[ad] sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure, inject a SQL query, download files from the web server, upload and control a backdoor, and much more… It is designed to maximize the amount […]
Archives for March 2009
Indian Credit Card Fraud Exposed – Linked to Symantec
[ad] In a recent undercover sting the BBC has uncovered some unscrupulous Indian chaps selling valid UK credit card details, the kicker to the story is the fraud is linked to Symantec as the people being defrauded had all recently bought Norton subscriptions. I guess it’s hard to control a 3rd party call center though […]
Webshag 1.10 Released – Free Web Server Audit Tool
[ad] Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing. You may remember back in March 2008 we published about Webshag 1.00 being released. Now Webshag 1.10 has been released! This new version provides several […]
New Conficker Variant More Aggressive
[ad] Conficker has gotten quite a lot of news recently with it growing so fast and Microsoft offering a bounty for the authors. It seems like the Conficker authors are really serious about retaining control of their botnet and expanding it further without hindrance from the companies trying to stop them. It’s quite likely they […]
dnsmap 0.22 Released – Subdomain Bruteforcing Tool
[ad] dnsmap is a subdomain bruteforcer for stealth enumeration, you could say something similar to Reverse Raider or DNSenum. Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP […]