[ad] The Pentagon got owned pretty hard with 1,500 accounts being taken offline due to a hack attack. For once however they did admit the incident and didn’t try to cover it over or brush it off. I guess the amount of attacks they get is exponentially more than other networks…but still, I would have […]
Archives for July 2007
sqlget v1.0.0 – Blind SQL Injection Tool in PERL
sqlget is a blind SQL injection tool developed in Perl, it lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file. Databases supported: IBM DB2 Microsoft SQL Server Oracle Postgres Mysql […]
Apparently 8/10 High Traffic or ‘Big’ Websites are Vulnerable
[ad] It seems after a brief scan that about 80% of sites contain common flaws that allows them to be compromised in some way, most often to create phishing sites, steal data and hijack info about clients. An amazing 30% contain a serious vulnerability. Eight out of ten Web sites contain common flaws that can […]
Proxmon – Proxy Log Monitoring Tool
[ad] ProxMon is an extensible Python based framework that reduces testing effort, improves consistency and reduces errors. Its use requires limited additional effort as it processes the proxy logs that you’re already generating and reports discovered issues. In addition to penetration testing, ProxMon is useful in QA, developer testing and regression testing scenarios. Formerly announced […]
Trojan Mimicks Windows Activation Interface – KardPhisher
[ad] Recently a new Trojan popped up that mimics the Windows activation interface, phishing for credit card details and even the PIN number. The Trojan itself isn’t particularly advanced technically, it’s mostly just a social engineering attack. Symantec is reporting on a Trojan horse that mimics the Windows activation interface. What they are calling Trojan.Kardphisher […]