Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It’s terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can […]
Another 0-day MySpace XSS Exploit
[ad] This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought). Once again an XSS flaw shows up in MySpace. digi7al64 found yet another hole in myspace using […]
sqlmap – Automated Blind SQL Injection Tool
[ad] sqlmap is an automatic blind SQL injection tool, developed in python, capable of enumerating an entire remote database, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection […]
The RFID Song from Monochrom
[ad] A pretty cool song about RFID and RFID hacking from Monochrom.at. Written and first performed at 23C3 (23rd Chaos Communication Congress) in December 2006 in Berlin as part of monochrom’s ‘Proto-Melodic Comment Squad’. Users, there’s trouble ahead I said users, it is totally sad But users, the future lies in your hand Cause it’s […]
THC Hydra Download – Fast & Flexible Network Login Hacking Tool
THC Hydra Download below, this software rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment. Number one problem with security and people getting hacked are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols to attack. […]