Follow us on Twitter
  1. OCCUPIEDBANKWS Pls remember Dont ask any US Media company execs if read Murdoch NewsCorp UK MP #hacking report.BANNED IN USA http://t.co/U1xDlABa 2 minutes
  2. papasmurfslife RT @my4ng3l: "Book On-line: The Basics of Hacking and Penetration Testing - 2011" http://t.co/kr0RcCL5 #Book #Hacking #Infosec #Learn #Security #101 6 minutes
  3. GatoMalo2 Attacking a ToR Network http://t.co/DNfszYmK via #gAtO 👤 #infosec #security #cyberwar #cybersecurity #IT #scada #hacking #seguridad 8 minutes
  4. monkees1 RT @Hacking_Scandal: #notw #hacking Boris's spin doctor who helped mastermind re-election now Murdoch's £250,000... http://t.co/XVtC0OlJ http://t.co/nUA4wElB 10 minutes
  5. Hacking_Scandal #notw #hacking Boris's spin doctor who helped mastermind re-election now Murdoch's £250,000... http://t.co/XVtC0OlJ http://t.co/nUA4wElB 10 minutes
  6. HackingScandal #notw #hacking Boris's spin doctor who helped mastermind re-election now Murdoch's £250,000... http://t.co/V7PhQ9wS http://t.co/YpMgeYP5 10 minutes
  7. DotunOyesanmi http://t.co/i7msaxjb #php #hacking #cookie 12 minutes
Most popular
Login

IT Vulnerability & ToolsWatch

IT Vulnerability & ToolsWatch
Keep on eye on your defences

  • ClubHack Magazine Issue #28, May 2012 Released
    The ClubHack Magazine is the first ‘hacking‘ magazine in India. This issue covers following articles: 0×00 Steganography over converted channels (Tech Gyan). 0×01 Kauntilya (Tool Gyan). 0×02 Section 66C – Punishment for identity theft (Legal Gyan). 0×03 HTTPS (Hyper Text Transfer Protocol Secure) (Mom’s Gide). 0×04 Don’t Get Injected – Fix Your Code (Code Gyan). Check http://chmag.in/ for articles. Download ClubHack Magazine Issue #28, May 2012 Download PDF: ClubHack Magazine Issue #27, April 2012 Leave a Reply Logged in as MaxiSoler (Logout) Sponsoring the Blackhat Arsenal Tools Vegas 2012 Press Partner for HackInParis 2012 Categories Timeline April 2012 M T W T F S S « Mar May » 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 Archive Tag Cloud Acunetix Analysis Application Assessment Application Scanner Application Testing Binary Analysis Bruteforce Configuration Auditing Data Correlation Data Mining Data Sniffer Defense Ethical Hacking and Pentesting Exploitation Forensics Fuzzing IDS/IPS Information Gathering Interception Live CD / DVD Live Hacking DVD Local Auditing Malware Malware Scanner Metasploit Microsoft Monitoring Nessus Network Discovery Network Monitoring Open Standards OWASP Password Cracker Reporting SET Sniffer Social Engineering SQL injection SSL Vulnerability Assessment Vulnerability Management Vulnerability Scanner Weaknesses Web Browsers Security WireShark Latest updates Bluelog v1.0.3 Released TrueCrack Beta Brute-Force Password for TrueCrypt Released Apple Releases Flashback Fix for OS X Leopard OWASP Mantra – Lexicon v0.91 Beta Released Acunetix Web Vulnerability Scanner Version 8 Build 20120508 Released Categories Business (10) Events (32) Interview (32) News (17) Papers (99) Tools (795) ToolsTube (34) Latest Members      

  • Bluelog v1.0.3 Released
    Bluelog is a simple Bluetooth scanner designed to tell you how many discoverable devices there are in an area as quickly as possible. It is intended to be used as a site survey tool, identifying the number of possible Bluetooth targets there are in the surrounding environment. Changelog v1.0.3 Switched from “tac” to “sed” in Bluelog Live, WRT compat improvement livelog.pl removed, will be back shortly… Compatibility Bluelog has been written with portability and efficiency in mind, so it is able to run on a number of systems and hardware platforms. Basically, as long as the device can run (and get results from) “hcitool scan”, and you can compile software for it, there is a good chance Bluelog can run on it. In addition to running on all major Linux distributions, Bluelog has been used successfully on Chrome OS (running on the CR-48 netbook), and MIPS based OpenWRT devices. For information on the OpenWRT build of Bluelog, see the “openwrt” directory. More Information: here Download Bluelog v1.0.3

  • TrueCrack Beta Brute-Force Password for TrueCrypt Released
    TrueCrack is a brute-force password cracker for TrueCrypt volume files. It works on Linux and it is optimized with Nvidia Cuda technology. It works with cripted volumes with the following algorithms: PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function. XTS block cipher mode of operation used for hard disk encryption based on AES. TrueCrack can work in two different modes of use: Dictionary attack: read the passwords from a file of words (one password for line). Charset attack: generate the passwords from a charset of symbols defined by the user (for example: all possible strings of n characters from the charset “abc” ). How to RUN it? Dictionary attack from a wordlist file: ./truecrack -t TRUECRYPT_VOLUME -w WORDLIST_FILE -b 1024 Charset attack from an alphabet (ex. abc) with the maximum length(32) for single word: ./truecrack -t TRUECRYPT_VOLUME -c abc -m 32 -b 1024 More Information: here Download TrueCrack

  • Apple Releases Flashback Fix for OS X Leopard
    This update removes the most common variants of the Flashback malware. If the Flashback malware is found, a dialog will notify you that malware was removed. In some cases, the update may need to restart your computer in order to completely remove the Flashback malware. To improve the security of your Mac, this update also disables the Java plug-in in Safari. For instructions on how to re-enable it, please visit: http://support.apple.com/kb/HT5241. SHA1 = 64231192a3b6d0ac8b0fe61c6ea7be5c829cc9f9 For information on the security content of this update, please visit this website: http://support.apple.com/kb/HT1222. Download  

  • OWASP Mantra – Lexicon v0.91 Beta Released
    OWASP Mantra is such an innovative product, a security framework built on top of a browser. Its cross platform, portable and can run out of the box. You can take it with you where ever you go in absolutely any rewritable media including memory cards, flash drives and portable hard disks. More over, Mantra can be used for both offensive security and defensive security related tasks which makes it incredible. Changelog Lexicon v0.91 Beta OWASP Mantra Security Toolkit 0.91 beta, code named Lexicon is based on Firefox 12 and works out of the box on Windows, Linux and Macintosh platforms. New Features Known Issues Download Links New Features Firefox 12: Lexicon uses Firefox 12 as the base, and brings in many improvements. NoRedirect Extension:It will help you to take control of the HTTP redirects. This is one of the amazing extensions of Firefox we have ever seen. FireEncrypter: Encryption, decryption and hashing functions right in your browser. Ra.2: A black box DOM-based XSS Scanner Neat and light right click context menu: The main right click context menu is more clean and organized.   Known issues Error messages During start-up of Lexicon in Linux, authentication errors are displayed in the shell, however, the application runs smooth without any issues. Link Lexicon and Firefox not running together  A temporary fix is available and can be seen here Translation is far away from perfect We are trying our best to make it perfect, and you can help us by contributing. No upgrading option We strongly recommend you to use a fresh build of Mantra Lexicon and not to upgrade Firefox base from previous versions. Many of the extensions available today are not compatible with latest versions of Firefox. Apart from that, using them as it is will result in a very cluttered menus since they make their entries into toolbar, context menus and status bar. We have applied some minor changes to those extensions to fix these issues. Upgrading those extensions automatically might break some functionality so we strongly recommend you to keep automatic updates turned off. Download OWASP Mantra – Lexicon v0.91 Beta

  • Acunetix Web Vulnerability Scanner Version 8 Build 20120508 Released
    Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing. Changelog v8.20120508 New Security Check Acunetix WVS 8 checks if your PHP-CGI installation is vulnerable to remote code execution. For further information regarding this type of vulnerability, read the PHP-CGI advisory article here. New Features Ability to edit scheduled scans. No need for scheduling new scans every time you wish to change a scan setting. Amend multiple scheduled scans simultaneously by selecting them and applying the required global changes. Save all your scanned results and access them at any time from your scheduler’s scan history. You can also delete your scanned results from the web-based scheduler. A new setting has been introduced to configure the maximum number of pages during a crawl. Improvements Improved Cross-Site Scripting (XSS) tests. The web-based scheduler has been improved to run better in the latest version of Internet Explorer. Enhanced SQL injection tests to reduce the false positives reporting even more. Bug Fixes The scheduled scans can be correctly imported after upgrading to a more recent build of Acunetix WVS 8. The false positives settings node can now support changes from multiple instances at the same time. Web Service Definition Language (WSDL) Scanner URL edit box is now able to save history. More Information: Acunetix v8 Manual Download Acunetix Web Vulnerability Scanner v8.20120508

  • Cuckoo Sandbox v0.3.2 Released
    Cuckoo is an open source automated malware analysis system. Its goal is to provide you a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment. It can retrieve the following type of results: Traces of win32 API calls performed by all processes spawned by the malware. Files being created, deleted and downloaded by the malware during its execution. Network traffic trace in PCAP format. Screenshots of Windows desktop taken during the execution of the malware. Traces of assembly instructions performed by the malware. Cuckoo is designed to be used both as a standalone application as well as to be integrated in larger frameworks, thanks to its submission and processing automation capabilities. It can be used to analyze: Generic Windows executables DLL files PDF documents Microsoft Office documents URLs PHP scripts Almost everything else Thanks to its scripting and customization capabilities there’s basically no limit to what you can achieve with Cuckoo, for example automating malware unpacking or automating the dump of configuration files and web-injects from banking trojans. Changelog v0.3.2 Introduced MAEC analysis report. Introduced MAEC metadata report. Introduced Python pickled report. Added base64 encoded screenshots to CuckooDict. Added screenshots to HTML report. Added static analysis Python modules. Added static analysis to HTML report. Added list of unique involved hosts to HTML report. Added forced restore of snapshot at startup before checking if a virtual machine is in a valid state. Added forced restore of snapshots at Cuckoo’s termination. Improved logging capabilities. Added invocation of processor.py also at analysis failures. Added IPv6 support to PCAP processing. Added option to delete original files after submission. Added folder for additional files and data to drop. Added API category and parent ID to raw behavioral logs entries. Removed distorm3.dll as a system dependency. Fixed issue with dumped files’ names. Fixed bug in web server’s search functionality. Fixed generation of analysis duration time and timestamps. Fixed bug in acquisition of a user-specified virtual machine. Fixed PHP analysis package. Fixed processing of screenshots and refactored their file names to a 3 digit format. Fixed bugs on encoding special characters in analysis data and network packets. Decreased default analysis timeout. Removed instructions trace functionalities and analysis package. More Information: here Download Cuckoo Sandbox v0.3.2

  • Mutator v0.1.1 Released
    Mutator aims to be a wordlist mutator with hormones. This software is usefull when applied to a few words, like company name and/or domain name targeted or the usernames of the system administrators. You must think that the number of words resulting of applying all mutations is exponential: a 1 word input would generate an output of 1200 words; a 4 words input would generate an output of 4800 words. Some mutations are strange, and some of them have no sense applied together, like *_strings and add_year but is your decision, for that exists the parameters. More Information: here Download Mutator v0.1.1

  • RadioGraPhy v1.0 Released
    Radiography is a forensic tool which grabs as much information as possible from a Windows system. RadioGraPhy is OpenSource (GPL License) and come with a CLI version and a graphic frontend. It checks: Registry keys related to startup process Registry keys with Internet Explorer settings System Accounts and properties Startup files System services Hosts file contents TaskScheduler tasks Loaded System Drivers NetBios Shares Hidden Windows System processes running (and their location if possible) Network information (Open connections, listening ports …) When it identifies a process (running or configured in registry keys, startup directories or task scheduler) it checks its hash with Team Cymru’s MALWARE HASH REGISTRY service to identify potential threats. More Information: here Download RadioGraPhy v1.0

  • The Blackhat USA Las Vegas 2012 – Arsenal Tools Submission is now Opened
    NETpeas is very proud and honored to announce that it has been appointed for the 3rd time to sponsor, via @Toolswatch activities, The Black Hat Arsenal Tools this year at the Black Hat USA 2012 that will be hosted at Caesars Palace in Las Vegas, Nevada July 21 – 26. The Arsenal Tools is Tool/Demo area for independent researchers and the open source community that will allow them to showcase their work. Submit Your Tool

Best Rated Content
Archive
Last comments

Copyright 2008-2012.
All Rights Reserved.