The File Disclosure Browser takes .DS_Store files found on websites and parses through them to find a list of all potential files in the directory. It can then either just display the URLs for the files or if you give it a proxy it can browse to the files itself. The author wrote it after […]
inspathx is a tool that uses local source tree to make requests to the URL and searches for path inclusion (Full Path Disclosure) error messages. It’s a very common problem in PHP web applications that crops up a lot. PHP Web application developers sometimes fail to add safety checks against authentications, file inclusion etc and […]
Tags: fpd, full path disclosure, information leakage, information-leak, inspath, inspathx, path disclosure, path disclosure scanner, path disclosure scanning, path disclosure scanning tool, path disclosure vulnerability, web application security scanner, Web Hacking, web-application-hacking, web-application-security, web-security, yehg, ygn
Posted in: Hacking Tools, Web Hacking | Add a Comment
It’s been a while since I’ve seen a tool of this type, back in the heydays of Google Hacking (which became the generic term for information gathering via search engines) there were multiple tools such as Gooscan and Goolag. Binging is a simple tool to query Bing search engine. It will use your Bing API […]
Tags: bing, binging, domain enumeration, domain footprinting, google-hacking, host enumeration, information gathering, information-leak, Information-Security, microsoft bing, penetration-testing, reverse lookup, site discovery, web-application-security, web-applications
Posted in: Hacking Tools, Privacy, Web Hacking | Add a Comment
origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents. Features […]
Tags: analyze pdf, document forensics, forging pdf, hacking pdf, information gathering, information-leak, origami, parse pdf, pdf forensics, pdf security
Posted in: Forensics, Hacking Tools, Privacy | Add a Comment
The latest big news is that on February 6th the Kaspersky Customer Records database was hacked through a simple SQL injection flaw on the website. The hacker claimed it was possible to expose all customer data including users, activation codes, lists of bugs, admins, shot and so on. The anonymous hacker hasn’t actually posted any […]
This is a pretty old issue, but this is an interesting new implementation of an old idea. Using your browser history and by matching your browsing habits the site attempts to guess your gender with a weighting system according to the gender demographics for a list of fairly popular sites. It’s not super accurate unless […]
Tags: browser privacy, browser-security, cookies, information-leak, internet privacy, internet-security, Privacy
Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment
Another HUGE information leak from the US government, seems they can’t help themselves. Or perhaps people are just ramping up the efforts against them.. The Navy has begun a criminal investigation after Social Security numbers and other personal data for 28,000 sailors and family members were found on a civilian website. The Navy said Friday […]
Tags: darknet, hacking, information-leak, Information-Security, network-security, US-navy
Posted in: General News, Hardware Hacking, Social Engineering | Add a Comment
