Archive | Programming




CERT Failure Observation Engine (FOE) – Mutational Fuzzing Tool

The CERT Failure Observation Engine (FOE) is a software testing tool that finds defects in applications that run on the Windows platform. FOE performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases that cause crashes.) The […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

Hack.me – Build, Host & Share Vulnerable Web Application Code

Hack.me is a FREE, community based project powered by eLearnSecurity. The community allows you to build, host and share vulnerable web application code for educational and research purposes. It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party […]

Tags: , , , , , , , , ,

Posted in: Advertorial, Exploits/Vulnerabilities, Programming, Web Hacking | Add a Comment

VMWare ESX Source Code Leaked On The Internet

Another big source code leak, this time VMWare ESX, software which I’m sure most of the readers here have used at some point (I know I have). There was a time back in 2006 when VMWare Rootkits seemed like they might be the next big thing, but nothing much ever came out of it. VMware […]

Tags: , , , , , , ,

Posted in: Legal Issues, Privacy, Programming | Add a Comment

CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike

Reversing complex software quickly is challenging due to the lack of professional tools that support collaborative analysis. The CrowdRE project aims to fill this gap. Rather than using a live distribution of changes to all clients, which has proven to fail in the past, it leverages from the architecture that is being used with success […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Malware, Programming | Add a Comment

CERT Triage Tools – Vulnerability Impact Assessment Tool

The CERT Triage Tools can be used to assist software vendors and analysts in identifying the impact of defects discovered through techniques such as fuzz testing and prioritizing their remediation in the software development process. The CERT Triage Tools include a GNU Debugger (GDB) extension called “exploitable” that classifies Linux application bugs by severity and […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

Basic Fuzzing Framework (BFF) From CERT – Linux & Mac OSX Fuzzer Tool

The CERT Basic Fuzzing Framework (BFF) is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment

Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files

Carbylamine is a PHP Encoder project, which can bypass all leading anti-virus detection against PHP Shells (C99, R57 etc) easily. It can be a very efficient tool for pen-testers when carrying out a black box test which involves inserting malicious code via PHP. Usage

You can download Carbylamine here: carbylamine.php Or read more here.

Tags: , , , , , , , , , , ,

Posted in: Cryptography, Hacking Tools, Programming | Add a Comment

backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)

backfuzz is a fuzzing tool for different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer). The general idea is that this script has several functions already predefined in the file “functions.py”, so whoever wants to write their own plugin’s (for another protocol) you can do so in a few lines […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

Rec Studio 4 – Reverse Engineering Compiler & Decompiler

REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Forensics, Programming | Add a Comment

Agnitio v2.0 Released – Code Security Review Tool

It’s been a while since we’ve mentioned Agnitio, it was earlier this year in March: Agnitio v1.2 – Manual Security Code Review Tool. The author notified me of a new version that was recently released with quite a few additions. For those not familiar with it, Agnitio is a tool to help developers and security […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Programming, Security Software | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·