From the category archives:

Tools

» News

BackTrack 5 Released

Back Track Dev team has finally announced public availability of BackTrack 5, code named “revolution”. BackTrack 5 has been built from scratch, and boasts several major improvements over all previous releases and its based on Ubuntu Lucid LTS and uses Linux Kernel 2.6.38 patched with all relevant wireless injection patches. You can grab your copy [...]

Read Ahead →

» News

OWASP Top10 Tools and Tactics

Around a month back Infosec Resources compiled a post with nice set of tools and tactics to exploit OWASP top 10 vulnerabilities Following is a risk and tool matrix. RISK TOOL A1: Injection SQL Inject Me A2: Cross-Site Scripting (XSS) ZAP A3: Broken Authentication and Session Management HackBar A4: Insecure Direct Object References Burp A5: Cross-Site [...]

Read Ahead →

» News

yInjector – SQL Injection Penetration Tool

yInjector is a MySQL Injection penetration tool, created by Giovanni ‘Osirys‘ Buzzin. SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input i s either incorrectly filtered for string literal escape characters embedded in SQL statements or user [...]

Read Ahead →

» News

SAMHAIN v2.8.3 released

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone [...]

Read Ahead →

» News

Now Recover Your Facebook Password Using FacebookPasswordDecryptor

FacebookPasswordDecryptor is the FREE software to instantly recover stored Facebook account passwords stored by popular web browsers and messengers. Most of the applications store the Login passwords to prevent hassle of entering the password everytime. Often these applications use their own proprietary encryption mechanism to store the login passwords including Facebook account passwords. FacebookPasswordDecryptor automatically [...]

Read Ahead →

» News

Python tools for Penetration Testers – 0×03

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. Fuzzing Sulley: fuzzer development and fuzz testing framework consisting of multiple extensible components Peach Fuzzing Platform: extensible fuzzing framework for generation and mutation based [...]

Read Ahead →

» News

Python tools for Penetration Testers – 0×02

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. Debugging and reverse engineering Paimei: reverse engineering framework, includes PyDBG, PIDA, pGRAPH Immunity Debugger: scriptable GUI and command line debugger IDAPython: IDA Pro plugin [...]

Read Ahead →

» News

Python tools for Penetration Testers – 0×01

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. Network Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library pypcap, Pcapy and pylibpcap: several different Python bindings [...]

Read Ahead →

» News

HBGary’s RAZOR Non Signature based Malware detection

With the rise of non signature based Malware detection tools, HBGary’s announced the release of their new product Razor. Razor appliance uses a “virtual-machine system” that takes all files and copies them to inspect for malware by “detonating” the file copies in a sandbox to examine whether any document contains malicious content. It also watches [...]

Read Ahead →

» News

Microsoft releases ‘Shim’ to counter IE Attacks

Shim is a term used to describe an application compatibility workaround. Microsoft’s workaround used the Application Compatibility Toolkit to modify the core library of IE — a DLL, or Dynamic-Link library, named “Mshtml.dll,” that contains the rendering engine — in memory each time IE runs. The modification prevents recursive loading of a CSS, which effectively [...]