Last updated: November 13, 2015 | 17,989 views
What Is Mod AntiTamper (AT)
AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering.
Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated.
Is important to notice that mod_anti_tamper is not an alternative to mod_security, which is more exaustive and useful for all web situations. AT could be a complement to mod_security.
Introduction
– What is HMAC
HMAC is a validation algorithm to check the integrity of informations coupled with a secret password (more here).
AT will automatically generate a password and will save it in a ‘safe’ place (root owner with 600 mode).
How AT Works
AT is composed by two primary active components.
1. A filter for url links integrity check.
2. A filter for cookie integrity check.
Download mod_anti_tamper here:
mod_anti_tamper_0.1-alpha.tgz
Or read more here.
Posted in: Countermeasures, Security Software, Web Hacking
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares
Last updated: September 9, 2015 | 93,498 views
The guys at BackTrack e-mailed me to let me know their Version 3 BETA has been released recently, and perhaps our readers would like to know about it.
For those that don’t know BackTrack evolved from the merging of two wide spread security related distributions – Whax and Auditor Security Collection. By joining forces and replacing these distributions, BackTrack has gained massive popularity and was voted in 2006 as the #1 Security Live Distribution by insecure.org. Security professionals as well as new comers are using BackTrack as their favorite toolset all over the globe.
BackTrack has a long history and was based on many different linux distributions until it is now based on a Slackware linux distribution and the corresponding live-CD scripts. Every package, kernel configuration and script is optimized to be used by security penetration testers. Patches and automation have been added, applied or developed to provide a neat and ready-to-go environment.
Because Metasploit is one of the key tools for most analysts it is tightly integrated into BackTrack and both projects collaborate together to always provide an on-the-edge implementation of Metasploit within the BackTrack CD-Rom images or the upcoming remote-exploit.org distributed and maintained virtualization images (like VMWare images appliances).
Currently BackTrack consists of more than 300 different up-to-date tools which are logically structured according to the work flow of security professionals. This structure allows even newcomers to find the related tools to a certain task to be accomplished. New technologies and testing techniques are merged into BackTrack as soon as possible to keep it up-to-date.
It’s definitely a favourite amongst pen-testers, myself included.
You can donwload BackTrack BETA 3 here (Please try and use the torrent links and seed!):
BackTrack 3 Beta – 14-12-2007
Or read more here.
Posted in: Hacking Tools, Linux Hacking
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares
Last updated: September 9, 2015 | 8,852 views
Another tale to do with advertising, it just goes to show it’s really not a good idea to run JavaScript from a 3rd party source on your site, especially if you don’t want your visitors redirected to a p*rn site!
This is just what happened to Perl.com a few days ago.
Visitors to Perl.com, the O’Reilly Media-owned resource, were redirected on 17th of January to a link farm pushing p*rn sites.
Geeks who hit the site were sent to grepblogs-dot-net, a site that offers links to live adult webcams, erotic blogs and adult erotic fiction, among other things. Closing the Internet Explorer browser window that contains the site caused another link farm of dubious links to open, from a site called cnomy-dot-com. It carries more p*rno links and banner ads claiming visitors have won a free iPod.
“I was aghast,” said Tom Christiansen, author of many of the most popular Perl reference books. “I need to understand the nature of the problem.”
Odd that the name of the p*rn site is pretty geeky too, grep blog? Doesn’t sound like your run of the mile adult webcam directory right?
I guess spammers and getting more clued in, targeting a Perl site..using a geeky blog name – pretty smart.
The episode is the latest example of the perils that come from running ads and javascript from a third-party website. In recent months, rogue ads hosted on DoubleClick, Real Media and others have infected websites. While such services often make life easier for administrators, they also create opportunities for miscreants to defraud users.
Since 2006, HTML code on the Perl.com website has pulled javascript off of the grepblogs site, said Dale Dougherty, general manager of the O’Reilly divisions that’s responsible for upkeep of Perl.com. Once the content on the grepblogs site changed, visitors to the site were soon redirected to other sites. O’Reilly admins fixed the problem at about 6:30 a.m. California time on Friday by nullifying the script.
As many of the members here have done, blocking JavaScript may be a good idea, blocking ads may help or just not surfing at all!
Of course not using Internet Exploder Explorer also goes a long way.
Source: The Register
Posted in: Hacking News, Spammers & Scammers, Web Hacking
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares
Last updated: September 9, 2015 | 14,038 views
sqlmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.
Features
- Full support for MySQL, Oracle, PostgreSQL and Microsoft SQL Server database management system back-end.
- Can also identify Microsoft Access, DB2, Informix and Sybase;
- Extensive database management system back-end fingerprint based upon:
- – Inband DBMS error messages
- – DBMS banner parsing
- – DBMS functions output comparison
- – DBMS specific features such as MySQL comment injection
- – Passive SQL injection fuzzing
- It fully supports two SQL injection techniques:
- – Blind SQL injection, also known as Inference SQL injection
- – Inband SQL injection, also known as UNION query SQL injection
You can find the documentation here:
sqlmap README (HTML and PDF)
You can download sqlmap 0.5 here:
sqlmap-0.5 (tar/zip)
Or read more here.
Posted in: Database Hacking, Hacking Tools
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares
Last updated: September 9, 2015 | 9,564 views
Ah I remember some of the nastiest viruses back in the day attaching themselves in the MBR (Master Boot Record) rendering most anti-virus software useless (as it sits on top of the OS).
Now it seems MBR infection is back in fashion for a new age of rootkits.
Security mavens have uncovered a new class of attacks that attach malware to the bowels of a hard drive, making it extremely hard to detect and even harder to remove.
The rootkit modifies a PC’s master boot record (MBR), which is the first sector of a storage device and is used to help a PC locate an operating system to boot after it is turned on. The result: the rootkit is running even before Windows loads. There have been more than 5,000 infections in less than a month, researchers say.
“Master boot record rootkits are able to subvert the Windows kernel before it loads, which gives it a distinct stealth advantage over rootkits that load while Windows is running,” said Matthew Richard, director of the rapid response team for iDefense, a security provider owned by VeriSign. “It gives it a great stealth mechanism that allows it to persist even after removal.” Such rootkits can even survive reinstallation of the operating system, he said.
Pretty stealthy and extremely sticky, time to be a little more wary. MBR infectors are extremely nasty and the majority of people won’t even know they are. Plus as they can subvert the Windows kernel before it even loads…it has a huge stealth advantage.
The new rootkit is part of the arms race between security vendors and malware writers, he said. “We’re definitely making it harder and harder for the bad guys to do stuff to the operating system,” he said. They respond by attacking new parts of a PC.
Every version of Windows, including Vista, is vulnerable to the rootkit.
About 30,000 websites, mostly located in Europe, are actively trying to install the rootkit by exploiting users who have failed to install Windows updates, Richard says. There were 5,000 infections from December 12 to January 7. The rootkit is being spread by the same group responsible for distributing the Torpig banking Trojans, which are used to steal online banking credentials.
(Info from Securiteam)
A timeline is available from SANS here.
Source: The Register
Posted in: Hacking News, Malware
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares
Last updated: September 9, 2015 | 9,649 views
As you all seem to pretty interested in Inguma, there’s something else similar called w3af – the fifth BETA was released a while back and the team are now working on the sixth.
w3af is a Web application attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and
We did mention when it was first released – w3af – Web Application Attack and Audit Framework.
There are a lot of small changes, but the basic and bigger ones are:
- Virtual daemon, a way to use Metasploit framework payloads/shellcodes while exploiting web applications.
- w3afAgent, a reverse VPN that allows you to route packets through the compromised server
- Good samaritan, a module that allows you to exploit blind sql injections much faster
- 20+ new plugins
- A lot of bug fixes
- A much more stable core.
A full plugin list is here:
w3af – Plugins
The users guide can be found here:
w3afUsersGuide.pdf
The author has also uploaded the presentation material he made for the T2 conference in Finland – this can serve as a good introduction.
w3af-T2.pdf
You can download w3af here:
w3af BETA5
Or read more here.
Posted in: Database Hacking, Hacking Tools, Web Hacking
Latest Posts:
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool January 24, 2022 - 15 Shares
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. January 5, 2022 - 20 Shares
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more. December 30, 2021 - 16 Shares
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's. August 31, 2021 - 293 Shares
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths. July 7, 2021 - 205 Shares