security Testing Methodology (VAOST) – version 0.2 released

Here is a newly released VA methodology, the author believes it to be more focused, and thus cost effective VA process. It may map to internal work, but it is probably more suited to external sites. It’s gone through a couple of revisions so it’s a bit more polished now. You can find the notes […]

Tags: , , , , , , ,

Posted in: General Hacking, Network Hacking | Add a Comment

AttackAPI 0.8 JavaScript Hacking Suite Available

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found at […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Hackers’ Project – Browser Exploit Code Hiding

Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM “can create […]

Tags: , , , , , , , ,

Posted in: Programming, Web Hacking | Add a Comment

w3bfukk0r 0.2 Forced Browsing Tool Released

w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:

Note: Not all webservers are handling HTTP status codes […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

McAfee buying Tel Aviv startup Onigma for $15-25 million cash

Data security giant McAfee has bought a young Tel Aviv startup, Onigma, for somewhere between $15 million to $25 million cash, surmise hi-tech circles. McAfee will be integrating the Onigma technology in its enterprise security solution, and will be recruiting dozens more Israeli developers for the startup, which will become a local R&D center. Onigma […]

Tags: , , , , , , , ,

Posted in: Privacy, Security Software | Add a Comment

Windows XP ToolBox

This a very old article based on my tiny document “WinDOS tools” which was for a short while on Blackcode, before it was shutdown… It was an article to impres my friends, but found some usefull stuff two when writing it… so let’s take a look at some “hidden” Windows XP programs… MAC Address (getmac) […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Windows Hacking | Add a Comment

Installing Nessus on Debian-based OSs like Ubuntu

With this simple tutorial I will explain how to install Nessus client (nessus) and Nessus Daemon (nessusd) and properly register it, so you don’t end up with the limitations of a non-registered version of the vulnerability scanner. Installing: I personally use apt-, however, you may choose any other package manager. apt-get install nessus nessusd -y […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment