Archive | October, 2007

FireCAT 1.2 Released – Firefox Catalog of Auditing Extensions

Outsmart Malicious Hackers

As mentioned in the previous FireCAT 1.1 post, FireCAT 1.2 was released last month.

If you aren’t aware, FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.

Changes for FireCAT 1.2

  • Renamed subcategory “Social Engineering” to “Data mining”
  • Bibirmer updated location (thanks to Zagrodzki Krzysztof from Telekomunikacja Polska)
  • Enhanced History Manager (to new subcategory Misc -> Logs / History)
  • Fixed FireGPG extension name
  • Added Oracle OraDB Error Code Look-up (to subcategory Database)

5 New Extensions

  • SQL connection (to subcategory Database)
  • MySqlSidu – MySQL client (to subcategory Database)
  • iMacros (to new subcategory Misc -> Automation)
  • Slogger (to new subcategory Misc -> Logs / History)
  • Gnosis (to subcategory Data mining)

FireCAT 1.2 now reaches reaches 60 extensions. Thanks to all fellas who give us a helping hand to collect and maintain this framework. We are also happy to announce that FireCAT exceeded 40,000 download.

You can download FireCAT 1.2 here:

FireCAT 1.2 Source (FreeMind) (Zip – 3.9 kb)
FireCAT 1.2 HTML Browsable (Zip – 76.4 kb)
FireCAT 1.2 PDF (PDF – 164.7 kb)

Or you can read more here.

Posted in: General Hacking, Web Hacking

Tags: , , , , , , , ,

Posted in: General Hacking, Web Hacking | Add a Comment
Recent in General Hacking:
- Why Are Hackers Winning The Security Game?
- The Dyn DNS DDoS That Killed Half The Internet
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,178,848 views
- Hack Tools/Exploits - 644,967 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 444,569 views

Web Integrity Checker – ISPs Inserting Ads Into Web Content

Outsmart Malicious Hackers

A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.

Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I’m sure that they weren’t asked for permission either

From Slashdot.

It seems some ISPs have bought a device from Fair Eagle, which is basically a spam box – it attempts to insert ads into all HTTP traffic that passes through it.

This is where the Web Integrity Checker from Washington University comes in.

The University of Washington security and privacy research group and ICSI have created a measurement infrastructure. By visiting our web page, you are helping out with our experiment. (Thank you!) In the process, we’ll help you figure out if some “party in the middle” (like your ISP) might be modifying your web content in flight. We also plan to share our overall results with the public.

Just by visiting this page, your web browser is participating in our experiment. We are detecting whether some “party in the middle” is modifying a set of test web pages, and the results of the tests are shown below. If you do not see a “change found” message below, then we did not detect any modifications to the test pages.

UW CSE and ICSI Web Integrity Checker

Details on how it works are at the bottom of the page.

Posted in: Legal Issues, Privacy

Tags: , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- Fake News As A Service (FNaaS?) – $400k To Rig An Election
- UK Schedule 7 – Man Charged For Not Sharing Password
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,825 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,775 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,664 views

Scavenging for project members on Darknet

Keep on Guard!

Wanna work on a web reconnaissance tool?
Want to have your name in readme file?
Got bored and want to help somebody?

Well then darknet readers this is your chance, because I need people to help me on a project I started a while ago called Website Anatomy, to find out what it is about check out the link… That is what the initial idea I had about it, since then it changed radically.

Anyway arriving to the important part of this article… I need a regEx guy (many regular expressions will be needed) and a php-guru (to tidy up and improve my code), till next weekend drop me mails at: backbone46 [at] gmail dot com

Posted in: Web Hacking

Tags: , , , ,

Posted in: Web Hacking | Add a Comment
Recent in Web Hacking:
- dork-cli – Command-line Google Dork Tool
- snitch – Information Gathering Tool Via Dorks
- OneLogin Hack – Encrypted Data Compromised

Related Posts:

Most Read in Web Hacking:
- wwwhack 1.9 – Download Web Hacking Tool - 707,866 views
- Web Based E-mail (Hotmail Yahoo Gmail) Hack/Hacking with JavaScript - 313,245 views
- Download videos? - 156,804 views

Recent in Forensics:
- PowerShellArsenal – PowerShell For Reverse Engineering
- Androguard – Reverse Engineering & Malware Analysis For Android
- Volatility Framework – Advanced Memory Forensics Framework

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,821 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 35,699 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 35,004 views

VPS – Virtual Private Server for Darknet

Keep on Guard!

So I’ve got a VPS set-up for Darknet, it’s not quite a dedicated server or a co-lo but it’s pretty close and it’s much more affordable!

Can’t beat a bit of root access so I can rysnc things off to another box.

The box will be backed up off-site every day anyway, and I’ll pull back-ups daily to a local box here.

The server is up and prepped, everything is installed. I’m just tweaking it a bit now and I’ll probably move the site over during the coming weekend.

It should be noticeably faster for most people as it’ll be moving back to North America from Asia where it’s temporarily hosted currently.

Posted in: Site News

Tags: , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- Darknet Moving Servers & Upgrades Etc
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,680 views
- Get the ball rollin’ - 19,016 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,278 views

The Next Evolution – GFI Uncovers MP3 Spam

Outsmart Malicious Hackers

If you remember a while back we mentioned PDF & Image Attachment Spam – The New Problem with E-mail, now we have another ‘innovation’ in spamming..

MP3 spam!

It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast.

Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams.

One sample identified this morning by GFI, was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. This voice is distorted to avoid filtering approaches based on the file signature.

Once again, spammers are taking advantage of the fact that the MP3 format is one of the most common in use today, another attempt at social engineering.

I wonder what they are going to come out with next, really?

The spam is a short, 30-second MP3 file recorded at low bit-rate with a synthetic female voice promoting a particular stock; the voice heavily distorted to avoid signature-based anti-spam approaches (click here [MP3] to listen to an edited sample of MP3 spam).

“MP3 spam is a natural progression from PDF and Excel spam whereby spammers are exploiting a new file format to be able to send spam. This is their latest attempt to evade anti-spam filters. There is also a social engineering aspect to this tactic because people frequently share MP3 files,” David Vella, Director of Product Management, said.

Another thing to look out for anyway, perhaps start filtering mp3 attachments on the mail gateway, then they’ll start putting them in passworded zip files I guess..

Source: GFI

Posted in: Advertorial, Phishing, Spammers & Scammers

Tags: , , , , , , , , , , ,

Posted in: Advertorial, Phishing, Spammers & Scammers | Add a Comment
Recent in Advertorial:
- Free Manual Pen-Testing Tools
- Acunetix Web Vulnerability Scanner v11 Released
- Securing MySQL Installation on Ubuntu 16.04 LTS

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 43,310 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,532 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,403 views

CORE GRASP – PHP Web Application Protection Software

Keep on Guard!

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations.

As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license.

The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it can be installed with almost the same effort as the PHP engine, both in Unix and Windows systems, and protection is immediate with any PHP web application running in the protected server.

CORE GRASP works by enhancing the PHP execution engine (VM) to permit byte-level taint tracking and analysis for all the user-controlled or otherwise untrustable variables of the web application. Tainted bytes are then tracked and their taint marks propagated throughout the web application’s runtime.

Whenever the web application tries to interact with an DB backend using SQL statements that contain tainted bytes, GRASP analyzes the statment and detects and prevents attacks or abnormal

CORE GRASP was developed by CoreLabs, the research unit of Core Security Technologies. At CoreLabs, we plan to improve the tool and include new protections shortly. However, the invitation to collaborate with the project is open. If you would like to collaborate, please go to the GRASP website and subscribe to the mailing list.

The documentation for CORE GRASP is available here and you can download it here:

CORE GRASP download page

Or you can read more here.

Posted in: Countermeasures, Security Software, Web Hacking

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment
Recent in Countermeasures:
- maltrail – Malicious Traffic Detection System
- Massive Acunetix Online Update Brings New Features & UI
- PwnBin – Python Pastebin Search Tool

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,734 views
- Password Hasher Firefox Extension - 118,207 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,831 views

Police to Monitor Indian Cyber-Cafes

Keep on Guard!

It seems India are getting serious about terrorist activities being co-ordinated via the Internet, they are starting to run extremely deep surveillance on many cyber-cafes in Mumbai.

The solution appears to be some kind of ‘legal’ trojan system that will collect logs and send them to the police

The Mumbai police will soon have khabris deployed (not physically) at over 500 cyber cafes in the city. A new software will allows cops to swoop down on terrorists the moment a keystroke is pressed at any cyber café across the city.

Investigations into the recent Hyderabad and Mumbai blasts have revealed that the planning was done using the Internet especially, chat rooms.

In fact, it is a well-known fact that terrorists all over the world do not use paper and pen or the phone to communicate. Everywhere, all over the world, it’s the net.

It seems to be fairly basic, key stroke logging and time lapsed screenshots fed back to a main server. There doesn’t seem to be any clever analysis going on, perhaps a few thousand Indian programmers will be sifting through the screenshots to identify anything dodgy amongst all the Telegu Karaoke videos and Punjabi Porn.

Vijay Mukhi, President of the Foundation for Information Security and Technology says, “The terrorists know that if they use machines at home, they can be caught. Cybercafes therefore give them anonymity.”

“The police needs to install programs that will capture every key stroke at regular interval screen shots, which will be sent back to a server that will log all the data.

The police can then keep track of all communication between terrorists no matter, which part of the world they operate from.This is the only way to patrol the net and this is how the police informer is going to look in the e-age,” added Mukhi.

Is it a privacy concern? Well yeah I guess it is, but then who conducts anything important from a cyber-cafe anyway?

All you need to do is find an un-encrypted wifi point…

Source: Mid-day

Posted in: General News, Legal Issues

Tags: , , , , , , , , , , ,

Posted in: General News, Legal Issues | Add a Comment
Recent in General News:
- Security Vendor Trustwave Bought By Singtel For $810M
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,543 views
- eEye Launches 0-Day Exploit Tracker - 86,319 views
- Seattle Computer Security Expert Turns Tables On The Police - 45,326 views

HttpBee – Web Application Hacking Toolkit

Keep on Guard!

HttpBee is a swiss-army-knife tool for web application hacking. It is multi-threaded, embedded with scriptable engine and has both command-line and daemon mode (if executed in daemon mode, HttpBee can become an agent of a distributed framework).

This is a tool for more advanced users and there isn’t much documentation so if anyone feels like writing a more comprehensive guide or tutorial, please do so!


You will need lua 5.1.x. Grab it at

You will also need pcre library.

There’s no ./configure script in HttpBee at the moment, so you will need to change Makefile directly before you build it. Look into CXXFLAGS and CFLAGS section. -DOS_X (or -DLINUX, or -DWINDOWS is basically a setting for your platform, plus, ajust the pathes).


The folder ‘modules’ contains lua plugins that HttpBee uses to perform its assessment tasks. You can run HttpBee as ./httpbee -s path/to/modules/script.lua -t 255 -h localhost (specifying different number of parallel threads impacts performance)


The way HttpBee’s scripting engine is implemented is relevant to HttpBee architecture itself. HttpBee maintains a pool of threads that it uses for parallel task execution. Therefore execution of HttpBee scripts is not linear. Instead, there are certain functions which are executed at certain steps of scanning process. The global scripting part is executed when the script is initially “scanned”, so HttpBee can pick up tags, description and other data from your script. init function will be executed only when your script is picked up and scheduled for execution (based on tags selection for example).

You can download HttpBee here:


Or read more here.

Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Bluto – DNS Recon, Zone Transfer & Brute Forcer
- dork-cli – Command-line Google Dork Tool
- T50 – The Fastest Mixed Packet Injector Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,024,650 views
- Brutus Password Cracker – Download AET2 - 1,610,750 views
- wwwhack 1.9 – Download Web Hacking Tool - 707,866 views

Cyber Crime Toolkits Go On Sale

Keep on Guard!

This is not exactly new news either, these kind of toolkits have been on sale for a long time, virus generators, trojan toolkits, now they are getting more polished, more stream-lined, more expensive and more easily available.

News of them is hitting the mainstream media..

Malicious hackers are producing easy to use tools that automate attacks to cash in on a boom in hi-tech crime.

On sale, say security experts, are everything from individual viruses to comprehensive kits that let budding cyber thieves craft their own attacks.

The top hacking tools are being offered for prices ranging up to £500.

Some of the most expensive tools are sold with 12 months of technical support that ensures they stay armed with the latest vulnerabilities.

Hacking tools with support packages! Now that’s something new.

According to Mr Henry there were more than 68,000 downloadable hacking tools in circulation. The majority were free to use and took some skill to operate but a growing number were offered for sale to those without the technical knowledge to run their own attacks, he said.

But, he added, many hacking groups were offering tools such as Mpack, Shark 2, Nuclear, WebAttacker, and IcePack that made it much easier for unskilled people to get in to the hi-tech crime game.

Mr Henry said the tools were proving useful because so many vulnerabilities were being discovered and were taking so long to be patched.

Mentions of Mpack always pops up, but now there’s a plethora of competitors.

The landscape is getting interesting, time for companies to invest more in their I.T. budgets I think. Especially when it comes to education and awareness.

Source: BBC

Posted in: Legal Issues, Malware

Tags: , , , , , ,

Posted in: Legal Issues, Malware | Add a Comment
Recent in Legal Issues:
- Fake News As A Service (FNaaS?) – $400k To Rig An Election
- UK Schedule 7 – Man Charged For Not Sharing Password
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,825 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,775 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,664 views