MITMf - Man-In-The-Middle Attack Framework

MITMf – Man-In-The-Middle Attack Framework

MITMf is a Man-In-The-Middle Attack Framework which aims to to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it’s been almost completely re-written from scratch to provide a modular and easily extendible framework that […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
LOKI - Indicators Of Compromise Scanner

LOKI – Indicators Of Compromise Scanner

Loki is a Indicators Of Compromise Scanner, based on 4 main methods (additional checks are available) and will present a report showing GREEN, YELLOW or RED result lines. The compiled scanner may be detected by antivirus engines. This is caused by the fact that the scanner is a compiled python script that implement some file […]

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Fortinet SSH Backdoor Found In Firewalls

Fortinet SSH Backdoor Found In Firewalls

So the Fortinet SSH Backdoor, apparently it’s just a management authentication issue. Sorry, what’s that? It looks like a passphrase based admin level access login via SSH to me personally. Which is scary. They are adamantly shouting from rooftops that it was not planted by a 3rd party (NSA? Like Juniper..) or any kind of […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking | Add a Comment
dnscat2 - DNS Tunnel Tool

dnscat2 – DNS Tunnel Tool

This DNS tunnel tool named dnscat2 creates an encrypted tunnel over the DNS protocol primarily as a command-and-control (C&C) channel for penetration testers as outbound DNS is rarely blocked in networks. This makes it a very effective tunnel out of almost every network. Overview dnscat2 comes in two parts: the client and the server. The […]

Tags: , , , , , , , ,

Posted in: Network Hacking | Add a Comment
FastIR Collector - Windows Incident Response Tool

FastIR Collector – Windows Incident Response Tool

FastIR Collector is Windows incident response tool that offers the possibility to extract classic artefacts such as memory dump, auto-started software, MFT, MBR, Scheduled tasks, Services and records the results in csv files. The tool can also perform smart acquisitions thanks to the filecatcher, certificate filtering or support of Yara rules. The first part of […]

Tags: , , , , , , , , ,

Posted in: Forensics, Security Software, Windows Hacking | Add a Comment
A Look Back At 2015 – Tools & News Highlights

A Look Back At 2015 – Tools & News Highlights

So here we are in 2016, yet still writing 2015 in our chequebooks (yah lolpls like anyone uses cheques any more). Following on from last year and our 2014 summary, here is our 2015 highlights post with interesting happenings over the past 12 months – including tools and news stories. 2015 News Stories The theme […]

Tags: , , , , , , , ,

Posted in: Site News | Add a Comment
Dradis - Reporting Platform For IT Security Professionals

Dradis – Reporting Platform For IT Security Professionals

Dradis is an open source reporting platform for IT Security, tailored towards the types of information that need to be shared amongst an information security team during a professional engagement. It provides a centralized repository of information using a web interfaced based client/server architecture. It also supports 15+ different tools including Burp, Nessus, Nmap, Qualys […]

Tags: , , , , , , , ,

Posted in: General Hacking, Security Software | Add a Comment
Linode DDoS Attack - Merry Xmas

Linode DDoS Attack – Merry Xmas Sysadmins

So the Linode DDoS attack – seems like this xmas has been a terrible time for sys admins, along with what happened to Steam and A Small Orange (100+ hours down). A whole lot of work during the most drunken holiday of the year, not fun. And yes it affected me too, work wise everything […]

Tags: , , , , , , ,

Posted in: Web Hacking | Add a Comment
LaZagne - Password Recovery Tool For Windows & Linux

LaZagne – Password Recovery Tool For Windows & Linux

The LaZagne project is an open source password recovery tool used to retrieve passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases and so on). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Linux Hacking, Password Cracking, Windows Hacking | Add a Comment
Facebook Disabled Flash For Video Finally

Facebook Disabled Flash For Video Finally

So Facebook disabled Flash for video finally, sadly it’s still there for games but a large use case for it just went out the window. And really, it’s not surprising after the recent mega patch in Adobe Flash that fixed 78 CVE classified vulnerabilities. There’s just no good reason for anyone to still be using […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities | Add a Comment