Mac OS X Ransomware KeRanger

Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

So there’s been a fair bit of noise this past week about the Mac OS X Ransomware, the first of its’ kind called KeRanger. It also happens to be the first popular Mac malware of any form for some time. It’s also a lesson to all the Apple fanbois that their OS is not impervious […]

Tags: , , , , , , , , , ,

Posted in: Apple, Malware | Add a Comment
DIRB - Domain Brute-forcing Tool

DIRB – Domain Brute-forcing Tool

DIRB is a Web Content Scanner AKA a domain brute-forcing tool. It looks for existing (and/or hidden) Web Objects, it works by launching a dictionary based attack against a web server and analysing the responses. DIRB comes with a set of preconfigured attack word-lists for easy usage but you can use your custom word-lists. Also […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
AuthMatrix - Test Web Authorisation

AuthMatrix for Burp Suite – Web Authorisation Testing Tool

AuthMatrix a web authorisation testing tool built as an extension to Burp Suite that provides a simple way to test authorisation in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are displayed through the UI in a […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
DROWN Attack

DROWN Attack on TLS – Everything You Need To Know

So SSL in general is having a rough time lately, now with the SSLv2 DROWN attack on TLS. And this is not long after Logjam and a while since Heartbleed, POODLE and FREAK. DROWN is a cross-protocol attack that can decrypt passively collected TLS sessions from up-to-date clients and stands for Decrypting RSA with Obsolete […]

Tags: , , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities | Add a Comment
Cyborg Hawk Linux

Cyborg Hawk Linux – Penetration Testing Linux Distro

Cyborg Hawk Linux is a Ubuntu (Linux) based Penetration Testing Linux Distro developed and designed for ethical hackers and penetration testers. Cyborg Hawk Distro can be used for network security and assessment and also for digital forensics. It also has various tools suited to the testing of Mobile Security and Wireless infrastructure. It’s clearly not […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Linux Hacking | Add a Comment
Veil Antivirus Evasion Framework

Veil Framework – Antivirus Evasion Framework

The Veil-Framework is a collection of red team security tools that implement various attack methods focused on antivirus evasion and evading detection. Antivirus ‘solutions’ don’t often catch the bad guys, but they do often catch pen-testing during assignment. This tool came about as a way to execute existing shellcode in a way that could evade […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Malware | Add a Comment
WordPress Security Tips

13 WordPress Security Tips From Acunetix

WordPress has a pretty poor reputation when it comes to security, so here are some WordPress security tips from Acunetix. The WordPress security perception is mostly unfounded sadly, as core WordPress is pretty secure – as long as it’s updated. The same goes for plug-ins and themes, if poorly maintained they are an easy ingress […]

Tags: , , , , , , ,

Posted in: Advertorial, Countermeasures | Add a Comment
Linset - Bash Evil Twin Tool

Linset – Evil Twin Attack Bash Script

Linset is an Evil Twin Attack Bash script with everything built in (multi-lingual web page, DHCP, DNS server with redirect fake AP etc) so it has a bunch of dependencies, and it’s in Spanish. But other than that, it’s pretty cool. It’s also a recursive acronym – Linset Is Not a Social Enginering Tool. There […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Wireless Hacking | Add a Comment
glibc Exploit

The Linux glibc Exploit – What You Need To Know

So the Internet exploded this week with news of a pretty serious glibc exploit, something that everyone pays attention to as every Linux server uses this library and in some cases it can yield remote code execution. In basic terms the glibc DNS client (libresolv) is vulnerable to a stack-based buffer overflow when the getaddrinfo() […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Linux Hacking | Add a Comment
LNHG - Massive Web Fingerprinter (mwebfp)

LNHG – Massive Web Fingerprinter (mwebfp)

The LowNoiseHG (LNHG) Massive Web Fingerprinter was conceived in July 2013 after realizing the usefulness of webserver screenshots to pentesters, during an engagement with large external or internal IP address ranges, as a quick means of identification of critical assets, easily-exploitable services, forgotten/outdated servers and basic network architecture knowledge of the target. The basic operation […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment