A huge wave has been made by this Firesheep in the mainstream media this week as it makes session hijacking a click and go procedure for Windows. It was released at Toorcon 12 and is simply a Firefox Add-on. What is Firesheep? Stealing sessions/passwords and so on is something we’ve been able to do for […]
Hackers Exploit Unpatched Firefox 0day Using Nobel Peace Prize Website
It’s been a while since Firefox has been in the news, but this is a fairly high profile case involving the Nobel Peace Prize website. It seems there is a race condition vulnerability in the latest versions of Firefox (including 3.6.11) that allows remote exploitation. In this case it was used via an iFrame on […]
The Social-Engineer Toolkit (SET) – Computer Based Social Engineering Tools
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has […]
Malware Pushers Abuse Firefox Warning Page
This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user – which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as it’s taking something that’s familiar and changing it to deliver malware. I’m sure all the […]
NSDECODER – Automated Website Malware Detection Tool
NSDECODER is a automated website malware detection tool. It can be used to decode and analyze an URL to see if it host to malware. Also, NSDECODER will analyze which vulnerability has been exploited and the original source address of malware. Functions Automated analysis and detection of website malware. Detection for plenty of vulnerabilities. Log […]