The infamous Cult of the Dead Cow (cDc) has released a very cool Google vulnerability scanner called Goolag Scanner. This tool allows you to search a specific web site or domain for known vulnerabilities and misconfigurations. From an eWeek article: “The open-source program comes with about 1,500 custom Google search queries embedded by default to […]
Goolag Scanner – Google Vulnerability Scanner Released Read More »
If you are in the Cleveland, Ohio area you should check out the local con called Notacon. Similar to Defcon or ShmooCon but much smaller and in my opinion more unique. From the Notacon web site: “NOTACON, an annual conference held in Cleveland, Ohio, explores and showcases technologies, philosophy and creativity often overlooked at other
Notacon 5: April 4-6 Cleveland, Ohio Read More »
If you have been checking out Quzart’s QedShell v2.0 article and want to know more about PHP file include attacks and how they work…be sure to check out this fantastic four part series about these attacks on TippingPoint’s DV Labs blog. I have yet to find a more comprehensive article on this subject.
PHP File Include Attacks Explained Read More »
Good post over at GNUCITIZEN today. They talk about how easy it would be for a hacker to social engineer their way into LinkedIn connections to get information about a potential business target, possibly even your company or business. Social networking in general is very popular with security minded and non-security minded people. I use
Social Networks and Personal Information Read More »
c 99shell from the ccteam was a great PHP script, unfortunately support is discontinued. The idea is to have an all-in-one file to administrate a server once that file is uploaded. When you look into the source of the c 99shell it is a bit chaotic and it even is detected by some anti-virus programs.
I was listening to the latest Security Now podcast and Steve Gibson mentioned an interesting social engineering attack where some penetration testers were able to pose as employees just by listening to conference call and other telephone conversations across the street from the company facility. They used a police scanner dialed into the 800-900 Mhz
Wireless Headset Dangers Read More »
Welcome Quzart to the spylogic.net team! Another blogger from the Netherlands named Quzart will be posting an article on the revised c 99shell php script. Keep an eye out for it. Thanks Quzart!
The fine folks who brought you the De-ICE Pentest LiveCD’s have put together a nice nine minute video tutorial on Netcat. I personally love Netcat. It is a must use pentest tool. You can check it out on the heorot.net web site.
Netcat – The Basics Video Tutorial Read More »
So I was at the gym yesterday and noticed something that really bothered me…. As soon as I pulled into the gym parking lot I noticed that it was packed! Seems like everyone wanted to workout last night for some reason. So I grabbed my gym bag and went into the locker room to change.
Lock your stuff up! Read More »
As previously reported, the game save that exploits a vulnerability in the Twilight Princess game has been released. This exploit will potentially allow you to run unsigned code and eventually a ELF loader which will allow Linux to run on the Wii. All you need is a copy of Twilight Princess and an SD card
“Twilight Hack” offers Wii Homebrew Possibilities Read More »
