A Look Back At 2014 – Tools & News Highlights


So it’s back to normal programming today, here’s a look back at 2014 (ups and down) and interesting happenings over the past 12 months – including tools and news stories.

2014 Darknet Summary

2014 News Stories

So Bitcoin and cryptocurrency in general was a pretty hot topic in 2014, and the year started out with Yahoo! spreading malware via adverts on their portal.

Later in the year in May, some smart pirates infested the hottest new game Watchdogs with Bitcoin mining malware and made themselves a fortune. There was also an academic paper about hiding a Bitcoin Mining Botnet in the Cloud using free tier accounts – pretty interesting stuff.

There was of course some massive drama too with some large scale vulnerabilities that got everyone in a panic like the SSL bug Heartbleed, the OTHER SSL bug POODLE and the BASH Shellshock.

It turns out nothing really major happened due to either of them, as far as we know anyway..

There were some large scale hacks/compromises in 2014 though such as Target, eBay, Spotify, Code Spaces, the massive celeb leak/fappening, JPMorgan, ICANN and the mother of all hacks in 2014 and possible ever – Sony Pictures who got totally owned.

There was loads of vulns found in Microsoft software (Schannel was pretty important), as usual – so we won’t bother listing all of those out. Some other fairly inconsequential stuff like bugs in WordPress and a pretty nifty (really ancient) bug in FTP.

2014 Best Hacking Tools

There’s been some pretty neat stuff released this year, with highlights being:

You may have overlooked some of these, so do check them out if you did!

Bonus – Top 10 Most Viewed Posts From 2014

  1. PACK – Password Analysis & Cracking Kit
  2. ICANN Hacked Including Root DNS Systems
  3. Massive Celeb Leak Brings iCloud Security Into Question
  4. Blackhash – Audit Passwords Without Hashes
  5. masscan – The Fastest TCP Port Scanner
  6. Password Manager Security – LastPass, RoboForm Etc Are Not That Safe
  7. 14-Year Olds Hack ATM With Default Password
  8. ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
  9. ParanoiDF – PDF Analysis & Password Cracking Tool
  10. The 25 Worst Passwords Of 2013 – “password” Is Not #1

Enjoy 2015!

Posted in: Site News


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


One Response to A Look Back At 2014 – Tools & News Highlights

  1. Knife January 6, 2015 at 10:08 pm #

    Also worth mentioning were the US State Department, White House, and US Postal Service hacks during the fall. 800,000 social security numbers were reported exposed from the IS Postal Service hack alone.

    http://www.theguardian.com/us-news/2014/nov/17/state-department-email-attack-shutdown