HconSTF is an Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessment. It contains webtools which are capable of carrying out XSS attacks, SQL Injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. It could prove useful to anybody interested […]
Nvidia Investigates Claims Of Online Store Compromise During Spate Of Hacking
Just a few days back we posted about Yahoo! Voices Hacked With SQL Injection – Passwords In Plaintext, and most recently it seems someone has been going after Nvidia pretty hard. They have already had a few web properties hacked including their forum, the developer zone and their research site. The latest break in the […]
spt v0.6.0 – Simple Phishing Toolkit Available For Download
spt is a simple concept with powerful possibilities. It is what it’s name implies: a simple phishing toolkit. The basic idea the spt project had was “Wouldn’t it be cool if there were a simple, effective, easy to use and free (most importantly!) tool that information security professionals could use to evaluate and train what […]
Yahoo! Voices Hacked With SQL Injection – Passwords In Plaintext
There’s been a few HUGE cases of large sites being hacked and exposing either plaintext or extremely poorly encrypted passwords, it happened to LinkedIn not that long ago – and the latest case is of Yahoo!. It wasn’t the main site, but with almost half a million username and password combos exposed – it’s a […]
Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) 3rd Party GUI
We published an article about Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) when it came out back in June 2011. The Native GUI for EMET is in .NET and there are some situations or restricted environments where you may be unable to install .NET or just simple don’t want to use it. This is where this […]