Malware Writers Using Exclusion Lists To Linger

Malware Writers Using Exclusion Lists To Linger

It seems malware writers using exclusion lists is not something new, but it’s still concerning people. To me it’d be a pretty obvious avenue, especially if you were crafting something a little more nefarious than average – like APT malware (Advanced Persistent Threat) tools. Definitely a chicken and egg problem, especially with Windows if you […]

Tags: , , , , , , ,

Posted in: Malware | Add a Comment
Minion - Mozilla Security Testing Framework

Minion – Mozilla Security Testing Framework

Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using a simple HTML-based interface. It consists of three umbrella projects: Minion Frontend, a Python, angular.js, and Bootstrap-based website that provides a […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment
HexorBase - Administer & Audit Multiple Database Servers

HexorBase – Administer & Audit Multiple Database Servers

HexorBase is a database application designed to administer and to audit multiple database servers simultaneously from a centralised location, it is capable of performing SQL queries and brute-force attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). It allows packet routing through proxies or even Metasploit pivoting antics to communicate with remotely […]

Tags: , , , , , , , , , , , ,

Posted in: Database Hacking, Hacking Tools | Add a Comment
UK Encryption Backdoor Law Passed Via Investigatory Powers Act

UK Encryption Backdoor Law Passed Via Investigatory Powers Act

The latest news out of my homeland is not good, the UK encryption backdoor law passed via Investigatory Powers Act or the IPA Bill as it’s commonly known. And itself was passed through a kind of backdoor route, which avoided the scorn of the public. Which was good for the lawmakers, but not for the […]

Tags: , , , , , , ,

Posted in: Cryptography, Legal Issues, Privacy | Add a Comment
Pulled Pork - Suricata & Snort Rule Management

Pulled Pork – Suricata & Snort Rule Management

Pulled Pork is a PERL based tool for Suricata and Snort rule management – it can determine your version of Snort and automatically download the latest rules for you. The name was chosen because simply speaking, it Pulls the rules. Using a regular crontab you can keep your Snort or Suricata rules up to date […]

Tags: , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment
Acunetix Web Vulnerability Scanner v11 Released

Acunetix Web Vulnerability Scanner v11 Released

Acunetix Web Vulnerability Scanner v11 has just been released with lots of exciting new features and tools. The biggest change is that v11 is now integrated with Vulnerability Management features to enable your organization to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. There are other changes too including the web […]

Tags: , , , , , , , ,

Posted in: Advertorial | Add a Comment
PyExfil - Python Data Exfiltration Tools

PyExfil – Python Data Exfiltration Tools

PyExfil started as a Proof of Concept (PoC) and has ended up turning into a Python Data Exfiltration toolkit, which can execute various techniques based around commonly allowed protocols (HTTP, ICMP, DNS etc). The package is very early stage (alpha release) so is not fully tested, any feedback and commits are welcomed by the author. […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Androguard - Reverse Engineering & Malware Analysis For Android

Androguard – Reverse Engineering & Malware Analysis For Android

Androguard is a toolkit built in Python which provides reverse engineering and malware analysis for Android. It’s buyilt to examine * Dex/Odex (Dalvik virtual machine) (.dex) (disassemble, decompilation), * APK (Android application) (.apk), * Android’s binary xml (.xml) and * Android Resources (.arsc). Androguard is available for Linux/OSX/Windows (Python powered). Features Map and manipulate DEX/ODEX/APK/AXML/ARSC […]

Tags: , , , , , , , ,

Posted in: Forensics, Malware | Add a Comment
Android Devices Phoning Home To China

Android Devices Phoning Home To China

So unsurprisingly a security researcher found some cheap Android devices phoning home to China when buying a phone to travel with. One of the phones seems to be Blu R1 HD, which is ‘Currently unavailable’ on Amazon.com and customers that bought it have received security update e-mails. Security researchers have uncovered a secret backdoor in […]

Tags: , , , , , , , , , , ,

Posted in: Malware, Privacy | Add a Comment
Netdiscover - Network Address Discovery Tool

Netdiscover – Network Address Discovery Tool

Netdiscover is a network address discovery tool that was developed mainly for those wireless networks without DHCP servers, though it also works on wired networks. It sends ARP requests and sniffs for replies. Built on top of libnet and libpcap, it can passively detect on-line hosts, or search for them, by actively sending ARP requests, […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment