RedWolf Security Threat Generator

The RedWolf Security Threat Generator is a security threat simulator that tests security system effectiveness. It can used to perform tactical tests of your deployed security systems.  Security systems include Firewalls, Intrusion Detection/Prevention Systems, Data Loss Prevention Tools, Access Control Systems, Logging & Security Information/Event Management, etc. Its threat generation

pytbull IDS/IPS Testing Framework for Snort and Suricata

pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.
The framework is shipped with about 300 tests grouped in 8 testing modules:
clientSideAttacks: this module uses a

Anonymous Message to Sony(Update)

After PSN was hacked and hacker public some messages about database of Sony. And now Anonymous release message about that. Please leave the comment in this post.

AnonOps Fliers-

http://www.mediafire.com/i/?ez49683l7rn96hh

http://www.mediafire.com/i/?q92rj2130ur9uws
http://www.mediafire.com/i/?biom0xdxgds9nnw
http://www.mediafire.com/?85dq9h79bh8o6ua


AnonOps Facebook-

http://www.facebook.com

Windows Privilege Escalation Part 2: Domain Admin Privileges

If you want to see all detail, please go to the Source.

Escalation Techniques
Using the escalation vectors listed below, penetration testers often gain unauthorized access to all kinds things like applications, systems, and everyone’s favorite–domain administrator accounts.
Crack Local LM Password Hashes A long time ago, in an LAN far away, there lived a strong password stored as an

Disabling iPhone Tracking ? Do it Yourself (DiT?DiY)

Another way to disabling iPhone Tracking. Full detail is in the Source.

Trying to disable the threats on non-jailbroken iPhones

A nice proposition was published by Dominic White on his blog ( http://singe.za.net/blog/archives/1029-Quick-note-on-the-iPhone-Location-Tracking-Disclosure.html ). Basically, he explains that you can take the latest backup of your iPhone, open this file to

Windows Privilege Escalation Part 1: Local Administrator Privileges

 If you want full detail, please go to the Source.


Introduction
The process of stealing another Windows user’s identity may seem like black magic to some people, but in reality any user who understands how Windows works can pull it off. This is the first of two blog entries giving an overview of privilege escalation techniques that prove that fact. Part 1 (this entry) discusses obtaining

A simple botnet written in Python

If you want to see all detail of this howto, please go to the Source.

Botnet DiagramHow it worksIt's not very complicated! I was already familiar with some of the rudiments of the IRC protocol from hacking on a simple IRC bot library. The parts that I needed to figure out were:
ability to track when workers came on/off-line so they could be sent jobs
easily pass data from operator -> workers

Building a DNS Blackhole with FreeBSD

If you want full article, please go to the Source.
This document will outline how to setup FreeBSD to act as a DNS Blackhole (DNSBH).
What is a DNS Blackhole and why would I want one?A DNS blackhole (DNSBH) in its simplest form is just a box running bind that maintains a listing of malicious domains. When clients request a 'flagged' domain they will be redirected to either themselves (localhost

DarkComet-RAT v.3.3 Released

If you want to see change log or download application, please go to the Source.
DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows machine since Windows 2000.This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.This

Turn Your Firefox Into A Keylogger Without Any Software !

Here we go to learn that how to turn a Mozilla Firefox into an undetectable (FUD) keylogger. This keylogger will be used to store all the usernames and passwords that will be entered by the user. So that you can hack your friends accounts, whenever they were over your house. and the most interesting things is, this full process will be done without using any kind of software !
So

Cookies and Your Privacy: Past, Present and Future

Cookies were first introduced to the internet as a method for web pages to remember a visitor.
They were used to store things such as passwords, user names, or the contents of an online shopping cart after a browser leaves a certain page. So when a browser returned to a page, they would not have to re-enter their password or refill their shopping cart.
Through the use of cookies, the web

SurveyMonkey: IP Spoofing

When somebody fills out a survey on the Surveymonkey website, they record a number of pieces of meta data along with the survey answers. Things like data, time, link used to access the survey, and the IP Address of the personal completing the survey. This final piece of data was the one that really caught my attention, especially when I started seeing a number of RFC1918 addresses in with the mix

How to Enable Registry disabled by Administrator

What is Registry?The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user interface and third party applications all make use of the registry. The

High Level Windows Shellcode Development Methods

Heres a super quick entry covering some high level methods you can use when developing Windows shellcode.

The methods are:
Using the memory editing features of a debugger
Using a c compiler
Using an assembler

Using a debugger

Writing shellcode using the code editing features of a debugger like OllyDbg is best suited to really simple (approximately <20 byte) shellcode, or for making

Untrackerd tool released to Prevent iOS Location Tracking (for jailbreaked only)

After the news, iPhone Tracker [Apple keep your information without telling you!!!] . this package will help you fix it.


Ryan Petrich has released a Cydia tweak to prevent your iOS device from tracking your location and saving it to consolidated.db
Continuously clean up locationd’s history data in the background.
This package installs a daemon (process that can run in the background) to clean

Nice Metasploit Module to Grab iOS MobileSync Backup File Collection

Here is a nice coded module to get information from the IOS backup file.




##
# $Id: apple_ios_backup.rb 12425 2011-04-24 19:28:55Z hdm $
##


##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and

AntiXSS 4.1 Beta 1

As this is only a beta there are no binaries, you will need to grab the source yourself and compile.
Replacing the default encoders in .NET 4.0 will require you to use the DLL from the Net4 project and to make a web.config change to the httpRuntime node as follows


The runtime encoder

Install Metasploit in MAC OSX!!

1.) an installation of XCode http://developer.apple.com/xcode/
2.) Use haven to install ruby1.9.x .
   -sudo haven selfupdate


   -sudo haven install ruby19
   After successful Ruby installation we need only a data base. To the selection here three data bases (SQlite3, Postgresql84 or MySQL5) stand

    -sudo haven install mysql5
  -sudo in accordance with install mysql

3.) Download

BIOS Password Backdoors in Laptops

When a laptop is locked with password, a checksum of that password is stored to a sector of the FlashROM - this is a chip on the mainboard of the device which also contains the BIOS and other settings, e.g. memory timings. For most brands, this checksum is displayed after entering an invalid password for the third time:

The dramatic 'System Disabled' message is just scare tactics: when

Recent Facebook XSS Attacks Show Increasing Sophistication

A few weeks ago, three separate cross-site scripting (XSS) vulnerabilities on Facebook sites were uncovered within a period of about 10 days. At least two of these holes were used to launch viral links or attacks on users – and it’s clear that attacks against Facebook users are becoming increasingly sophisticated.
The first issue came from a page on the mobile version of Facebook’s site. The

Flash 0Day Found in Drive-By

The recently announced Adobe Flash 0day exploit (CVE-2011-0611) has been found in the wild as a drive-by download. The exploit targets Adobe Flash Player version 10.2.153.1 and works quite reliably.
Here’s a portion of Javascript code for an exploit shared with me by fellow security researcher, Ben (thanks for the share!). You can see the NOP sled being setup in the “nb1″ function. (There are

Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, HTML Injection, etc.

Great telling incident and great explain attack.

 
Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection and HTML Injection are security flaws that have been around for years. They are well know vulnerabilities, with well-known solutions. As we've seen in recent weeks, even well-established tech companies are not immune to these basic flaws:

MySQL was compromised

Live Hacking DVD v1.3 Beta

Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this ‘Live CD” runs directly from the DVD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make

Ubuntu 11.04 was released.

Now you can download Ubuntu11.04 from the Official website,

http://www.ubuntu.com/download/ubuntu/download

Impressive Javascript Encoder

There are many online Javascript encoder sites that enable you to obfuscate your Internet link or email address. Most of the Javascript encoders that I’ve seen don’t pose much of a challenge and are really easy to reverse. I recently came upon HiveLogic’s Enkoder and this one is well made!

The HiveLogic Enkoder can be found here. And you are able to encode either your email address or

Automating dump file analysis via powershell

The dump file analysis script is broken down into two scripts, a launch script, and a script housed on a file server that performs all of the analysis.  The script below will gather all server names in a specific OU(s), appends the names to a text file located on C:\Servers.txt, and runs the crashreport.ps1 script.
# Launch_crashreport.ps1
# Launch debug analysis logs using KD
# Kevin

Bactrack4 update tool

Please download package from the Source.


This program is for updating Back|Track 4 final including apt-get and key pen-test tools.
(C)opyright 2010 Scamentology ~ ###################################### # btupdate 1.91 # # A script for updating Back|Track 4 # ######################################
Usage: ./btupdate.sh options Options: -d Dist-up --- apt-get everything -o Plugins ---

SearchDiggity

If you want to download it, please get from the Source.


SearchDiggity is a new GUI application that serves as a front-end to both GoogleDiggity and BingDiggity. Both are good information gathering tool. 

GoogleDiggity:
The Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and

How to install Squid Transparent Proxy?

1 : In Daemon squid conf file give entry of transparent like this
# Squid normally listens to port 3128

http_port 3128 transparent save the config file .

2: Use the following command to see Access Control List and Object

grep -v "^#" /etc/squid/squid.conf | sed -e '/^$/d' URLs output should be like this
***********************

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object

How to create malicious Wireless Access Point

If you want all detail of each step and package, please go to the Source.

1. Copy the config file from Source to wireless access point (This tutorial uses WRT54GL)
scp * to your wireless access point

2. Move old config file to backup in /etc/config and move the new config to /etc/config
cd /etc/config
mv network  network.bak
mv dhcp dhcp.bak
mv wireless wireless.bak
mv package/wireless

Advanced Nmap

Ncrack Ncrack is a command line password bruteforcer like hydra and medusa. Up until recently I was a stalwart Medusa user but what brought me over (mostly) was the superior SSH library, RDP password bruting, and easy nmap-like syntax. Should you want to audit a whole class C for ssh passwords Ncrack makes this easy:
ncrack scanme.nmap.org/24 -p 22 Ncrack supports the following protocols:

NTSD Backdoor [it's very easy to create backdoor]

NTSD (Microsoft NT Symbolic Debugger) is a debugger that is packaged as part of Windows.  You can find ntsd.exe in your system32 directory.


It really doesn’t matter what port you use or what application you choose to “debug.”  Now on the remote machine connect to the server:

Now that we’re connected we can start issuing commands.

Of course, the obligatory ipconfig

How about adding a user?

File Upload XSS Vulnerability in WordPress

Summary WordPress allows users with Author permissions and above to upload files with a variety of extensions. In some cases, it is possible for a user to mount a cross-site scripting attack using those uploaded files.

How Does It Work? File uploads are allowed by default for users with Author permissions and above. WordPress uses a list of file extensions to determine whether a particular

Analysis of MS11-019 CVE-2011-0654 -Browser Election Vulnerability

CVE-2011-0654, was a 0 day unauthenticated remote codeexecution vulnerability that exists in the way that the Common Internet File System(CIFS) Browser Protocol implementation parses malformed browser messages. An attempt to exploit the vulnerability would not require authentication. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete

EAP-MD5 Offline password attacks

If you want to get the script and read all detail of this article, please go to the Source.

1. Make FIFO
root@bt:/pentest/passwords/jtr# mknod pwque p


2.  Create words list.
root@bt:/pentest/passwords/jtr# ./john -i:ALL --stdout > pwque &

3.  Crack it.
root@bt:/pentest/passwords/jtr# ~/xtest-1.0/xtest -w ./pwque -c ~/xtest-1.0/sample-pcaps/7971G-EAP_Success.pcap


/* Calculate Total

Tor or not Tor: How to tell if someone is coming from a Tor exit node, in PHP

If you want to see all detail, please go to the Source. /* NOTES on Irongeek's TorOrNot script:
To use this php script on some pages it will need it to have a png extension.
To do this, put a redirect from a png file to the php file in your apache config file (httpd.conf) or .htaccess.
Example line:
Redirect /torornot.png /torornot.php

Consider this code to be GPLed, but I'd love for you

iPhone Tracker [Apple keep your information without telling you!!!]

This open-source application maps the information that your iPhone is recording about your movements. It doesn't record anything itself, it only displays files that are already hidden on your computer.

If you want to download this app., Please download at the Source

Authors Alasdair Allan (alasdair@babilim.co.uk) @

Test Your Web Application Using Free Web Apps Security ToolsFree Website Tools

Free Website Tools
Websites are turning out to be more complex everyday and there are approximately no static websites being developed. In today’s scenario, a minor website also have a contact or newsletter form and many do have developed their website with CMS systems or the website must be using 3rd party plug-ins services, for that we don’t have an exact control over them. Even if

XSS - Escaping Escapes

Sometimes a server will escape special characters that are injected: For instance, injecting a " character and having it reflect as \":Injection: xss"
Reflection:
x="xss\"";y=42;Fail.
Sometimes, ironically enough, you can outsmart filters by using their own tricks against them. Try escaping their escape character like this:
Injection: xss\"
Reflection:
x="xss\\"";y=42;Success!
However, if the

Running commands in a restricted command prompt

There may be times on a penetration test where you run into a locked down environment and you can’t use cmd.exe

This is done in a few different ways.

Via the registry:
REG add HKCU\Software\Policies\Microsoft\Windows\System /v DisableCMD /t REG_DWORD /d 1 /f

Or, like the screenshot, set via the GUI:
Start -> Run -> gpedit.msc -> User Configuration -> Administrative Templates -> System ->

Internal IP Address Of Facebook.com?

This information leak was discover by myself after I try to use dnsmap for my hobby. I sent the email about this information to , but after over 1 week, I didn't receive any response message from them. I don't know why he's not response.Because my fool about networking or it's not important information or I sent email to the wrong guys or whatever.

Credential Harvesting With Facebook and the Social Engineering Toolkit

if you want to see full article, please go to the Source.
My goal here was to create an attack that would allow me to trick someone into sending me their login and password for Facebook. The general idea behind this attack is that SET will clone the target website (in this case, http://www.facebook.com) and host it on your personal computer. The trick then is to convince someone to visit

50 UNIX / Linux Sysadmin Tutorials

If you want to see all 50, pleas go to the Source.
Disk to disk backup using dd command: dd is a powerful UNIX utility, which is used by the Linux kernel makefiles to make boot images. It can also be used to copy data. This article explains how to backup entire hard disk and create an image of a hard disk using dd command.
15 rsync command examples: Every sysadmin should master the usage of

The Javascript injection: A hidden power

Javascript injection is a nifty little technique that allows you to alter a sites contents without actually leaving the site. This can be very useful when say, you need to spoof the server by editing some form options. Let me explain it to you with some examples. We will cover :

1. Injection Basics

2. Cookie Editing

3. Form Editing

Injection Basics
Javascript

Filejacking: How to make a file server from your browser (with HTML5 of course)

This is a vulnerability of HTML5

Back in the days of browser wars, there was a joke: Internet Explorer is the only web browser that makes Internet browse your computer. Through various security flaws, IE was exploitable and allowed for remote code execution that could e.g. steal your sensitive files.
But now the times are different. It's not that easy to exploit current browsers, they

sqlmap and tor

Source: http://0entropy.blogspot.com/2011/04/sqlmap-and-tor.html?spref=tw
1. Add this line to your /etc/apt/sources.list file:
deb     http://deb.torproject.org/torproject.org main
where you put the codename of your distribution (i.e. lenny, sid, maverick or whatever it is) in place of .

2. add the gpg key used to sign the packages by running the following

Payload bypass AV. with encoding

If you want to bypass any AV.,  try to read this article and if you to download script, please go to the Source.

Background

Most of the shellcode launchers out there, including proof of concepts part of many security books, detail how to allocate a memory page as readable/writable/executable on POSIX systems, copy over your shellcode and execute it. This works just fine. However, it is

Backtrack5 on Motorola ATRIX!!!

 Backtrack-linux.org update the picture of Backtrack5 again. Now it's not only on Xoom but it's on Motorola Atrix too.!!!! Wow!!!





Source: http://www.backtrack-linux.org/xoom/photo.jpg

Loggy The Log Management in the Cloud

Loggly is a cloud based logging service. With Loggly, you can collect logs from your servers and then quickly search them with an intuitive user interface.

Loggly helps you collect, index, and store all your log data and then makes it accessible through search for analysis and reporting. All this is done without having to download or install anything on your servers. It’s like

To mount ours honeypot with Netcat

One of first that comes to us at the top is the backdoorizada version of ProFTPD 1.3.3c that was detected at the end of the past year. In order to know how as he is to banner of the service we can, for example, to look for in Shodan servants with near versions.
With these data, we have left to cause that Netcat writes banner in each connection and keeps log with the connections. We can do

Resolver! DNS Lookup Tool

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force


If you want to download, Please go to the Source.
Source: http://sourceforge.net/projects/exploitresolver/

Vulnerability In Skype For Android Is Exposing Your Name, Phone Number, Chat Logs, And A Lot More

How Does This Work?
Inside the Skype data directory is a folder with the same name as your Skype username, and it’s here where Skype stores your contacts, your profile, your instant message logs, and more in a number of sqlite3 databases.# ls -l /data/data/com.skype.merlin_mecha/files/jcaseap
-rw-rw-rw- app_152  app_152    331776 2011-04-13 00:08 main.db
-rw-rw-rw- app_152  app_152    119528

DNS hacks with added value

The internet's name resolution system is more flexible than many think. Some hacks currently demonstrate some nice tricks with Twitter and DNS. In one, a service from any.io queries Twitter through DNS. For example, the command


host -t txt codepope.twitter.any.io will retrieve the most recent status tweet from the user codepope. The trick is simple. The answer to the DNS query is returned as

Wikipedia over DNS

if you want to see all detail and download the slide of workshop, Please go to the Source.

It has advantages too, it gets cached at your nameserver and it also has slightly lower latency than HTTP (because there's no need to setup a TCP session).
Here's an example:
$ host -t txt foo.wp.dg.cx
foo.wp.dg.cx descriptive text "Foo may refer to: Foo, bar, and baz: metasyntactic variables, \"Fool\",

Download with resume from file sharing websites | Rapidshare, hotfile, fileserve hack

Rapidshare, Megaupload, Hotfile, fileserve, filesonic, Megaupload are some most popular file sharing websites. But the main problem is that none of these websites support downloading with resume capability. Today i am going to write a new trick on how you can download files with resume capability from these websites.


Follow these Steps:


Go to http://foxleech.com/
Paste the link in

RawCap sniffer for Windows released

If you want to download this software, Please go to the Source
We are today proude to announce the release of RawCap, which is a free raw sockets sniffer for Windows.
Here are some highlights of why RawCap is a great tool to have in your toolset:
Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
RawCap.exe is just 17 kB
No

Learn IPv6 On Linux

After I read  IPv6 Crash Course For Linux , I summary about it.

1. You must specific interfaces that you will check or use every times.
2. It's hard to remember but not hard to understand about how to calculate the address.
3. Some commands can use with IPv6 but some commands can't use.

and this is some path of the article.
IPv6 AdvantagesWhat does IPv6 offer over IPv4? Well, aside from the

CVE-2011-0611 Flash Player Zero day

If you want to see all detail of this exploit Please go to the Source.Source: http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html Common Vulnerabilities and Exposures (CVE)number CVE-2011-0611 Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat A critical vulnerability exists in Flash Player 10.2.153.1 and earlier

Linksys WRT54G Password Disclosure

This vulnerability I got from the "packetstormsecurity.org"
Source: http://packetstormsecurity.org/files/view/100287/linksyswrt54g-disclose.txt 
Environment: Linksys WRT54G - Firmware Version: v7.00.1


Default settings of Linksys WRT54G allows to get FTP without password:


rafal@localhost ~ $ lftp 192.168.1.1
lftp 192.168.1.1:~> dir
size date time name
-------- ---

Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability

ZDI-11-123: April 12th, 2011
CVE IDCVE-2011-0655CVSS Score9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)Affected VendorsMicrosoftAffected ProductsOffice PowerPointTippingPoint™ IPS Customer ProtectionTippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 10822. For further product information on the TippingPoint IPS:
http://

Learning the Importance of WAF Technology – the Hard Way

After Barracuda Networks was hacked last night. This is the response messages from Barracuda Networks and I just want to ask you guys (not seriously) "do you believe this response?" :)

Wow.  What a weekend.  In case you haven’t heard, Barracuda Networks was the latest victim of a SQL injection attack on our corporate Web site that compromised lead and partner contact information.  The good

New Adobe Flash zero day in the wild - infects through MS Word documents

This news is from Sophos and I think it'll be use in the wide.

Adobe has issued a security advisory concerning a new zero day flaw (CVE-2011-0611) in Adobe Flash Player 10. As usual this also means that other applications that support Flash content like Adobe Reader and Microsoft Office are also affected.

Brian Krebs wrote a blog post earlier today describing some targeted attacks using a

Barracuda Networks Hacking via SQL Injection !

Barracuda Networks’ product portfolio includes: Barracuda Spam & Virus Firewall, Barracuda Web Filter, Barracuda IM Firewall, Barracuda Web Application Firewall, Barracuda SSL VPN, Barracuda Load Balancer, Barracuda Link Balancer, Barracuda Message Archiver, Barracuda Backup Service, and the BarracudaWaresoftware portfolio. Combining its own award-winning technology with powerful open

"Add URL" to Google.com Captcha Bypass

This Captcha bypass allow to spammer to submit number (that May be more than 1000 Website) of websites to Google crawl by writing simple program in any programming language.

Original link (With captcha): http://www.google.com/addurl/?continue=/addurl 
Bypass captcha link POC: http://www.google.com/addurl?q=www.hacker.com&hl=&dqq= 

If you execute the above URL in the browser then it will add

Dropbox authentication exploit, dbClone

After reading this article on dereknewton.com about Dropbox’s insecure design, sablefoxx: a resourceful young coder on the forum created a python application to exploit the insecure design of the most popular file synchronisation tool Dropbox.

Download dbClone from the Source.

[1] Find a victim machine running Dropbox, insert your USB drive
[2] Run dbClone.exe, data

Backtrack5 and Metasploit on Xoom

This picture was published by Backtrack-Linux.org and I'm so excited about it. Wait for the release of Backtrack5 and installation on Motorola's Xoom tablet.

** Update more pix and Source.












Picture Link: http://www.offensive-security.com/backtrack/backtrack-5-on-a-motorola-xoom/

SecurityTube Boxee Support

I received this message from my twitter and I want to share it to you guys if you want to support it, please vote yes.Securitytube.net is the big portal of information security video.I emailed support@boxee.com asking them to enable support for securitytube.net, their reply was the following:
Quote:
Please promote this great idea at http://forums.boxee.tv/forumdisplay.php?f=12 the

How to Disable Geolocation in Specific Programs

Geolocation is a rather secret feature of some browsers and toolbars. It allows the creator of that program to get a fix on the location of your computer to within a few meters of where you actually live.


If you want to see how to disable geolocation on Twitter, Thunderbird,Internet ExplorerX, Apple Safari , GMAIL , etc. Please go to the Source. 

- Facebook (initially just for the iPhone

Open Source Android Digital Forensics Application

I think this is the first android digital forensics application and it's so helpful.


In an effort to give back to the community, we have released our logical Android Forensic application as open source. You can download it on Google Code and additional details are on my blog.

Application Architecture
The application was developed with a generic architecture which will allow other

How To Spoof Ip Address To Web Server With HTTP Request

This article is very useful for me to test something. Spoof IP with adding "X-Forwarded-For" into the HTTP Request, if you want to know how it works or how to defense this attack.


Please go to the Source.


Source: http://www.shaadiya.com/ask/2007/06/15/how-to-spoof-ip-address-hackers-view-and-the-way-to-protect-sites-with-this-fake/

Facebook Bully Video Actually a XSS Exploit

 
A security researcher discovered a new cross-site-scripting vulnerability on Facebook, days after the social networking giant patched a different XSS flaw in its mobile API. At least one active scam is exploiting the new bug at this time.

Do not click links involving a video of a bully,” Joey Tyson, a security engineer at Gemini Security Solutions, posted on Twitter. Tyson writes about

vSphere 4.1 Hardening Guide

This document is the official release of the vSphere 4.1 Security Hardening Guide.  This version is based on feedback collected during the public draft comment period.

If you want to download this document, please go to the Source.
Source: http://communities.vmware.com/docs/DOC-15413

HACKXOR [webapp hacking game]

About hacxkor Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
Features: Client attack simulation using HtmlUnit; no alert('xss') here.
Smooth difficulty gradient from moderately easy to

Linux Forensics Tools Repository

CERT Linux Forensics Tools Repository, a repository of packages for Linux distributions. Currently, Fedora and Centos/RHEL are provided in the respository.

CERT's Linux Forensics Tools Repository provides many useful packages for cyber forensics acquisition and analysis practitioners.

CERT's Linux Forensics Tools Repository is not a standalone repository, but rather an extension of the

Analysis of LizaMoon: Stored XSS via SQL Injection.

This article is very interesting for me and I just notice some part of the Source into this post.  If you want to see all payload or the meaning of attack, please go to the Source.

LizaMoon Attacks
As most of you have already heard, or have faced yourselves, the LizaMoon mass SQL Injection attacks are still going strong on the web. Here is a recent entry from the WASC Web Hacking Incident

Zeus Version 2 Source Code was disclosure.

If you want to download it, try this but I don't get the password now. And sorry for the source, I can't remember where I got this file from. I don't sure this file is real or not.

If someone know password of this file,please tell me.

Source: http://www.4shared.com/file/MFTUa60x/zeus_source_code_v2.html

Great wallpaper for vim user

Source: http://www.viemu.com/vi-vim-cheat-sheet.gif

Wordpress backup vuln published

A remote execution vulnerability has been discovered in Wordpress backup utility BackWPup.
According to Sydney (Australia) company Sense of Security, which published the advisory along with a proof-of-concept, the vulnerability allows local or remote PHP files to be passed to a component of the utility.

4 Free Tools to Detect Local Insecure Browser Plugins

Google Chrome and Secbrowsing
Users of Google Chrome rejoice—the browser flags common insecure plugins without the need for any additional tools. The alert appears when you attempt to load content that makes use of the vulnerable plugin:



If you’d like to be notified of outdated plugins proactively, even before Google Chrome has the need to use the plugin, install the optional Secbrowsing

OWASP: Malware Link Removal

Data Substitution Operator (@rsub) In the latest version of ModSecurity (2.6), we also introduced an extremely powerful new operator called @rsub which is short for RegEx Substitution.  As the name indicates, this operator allows you to match variable data and then do a substitution.  What makes this new operator even more powerful is that is has macro expansion capabilities.  This is

Sniffing USB traffic with VMWare

VMWare offers the possibility to dump any usb traffic at the lowest level to a dump file. We'll describe here how to activate this feature, and additionally publish a script to convert the dump file to the PCAP format, suitable for use with wireshark.
Enable USB loggingVMWare can be configured to dump all the low-level USB traffic going to a given virtual machine to a file on the host.
This

DHCP client allows shell command injection !

Detail: The Internet System Consortium's (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands which could allow an attacker to obtain root privileges. The problem is caused by incorrect filtering of metadata in server response fields. By using crafted host names, and depending on the operating system and what further processing is performed by dhclient-script, it