• Subscribe to the low volume list for updates.

Blog

Woothemes Framework Update Analysis

In this post, I examine the fact that only 31% of Wootheme based sites in the top 1 million are running the latest version of the Wootheme Framework. WordPress themes are an important part of the security checklist when maintaining your WordPress installation. An essential security maintenance function of any WordPress install is performing regular […]
Read More

WordPress themes in top 1 million websites

WordPress themes have been extracted from our latest analysis of the worlds top 1 million websites (by alexa rank). Digging into the data shows interesting trends in the WordPress content management space, and provides insight into security vulnerabilities. Third-party Wwordpress components that include plugins and themes can introduce exploitable security issues. Methodology To determine themes […]
Read More

sqlmap POST request injection

In the past using sqlmap to perform POST request based SQL injections has always been hit and miss (more often a miss). However I have recently had to revisit this feature and have found it be to much improved. Both in ease of use and accuracy. This is a quick step by step guide to […]
Read More

Nmap 6.00 added to online port scanning tool

We have completed testing and rolled out the latest Nmap release version 6, to our online port scanner service. At this stage we have enabled Nmap 6 on the immediate port scan page, but are still testing it for scheduled port scanning. This will be upgraded once testing has completed. Congratulations to the Nmap development […]
Read More

HTTP Header Security Analysis

In our analysis of the technology used by the worlds top websites, we queried the data on the usage of HTTP Header security controls. This is a breakdown of the HTTP Header security features that have been developed by different organizations. These controls can utilize features in the web browser to protect the user from […]
Read More

WPScan added to WordPress Security Scan

For all you wordpress lovers we have added wpscan to our existing WordPress Security Scan. WPScan is a handy wordpress focused vulnerability scanner developed by Ryan Dewhurst (ethicalhack3r.co.uk). The scan uses techniques that include brute forcing the plugins directory of a wordpress installation to find installed plugins. This is an accurate way to find plugins […]
Read More

Joomscan added to the online Joomla Security Scan

Our Joomla Security Scanner tool has been extended with the Joomscan security testing tool. Joomscan is a tool that tests a Joomla installation for known vulnerable plugins and core security configuration mistakes. Detection of these vulnerabilities will allow a web site owner to get the plugins update or fixed before they get attacked. Joomla is […]
Read More

Security Scan Restrictions and Updates

After performing over a quarter of a million free security scans, HackerTarget.com has decided to remove access to some of the free security scanning options. This will be a disappointment for some users but in the long run it will mean added functionality and improvements to our overall service. The primary reason for the change […]
Read More

IPv6 added to online port scanner

Our online nmap port scanner is now IPv6 capable. Nmap has had the ability to scan IPv6 ip addresses for some time now and recently Linode also added IPv6 to its VPS offerings. These additions mean we can now provide on-line port scanning of both IPv4 and IPv6 addresses or Host names that have an […]
Read More

Ubuntu and AntiVirus

Does Ubuntu need anti-virus? This is a question posed by many new users who try out Ubuntu Linux everyday. Everyone who has installed a Windows based operating system knows the first step after the first boot is to install AV. Now for a quick background check; Ubuntu is stable, easy to use and a rock […]
Read More