[ad] WebRaider is a plugin based automated web application exploitation tool which focuses to get a shell from multiple targets or injection point Idea of this attack is very simple. Getting a reverse shell from an SQL Injection with one request without using an extra channel such as TFTP, FTP to upload the initial payload. […]
Archives for March 2010
Energizer Duo USB Battery Charger Software Has Backdoor Trojan
[ad] There has been a number of interested stories lately especially related to hardware, the latest doing the rounds is this one where a seemingly innocuous USB battery charger has been installing some nasty remote control software onto users systems. The charger at fault is the Energizer Duo USB Battery Charger, you’re only at risk […]
SAHI – Web Automation & Application Security Testing Tool
[ad] Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications. Sahi is a tester friendly tool. It abstracts out most difficulties that testers face while automating web applications. Some salient features include excellent recorder, platform and browser independence, no […]
Boffins Crack OpenSSL Library Using Power Fluctuations
[ad] Now this is a very interesting technique, as far as I know I’ve not seen anything similar to this before. It’s like a rather bizarre meld of hardware hacking and software exploitation using cryptographic algorithm cracking techniques. Some rather smart fellas have found a way to extract the private SSL key from a device […]
Ncrack – High Speed Network Authentication Cracking Tool
[ad] Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a […]