Onapsis Bizploit – ERP Penetration Testing Framework

Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests. Bizploit is expected to provide the security community with a basic framework to support the discovery, exploration, vulnerability assessment and exploitation of […]

Topic: Database Hacking, Security Software

Microsoft Installs Firefox Add-on Without Asking During Recent Patch Tuesday

It’s not the first time Microsoft has had some issues with Firefox and add-ons they installed on users machines through Windows Update. Back in October of last year, Mozilla forcefully disabled a .NET add-on as it was causing ‘instability’ rather a security/vulnerability issue. I did notice the issue with my own Firefox and also noticed […]

Topic: Windows Hacking

Microsoft Patches At Least 34 Bugs Including Pwn2Own Vulnerability

What a massive mother-load of patches Microsoft has unleashed on this month patching more than 34 security vulnerabilities including the fairly high profile vulnerability exploited at the Pwn2Own contest earlier this year in April. Good news as long as all the average Internet users actually use Windows Update and install the latest patches, which somehow […]

Topic: Exploits/Vulnerabilities, Windows Hacking

Knock v1.3b – Subdomain Enumeration/Brute-Forcing Tool

Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist. Usage

You can view a demo of the tool enumerating Facebook sub-domains on Youtube here: Facebook and Knock v.1.2 Knock works on Linux, Windows and MAC OSX with a python version 2.6.x (or minor). Requirements Python version 2.6.x […]

Topic: Hacking Tools, Networking Hacking

FTC Cracks Down On Spyware Seller CyberSpy Software

Well this case has taken a while but the FTC won in the end and reached a settlement two years after halting the company from selling it’s “100 per cent undetectable” commercial keylogging application. It’s interesting to see court cases that venture into the grey area of ethics, I think the main problem stemmed from […]

Topic: Legal Issues, Malware, Privacy