Pixy – New & Free Open-source XSS and SQL Injection Scanner for PHP Programs

Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task. Pixy is a Java program that performs […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment

Caller ID Spoofing to be Made Illegal in the USA

The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA. A while back the FCC announced the wanted to crack down on Caller ID spoofing as it was still too easy. The amount of the forfeiture penalty (…) shall not exceed $10,000 for each violation, or […]

Tags: , , , , , , , ,

Posted in: Hardware Hacking, Legal Issues | Add a Comment

w3af – Web Application Attack and Audit Framework

A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features: Audit SQL injection detection XSS detection SSI detection Local file include […]

Tags: , , , , , , , ,

Posted in: Database Hacking, Hacking Tools, Web Hacking | Add a Comment

Vista Security Claims Debunked – Figures Skewed

Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft. Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’. You can read the report here: Vista 6 Month Vuln Report [PDF] The Microsoft “researcher” claims that Windows Vista […]

Tags: , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Immunity Debugger

Immunity Debugger v1.0 (immdbg) Release – Download it Now!

After almost a year of intensive development and internal use, Immunity (The guys who bought us CANVAS) has announced the public release of Immunity Debugger v1.0. The main objective for this tool was to combine the best of commandline based and GUI based debuggers. Immunity Debugger is a powerful new way to write exploits, analyze […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment

PDF & Image Attachment Spam – The New Problem with E-mail

The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments. PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer and […]

Tags: , , , , , , , , ,

Posted in: Spammers & Scammers | Add a Comment

German Hacker Successfully Clones E-Passports

So the latest news is that the RFID chips in electronically enabled passports are NOT encrypted, which bright spark came up with that idea? Ok so you implement ‘more secure’ RFID passports, and leave all the data in plain text for anyone to tamper with – nice! So what do you think they are gonna […]

Tags: , , , , , , ,

Posted in: Hardware Hacking, Legal Issues | Add a Comment

rtpBreak – RTP Analysis & Hacking Tool

rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesn’t require the presence of RTCP packets (voipong needs them) that aren’t always transmitted from the recent VoIP clients. The RTP sessions are composed […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

Russian Elcomsoft Finds Backdoor in Quicken Passwords

Elcomsoft is quite a well known firm when it comes to password ‘recovery’, I have used their products in the past when I was in a fix and I needed a password that had been, you know…lost. They rose to fame in 2001 after cracking Adobe’s eBook format. Recently they announced a fairly serious backdoor […]

Tags: , , , , , ,

Posted in: General Hacking, Password Cracking | Add a Comment
Daniel and Prizes

June Commenter of the Month Competition Winner Daniel and his Prizes

Daniel has received his prices for winning the June competition. Doesn’t he look smart! He’s happy! I want a silver PSP too *sigh* so sad they give it to other people haha. So keep commenting guys and keep up the good discussion, in the world of blogs you ‘tip’ the author by leaving comments. It […]

Tags: , , , , , , , , , , ,

Posted in: Site News | Add a Comment