Archive by Author

HackerTarget.com – Online BlindElephant and WhatWeb Scanning

03. Sep, 2010 • Categories: Site Updates, Tools by admin

There are literally hundreds of thousands of websites running old web applications that are running vulnerable code just waiting to be hacked. It might start with a quick forum install or content management system that will keep running for years. If there were any bugs in the code, and it is a common application they [...]

0 Comments

Iran’s Cyber Army Hacks 1,000 US, British, French Gov’t Websites

03. Sep, 2010 • Categories: Security Breaches by admin

While political hacking has been around for years, this is a good reminder that credit cards and identity theft are not the only targets when it comes to securing systems. Anyone is a potential target, and organisations who have parties that are opposed to their agenda will be targeted. Whether they are non-governmental entities or [...]

0 Comments

BackTrack used by the NSA

09. Jun, 2010 • Categories: Tools by admin

As highlighted over on the backtrack site. It appears the NSA are one of the users of the excellent security testing Linux Distribution that is Back Track. That is almost as cool as Nmap being used in the Matrix. The National Security Agency and the Central Security Service tested the five U.S. service academies during [...]

0 Comments

Metasploit Express Review

02. Jun, 2010 • Categories: Tools by admin

Metasploit Express with Ubuntu The purchase of Metasploit by Rapid7 last year and the recent release of Metasploit Express has been big news in the security community. I have finally gotten around to giving it a spin. So what is Metasploit Express? It is a web based front end for Metasploit that provides not only [...]

1 Comment

Metasploit vs Snort as Snorby

02. Jun, 2010 • Categories: Tools by admin

Recently I stumbled acorss Snorby, an excellent easy to use implementation of Snort. It is a new web interface for Snort that is very pretty, but also simple. An excellent introduction to Intrusion Detection Systems, that is not going to scare anyone away. Now how to I get hold of this I hear you cry…. [...]

0 Comments

Metasploit 3.4.0 on Ubuntu 10.04 a quick introduction

02. Jun, 2010 • Categories: Tools by admin

Perhaps you have heard of metasploit. It is a very powerful exploitation framework developed by HD Moore. Solid growth has seen an early version that was a few exploits in a perl based wrapper turn into a ruby coded framework that is competing with Core Impact and Canvas in the pen-testing community. The latest version [...]

1 Comment

Hacked US Treasury websites serve visitors malware

05. May, 2010 • Categories: Security Breaches by admin

Oops, lets hope the money is safe. You would think of all the US Government departments and targets this one would be well protected. [QUOTE]Websites operated by the US Treasury Department are redirecting visitors to websites that attempt to install malware on their PCs, a security researcher warned on Monday. The infection buries an invisible [...]

0 Comments

SET Social Engineering Toolkit

05. May, 2010 • Categories: Tools by admin

This tool and guide to using the tool is an example of how easy client based exploitation has become. When it comes down to it, attacking the client is fast becoming the easiest method to perform a targeted attack against an organisation or company. For our readers who are not familiar with Metasploit this maybe [...]

0 Comments

CMS Explorer

25. Apr, 2010 • Categories: Tools by admin

When it comes to security vulnerability assessments against content management systems, it becomes necessary to discover which plugins are being used within the system. For the most popular open source systems (wordpress, drupal, joomla) there are literally thousands of plugins available and many have lets admit it not the best record when it comes to [...]

0 Comments

New Web Application Security Tool from Google. Skipfish.

08. Apr, 2010 • Categories: Tools by admin

Having done some initial testing this new tool is powerful and comprehensive. It blends a number of other tool features into a neat little package. I did some testing on my local LAN and the web server was getting pounded with thousands of requests per second. Your access and error.log is really going to fill [...]

0 Comments

Older Entries »