Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace() API/POSIX signal interface to detect and log crashes. Basically it’s a simple, easy to use via command-line interface, providing nice analysis of software crashes in a simple form of […]
Archives for December 2010
FBI Investigating Gawker Media User Database Password Ownage
After the non-stop action with WikiLeaks last week, the big news this week is the hack carried out on Gawker Media which exposed their users e-mail addresses and passwords. More than 200,000 password hashes (very lightly encrypted with DES) and e-mail combos can be downloaded on-line as a torrent file. Now this has had some […]
SQLInject-Finder – Intelligent SQL Injection Detection Script
SQLInject-Finder is a simple python script that parses through a pcap and looks at the GET and POST request data for suspicious and possible SQL injects. Rules to check for SQL injection can be easily added. Output can be printed neatly on the command line or in tab delimited format. The output includes: The suspicious […]
WikiLeaks Attacks Cause Rival DDoS Retaliation
The biggest news by far for the past week or so has been the attacks on WikiLeaks infrastructure after posting tens of thousands of classified cables online in a categorized form. Just a few days ago their DNS provider (EveryDNS) pulled the plug – apparently due to pressure from the US government, and also because […]
TwitterPasswordDecryptor – Instantly Recover Twitter Account Passwords
TwitterPasswordDecryptor is the FREE tool to instantly recover Twitter account passwords stored by popular web browsers. Most web browsers store the login credentials for visited websites so that user don’t have to remember and enter the password every time. Each of these web browsers use their own proprietary encryption mechanism to store the login passwords […]