Verzeichnis
Darknet - The DarksideEthical Hacking, Penetration Testing & Computer Security
Finally a proactive measure from Adobe to try and remedy the horrible security flaws they have introduced to Firefox with their Flash Player. There have been some massive hacks recently due to Flash - - Hackers Exploiting Latest Adobe Flash Bug On Large Scale - Adobe Patches Latest Flash Zero Day Vulnerability - Adobe Promises [...]
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering ToolTue, 31 Jan 2012 15:29:43 +0000
theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Now this is quite a fascinating story, especially if you know anything about Malware and have interests in that area. It seems the latest development is the accidental development of new super-malware strains created by viruses infecting executable files of worms. Worms are generally executable files and well, viruses infect executables – so...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Mobius Forensic Toolkit 0.5.10 – Forensics Framework To Manage Cases & Case ItemsThu, 19 Jan 2012 17:03:54 +0000
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. Installation As root, type: python setup.py install Usage Run mobius_bin.py. You can...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Oh look, another aspect of security and privacy to consider as Google pushes its’ mobile payment solution ‘Wallet’ onto two new NFC capable phones – the Galaxy Nexus & LG Viper. If you haven’t heard of the service you can find out more here – Google Wallet (Wikipedia). The main concern here (security wise)...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Arachni v0.4 Released – High-Performance (Open Source) Web Application Security Scanner FrameworkMon, 09 Jan 2012 17:38:47 +0000
Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby. This version includes lots of goodies, including: A new light-weight RPC implementation (No more XMLRPC) High Performance Grid (HPG) — Combines the resources of multiple nodes for lightning-fast scans Updated WebUI to provide access to HPG...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Ramnit Worm Stealing Facebook Account Passwords, E-mail Address & Bank DetailsThu, 05 Jan 2012 16:38:34 +0000
Oh look, another Facebook worm – this one seems pretty nasty and as usual it’s going for Facebook access details and then diving into banking credentials if it can find them. It’s mostly targeted at the UK though, worms of these type usually are geographically limited as they are targeting bank information – it’s...
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because: They either do not work or are not reliable (false negatives several times in the past) They are slow (not multi-threaded or [...]
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them. The scale of this incident somehow reminds me of the whole TJ MAXX fiasco a few years back. [...]
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
Social Engineering Vulnerability Evaluation and Recommendation ProjectThu, 22 Dec 2011 15:52:25 +0000
Social engineering has been around for tens of thousands of years so it is time we approach the topic in a professional manner. The Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project is one way to help penetration testers become more consistent. It is also intended to be the best way to teach novices about [...]
Read the full post at darknet.org.uk
Read the full post at darknet.org.uk
