Archive | November, 2008

Microsoft Security Assessment Tool – Free for Windows

Keep on Guard!


The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and your business. Begin the process by taking a snapshot of your current security state, and then use MSAT to continuously monitor your infrastructure’s ability to respond to security threats

Understanding Your Risks

MSAT is designed to help you identify and address security risks in your IT environment. The tool employs a holistic approach to measuring your security posture and covers topics including people, process, and technology.

MSAT provides:

  • Easy to use, comprehensive, and continuous security awareness
  • A defense-in-depth framework with industry comparative analysis
  • Detailed, ongoing reporting comparing your baseline to your progress
  • Proven recommendations and prioritized activities to improve security
  • Structured Microsoft and industry guidance

MSAT consists of over 200 questions covering infrastructure, applications, operations, and people. The questions, associated answers, and recommendations are derived from commonly accepted best practices, standards such as ISO 17799 and NIST-800.x, as well as recommendations and prescriptive guidance from the Microsoft Trustworthy Computing Group and other external security sources.

You can download MSAT here:

MSATEnglish 4.0

Or read more here.

Posted in: Countermeasures, Security Software, Windows Hacking

Topic: Countermeasures, Security Software, Windows Hacking


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.


Spam ISP McColo Cut Off From the Internet

Outsmart Malicious Hackers


You might recall we reported a while ago about ‘spam friendly’ ISP Intercage coming back online after having their plug pulled by upstream provider UnitedLayer.

They pledged to clean up their act though and drop their biggest client who was an Eastern European malware and phishing host.

This time another ISP has been suspected of hosting sites that partake in online crime, child pornography and phishing scams.

A U.S. Internet service provider suspected of aiding cybercriminals in online scams and hosting child pornography was at least partially cut off from the Internet on Tuesday night.

The ISP (Internet service provider), McColo, had been under the watchful eye of computer security analysts for years. It is one of a handful of so-called “bulletproof” hosting providers that provide safe haven online for cybercriminals selling Viagra and fake security software.

ISPs can connect with each other to exchange Internet traffic, a practice known as “peering.” Hurricane Electric, an ISP that carried a portion of McColo’s traffic, disconnected with McColo on Tuesday night. Global Crossing, an IP (Internet Protocol) network services provider also connected to McColo would not comment.

Any hosting provider that offers ‘bulletproof’ services rings alarm bells for me as that usually means they are willing to hide spammers/scammers and malware propagation as long as you keep paying the bills.

2 of their Internet peers have already disconnected them, you can see an interesting freemind map of some of the sites and activity they were linked to here.

The whole article can be found here: A Closer Look at McColo

The shutdown coincides with a damming new report authored by several computer security researchers who detail how McColo and other questionable service providers are linked to spam and cybercrime.

McColo’s shutdown “demonstrates that when presented with appropriate evidence of criminal activity, the Internet community can bring about the positive forces necessary to purge it,” the analysts wrote.

McColo, whose servers were located within the U.S., at one time hosted up to 40 Web sites with child pornography, the report said.

McColo also played a big role in spam distribution, said Richard Cox, CIO of Spamhaus, which tracks spamming operations. It hosted Web sites that could infect people’s computers with malicious software used for sending spam, he said.

Apparently there has been a noticeable drop in spam after McColo has been partially cut off from the Internet. There have been reports that a 60-75% reduction in overall spam has been measured after 2 of the McColo peers dropped them meaning the majority of their sites are unreachable.

That’s a huge amount coming from 1 ISP! I hope the other culprits in hosting such sites can be found and disconnected dropping the spam percentage to something that is easy for everyone to deal with.

Source: Network World

Posted in: Legal Issues, Spammers & Scammers

Topic: Legal Issues, Spammers & Scammers


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.


Maltego Download – Data Mining & Information Gathering Tool

Keep on Guard!


Maltego download below, this open source intelligence and forensics application allows for the mining and gathering of information as well as the representation of this information in a meaningful way.

Maltego Download - Data Mining & Information Gathering Tool


The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. It uses the idea of transforms to automate the process of querying different data sources. This information is then displayed on a node-based graph suited for performing link analysis.

What does Maltego do?

The focus of Maltego is analyzing real-world relationships between information that is publically accessible on the Internet. This includes footprinting Internet infrastructure as well as gathering information about the people and organisation who own it.

  • People.
    • Names.
    • Email addresses.
    • Aliases.
  • Groups of people (social networks).
  • Companies.
  • Organizations.
  • Web sites.
  • Internet infrastructure such as:
    • Domains.
    • DNS names.
    • Netblocks.
    • IP addresses.
  • Affiliations.
  • Documents and files.

Connections between these pieces of information are found using open source intelligence (OSINT) techniques by querying sources such as DNS records, whois records, search engines, social networks, various online APIs and extracting metadata.

It provides results in a wide range of graphical layouts that allow for clustering of information which makes seeing relationships instant and accurate – this makes it possible to see hidden connections even if they are three or four degrees of separation apart.


Maltego Information Gathering Features

  • The ability to perform link analysis on up to 10 000 entities on a single graph.
  • The capability to return up to 12 entities per transform that is run.
  • Includes collection nodes which automatically group entities together with common features allowing you to see passed the noise and find the key relationships you are looking for.
  • Includes the ability to share graphs in real-time with multiple analysts in a single session.
  • Graph export options include:
    • GraphML.
    • Entity lists.
  • Graph import options include:
    • Tablular formats – csv, xlx and xlsx.
    • Copy and paste.

If you are interested in similar tools you can also check out:

Recon-ng – Web Reconnaissance Framework
Skipfish 1.94b Released – Active Web Application Security Reconnaissance Tool

Or some of the more OSINT focused tools:

SpiderFoot – Open Source Intelligence Automation Tool (OSINT)
Automater – IP & URL OSINT Tool For Analysis
Oryon C Portable – Open Source Intelligence (OSINT) Framework
FoxOne Free OSINT Tool – Server Reconnaissance Scanner
creepy – A Geolocation Information Aggregator AKA OSINT Tool

You can download Maltego Community Edition Chlorine here:

Paterva Downloads

Or read more here.

Posted in: Security Software

Topic: Security Software


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.


Express Scripts Offers $1million Reward for Cyber Extortionists

Outsmart Malicious Hackers


This is an interesting story, I’ll be watching how it develops – it’s not often you see a bounty for online crimes and especially one as enticing as 1 million dollars!

That’s a hell of a sum for nailing down some dodgy hackers who are running an extortion scam after a data leak.

I really wonder where this will lead.

A US-based prescription processing and benefits firm has taken the unusual step of offering a $1m bounty for information that leads to the arrest and conviction of an unknown group which targeted it in a cyber-extortion scam.

Express Scripts went public last week with news that it received personal details on 75 end users including, in some cases, prescription data. Blackmailers threatened to expose millions of records they claimed were in their possession unless the firm paid up.

The cyber-extortionists responded to a refusal to pay up by moving onto the customers of Express Scripts with similar threats, sent in letters to these various organisations. Express Scripts responded on Tuesday by upping the ante and offering a $1m reward for information that put the unidentified miscreants behind bars

Also in situations like this you have to bear in mind the terms and conditions, the reward actually requires that legal action be taken against the criminals and not just their identity known.

Imagine if they are in a country that has no extradition laws or doesn’t have good relations with the US.

In a related move, Express Scripts offered identity restoration services to anyone who becomes a victim of identity theft as a result of its security breach. It has set up a website to provide information to its members – insurance carriers, employers, unions and the like who run health benefit plans – to provide support at esisupports.com. It has also has hired risk consulting firm Kroll to help its members.

The cause of the breach that led to the data leak and the extent of the compromise are still under investigation. Beyond saying it “deploys a variety of security systems designed to protect their members’ personal information from unauthorized access”, Express Scripts (which handles a reported 50 million prescriptions a year) has said little about the breach or how it intends to prevent a repetition.

As well as posting a reward, Express Scripts has called in the FBI in its attempts to bring the blackmailers threatening its business to book. Anyone with information on that threats is advised to contact the FBI on 800-CALL-FBI. ®

It’s interesting that the whole issue of how the data integrity was comprised and what happened exactly to expose the customer details.

Perhaps the whole thing is a PR management exercise to divert attention away from the real issues, they may have issued the reward in safe knowledge the people involved will never be served justice.

But then that’s just me being a skeptic.

Source: The Register

Posted in: Hacking News, Legal Issues, Privacy

Topic: Hacking News, Legal Issues, Privacy


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.


Samurai Web Testing Framework – Web Application Security LiveCD

Outsmart Malicious Hackers


The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

The Samurai project team is happy to announce the release of a development version of the Samurai Web Testing Framework. This release is currently a fully functional linux environment that has a number of the tools pre-installed. Our hope is that people who are interested in making this the best live CD for web testing will provide feedback for what they would like to see included on the CD.

You can download Samurai here:

samurai-0.3

Or read more here.

Posted in: Hacking Tools, Web Hacking

Topic: Hacking Tools, Web Hacking


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.


WPA Wi-Fi Encryption Scheme Partially Cracked

Outsmart Malicious Hackers


Well WEP came down long ago, it was only a matter of time before the standard that succeeded it fell too – WPA. The big news last week was that WPA has been cracked finally, it’ll be discussed this week at the PacSec Conference.

After the insecurity of WEP was exposed the majority of routers and Wi-Fi devices default to WPA, so this may be a serious and widespread security issue. Especially as though the initial method and information is public, more refined and efficient cracking methods will come to light – of course we shall report on any WPA cracking tools that we come across.

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able to crack WPA encryption and read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference’s organizer.

It’s a pretty fast attack on the TKIP, WEP cracking requires a relatively large amount of traffic to get hold of enough weak IVs to crack the WEP key.

If you can break WPA in 12-15 minutes, that’s impressive! It’s not a full key cracking method though, it only yields a temporary key and doesn’t give you full access to everything.

They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack

Security experts had known that TKIP could be cracked using what’s known as a dictionary attack. Using massive computational resources, the attacker essentially cracks the encryption by making an extremely large number of educated guesses as to what key is being used to secure the wireless data.

The work of Tews and Beck does not involve a dictionary attack, however.

To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a “mathematical breakthrough,” that lets them crack WPA much more quickly than any previous attempt, Ruiu said.

From what I understand it allows the attacked to basically hijack the ARP communications on the network, not the full data available.

So it could open up a router or edge device using WPA to be hijacked with ARP spoofing for some man-in-the-middle kind of attack.

Apparently an experimental implementation of the researchers’ attack has been introduced into a development version of the aircrack-ng tool.

Source: Computer World

Posted in: Exploits/Vulnerabilities, Wireless Hacking

Topic: Exploits/Vulnerabilities, Wireless Hacking


Latest Posts:


SQLiv - SQL Injection Dork Scanning Tool SQLiv – SQL Injection Dork Scanning Tool
SQLiv is a Python-based massive SQL Injection dork scanning tool which uses Google, Bing or Yahoo for targetted, multiple-domain or reverse domain scans.
OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.