• Subscribe to the low volume list for updates.

Blog

Brute Forcing Passwords with ncrack, hydra and medusa

Ready to test a number of password brute-forcing tools? Passwords are often the weakest link in any system. Testing for weak passwords is an important part of security vulnerability assessments. I am going to focus on tools that allow remote service brute-forcing. These are typically Internet facing services that are accessible from anywhere in the […]
Read More

sqlmap 0.9 added to online security scans

Latest update to the site tools is the addition of the new SqlMap 0.9 release to the Online SQL Injection scanner. This is a tool that takes SQL Injection to the next level and beyond. While our online scan tests for Sql Injection in HTTP GET requests, this is only the beginning. This tool can […]
Read More

Web Tech 2011 – Part 2

Now available is Part 2 of our Web Tech Report 2011 data mining project. We have compared the results of the most popular web technologies of the Top 1 Million Web Sites with the most popular Technologies in use by the Forbes Fortune 1000 US Corporations. There is a clear preference by the largest corporations […]
Read More

Web Tech 2011 Report

The HackerTarget.com Web Tech 2011 Report has just been released. This is the first edition of the report and aims to provide insight into the web technologies in use by the worlds most popular websites. Based on the Alexa top 1 million sites; content management system popularity, web servers, server side scripting, web development frameworks, […]
Read More

PSAD Tutorial – Port Scan Detection in Ubuntu Linux

Using PSAD to Detect Port Scans in Ubuntu Linux can reveal who is hitting your servers and where they are coming from. In this short tutorial I will show you how to quickly get a port scan monitoring system in place. PSAD has been around since 2001. As is often the case a simple open […]
Read More

dnsdumpster.com launched for osint recon

DNSDumpster.com is a new project and network reconnaissance platform from HackerTarget.com. We have built an open source intelligence gathering tool that will profile a domain name and produce an easy to read report about related systems and publicly available information about that domain. Head over and give it a spin! Alternatively if you like to […]
Read More

PandaLabs 2010 Annual Report

It appears 2010 has been a cracking year for malware developers. Customised malware is a significant threat to any environment, given the fact that controls that can effectively protect against these attacks are limited and difficult to implement. Anti-virus certainly does not provide much protection against a trojan that has been customised to attack a […]
Read More

Security Onion LiveCD

Security based LiveCD distributions are a great way to quickly get your hands on some powerful security tools. Security Onion is no exception, if you are interested in playing with IDS or getting some intrusion detection tools up and running in a hurry you should definitely take a look at this. What is Security Onion? […]
Read More

Hack your org in 60 minutes

Often times the users of HackerTarget.com are not experts in the realm of vulnerability assessments. In fact many are not sure where to start and are confronted with a bunch of free tools available online for immediate use. The tools have a variety of different uses leaving beginners unsure of where to begin. I have […]
Read More

Armitage – Cyber Attack Management for Metasploit

Metasploit development continues in leaps and bounds both from within Rapid7 and from the community. This is newly released tool puts the power of the Metasploit Framework into the hands of those who prefer point and clicky interfaces. Why does Armitage exist? "I've met too many security professionals who don't know how to use Metasploit. […]
Read More