Noise

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Now this is quite a fascinating story, especially if you know anything about Malware and have interests in that area. It seems the latest development is the accidental development of new super-malware strains created by viruses infecting executable files of worms. Worms are generally executable files and well, viruses infect executables – so…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. Installation As root, type: python setup.py install Usage Run mobius_bin.py. You can…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look, another aspect of security and privacy to consider as Google pushes its’ mobile payment solution ‘Wallet’ onto two new NFC capable phones – the Galaxy Nexus & LG Viper. If you haven’t heard of the service you can find out more here – Google Wallet (Wikipedia). The main concern here (security wise)…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby. This version includes lots of goodies, including: A new light-weight RPC implementation (No more XMLRPC) High Performance Grid (HPG) — Combines the resources of multiple nodes for lightning-fast scans Updated WebUI to provide access to HPG…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look, another Facebook worm – this one seems pretty nasty and as usual it’s going for Facebook access details and then diving into banking credentials if it can find them. It’s mostly targeted at the UK though, worms of these type usually are geographically limited as they are targeting bank information – it’s…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because: They either do not work or are not reliable (false negatives several times in the past) They are slow (not multi-threaded or [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them. The scale of this incident somehow reminds me of the whole TJ MAXX fiasco a few years back. [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Social engineering has been around for tens of thousands of years so it is time we approach the topic in a professional manner. The Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project is one way to help penetration testers become more consistent. It is also intended to be the best way to teach novices about [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There have been a few stories about this in the past, I recall China Facing Problems With Android Handsets & Pre-installed Trojans that were draining people’s batteries and phone credit by sending messages to premium-rate numbers. The latest news is of a more technical nature, but it outlines ways in which cybercrooks may well be [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

MysqlPasswordAuditor is the FREE Mysql password recovery and auditing software. Mysql is one of the popular and powerful database software used by most of the web based and server side applications. If you have ever lost or forgotten your Mysql database password then MysqlPasswordAuditor can help in recovering it easily. It can also help you [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Transport Layer Security (TLS), commonly called SSL, is one of the most widely used protocols to secure network communications. As costs fall and user security and privacy expectations rise companies are deploying it more widely every year. Attacks against the CA system, SSL implementation flaws and aging protocol versions have grabbed news…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is quite an amusing story, I’m sure many of you have read about the ‘hacking challenge’ set up by GCHQ and that they are looking to hire hackers cyber-security specialists through non-traditional channels. The thing that tickled me was, well there were two things actually..one that the challenge site was coded in ASP and…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is certainly an interesting acquisition and not one I would have expected, I’m not even exactly sure what Twitter is planning and why they would want a company focused on mobile encryption (and specifically on the Android platform). I can’t see any real corporate use for Twitter, so they won’t be pushing the security [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in Cisco, Avaya, and Nortel environments. This requires two important steps in order for the tool to traverse [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address range or stand-alone computer by multi-threading method, plug-ins are supported. This is an old tool (last update in 2005), but some people still find it useful and there are certain situations where it can be useful (especially in those jurassic companies…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is a pretty interesting progression in the encryption field, I’m pretty sure most of us here will use some kind of key based e-mail encryption (PGP/GPG etc) and various different software based implementations. Or perhaps some of you already use something totally web-based like Hushmail, the story is that researchers in Germany have…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface, you can retrieve the database(s) structure, inject your own SQL queries (even complex ones), download files from the web server, crawl the website for writable directories, upload and control a backdoor, clone the database(s), and much…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We do write about Julian Assange from time to time – the last time was about WikiLeaks Attacks Causing Rival DDoS Retaliation. Sadly however, the legal issues Mr Assange is facing are nothing to do with his rather famous site, but rather to do with rape. Keep your dick in your pants son, especially if [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

GoLISMERO helps you to map a web application, displaying the results in a readable format for security auditors and also prepares the results for integration with other web hacking tools as w3af, wfuzz, netcat, nikto, etc. Features Map a web aplication. Show all links and forms params as confortable format. Save results with some formats: [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It wasn’t too long ago (about 6 months) when we reported about Malaysia Government Sites Under Attack From Anonymous – which was somewhat suspicious. And well that’s about the only story we’ve had about Malaysia really. Perhaps that incident and spate of attacks and intrusions had something to do with this most recent…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The latest wave in the infosec world is that Apple has banned the well known security researcher – Charlie Miller – from it’s developer program for exposing a new iOS exploit. It’s not really the smartest move as I’m pretty sure anyone as smart as Charlie Miller still has plenty of options – use another [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is not a real shock to be if I’m perfectly honestly, I only use reCAPTCHA whenever I need a CAPTCHA implementation for anything. And well even then, it’s not totally safe as apparently you can farm out your CAPTCHA cracking (those the fail the automated attempts) to India for a few dollars. It does [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

DirBuster is another great tool from the OWASP chaps, it’s basically a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look – another vulnerability in Facebook! It wasn’t long ago we reported New Research Shows Facebook’s URL Scanner Is Vulnerable To Cloaking. Well this time the private messaging function has been compromised, you can attach an executable and send it to anyone as long as you put a space after the filename. It’s not [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It’s always good to have some news about government conspiracy theories, or in this case government propagated malware. The last case I remember reporting on was – Tunisia Running Country Wide Facebook, Gmail & Yahoo! Password Capture. Now whilst we wouldn’t quite expect that kind of oppressive behaviour from a country like…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I wanted to post this a while back, but the site (and thus the download) was down again – it seems to be a common occurrence. Someone get this guy some proper hosting! winAUTOPWN and bsdAUTOPWN are minimal Interactive Frameworks which act as a frontend for quick systems vulnerability exploitation. It takes inputs like IP [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We haven’t published anything about the Defense Department for a while, the last news really was the whole RSA SecurID thing which affected some of the US DoD sub-contractors. The latest news is they’ve been hit with a colossal lawsuit of almost $5 Billion! The lawsuit is regarding a recent breach involving a healthcare system [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives that CAINE aims to…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I was scanning the news today, and nothing much was going on. There were some half-arsed stories about Anonymous and LulzSec – but nothing really worth writing about. And then, and then I spotted this, which quite frankly scares the shit out of me. As much as it may well have a use in law [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The File Disclosure Browser takes .DS_Store files found on websites and parses through them to find a list of all potential files in the directory. It can then either just display the URLs for the files or if you give it a proxy it can browse to the files itself. The author wrote it after [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look, Facebook security (or insecurity) is in the news again – not that this technique is anything revolutionary or ground-breaking. It’s basically a HTTP referer detection system for the Facebook URL scanner (the thing that generates the preview/thumbnail etc for links posted to Facebook). By detecting it, you can feed it something…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I’m sure you’ve been taught, as have I – that security through or by obscurity is bad (changing port numbers, removing service banners and so on). I’ve personally always used it, as an additional line of defence on my systems. As a hacker I know, the more information a system gives me straight off the [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We wrote about MagicTree back in January of this year when it was first launched – MagicTree – Penetration Tester Productivity Tool . It’s come quite a long way and the authors are happy to announce that MagicTree version 1.0 has been released and is available for download. MagicTree is a productivity tool for penetration [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There was a mass of news back in August about the London riots and how social media (especially Twitter) and the BlackBerry Messenger service (BBM) enabled the rioters to organize themselves via broadcast messages and tweets. After discovering a lot of rioters got busted from their Tweets and BBM messages (which are of course traceable) [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This tool is exactly what it says, it’s a Multi Threaded TCP Port Scanner with possibility to scan 65535 TCP ports on an IP address. You can specify how many threads to run and the timeout. It will tell you the MAC address of the target and the service running – works on both Linux [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The latest story doing the rounds is that MySQL.com got hacked and was serving malware which put it on the Google malware block list. It appears to be in the clear now though and it’s accessible again via Google. It seems to be a similar case with that of the recent Linux.com and Kernel.org hacks [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Google and their Chrome browser have really been stepping things up lately when it comes to security and browsing, we reported not along ago on Google Chrome To Protect Users Against Malicious Executables. Also since we reported on the Chrome bug bounty program back in February 2010 – Google Willing To Pay Bounty For Chrome [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Coliseum Labs is a revolutionary new product by eLearnSecurity, it’s a 100% practical training device for people wanting to learn more about penetration testing. Basically Coliseum is a framework which allows students to learn web application security through 100% practical hands on training. With the specially crafted web applications ready…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html form tags , which often refer to dynamic pages that might be subject to SQL injection or other flaws. It works as an ordinary spider and analyses pages, following hyperlinks, injecting special characters that have a [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The author of WAVSEP (Shay Chen) e-mailed quite some time back about this project, but I have to say I honestly didn’t have time to look at it back then. It popped back up on my radar again when it was mentioned by the author of – Arachni v0.3 – his tool did extremely well [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There was a bit of a buzz on the 10th anniversary of 9/11 when the NBC News Twitter account was hacking and started posting updates regarding a repeated terrorist attack against ground zero. It only lasted a few minutes but as the account has 120,000 followers – it caused quite a stir. It’s not known [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I’ve always been skeptical about this tool, especially seen as though the first version was released on April Fools day in 2009, anyway it’s 2 years later now and it still seems to be around so I think it’s worth publishing an update. If any of you have actually tested this tool out, do drop [...]

Read the full post at darknet.org.uk