Very good article over at Dark Reading today about testing PoC exploit code and security tools before you use them in a production environment. “…how do you know if the PoC (proof of concept) exploit code you downloaded from Milw0rm or Packet Storm includes a backdoor?” The author also mentions some very good things to […]
When Penetration Tests Backfire Read More »
One of my favorite web sites “Hack a Day” has a really good and detailed (with pictures) article on how to solder. While this may seem an easy task to some..it is a whole new experience for others. Now you can take apart and hack gadgets like the best of them! Click here for the
Introduction to soldering Read More »
Pretty unique file encryption program available for Mac and Windows now available. It’s called Drop Secure Professional 2.0. What makes this program different then others is that it: “…starts by dividing up the file into small chunks. By default, those chunks are 256 bytes long. Each chunk is encrypted with a separate cipher, using a
Cross Platform File Encryption – Drop Secure Professional 2.0 Read More »
Lots of new news on the latest PSP hacks! Below is a summary: Cable allows easy hook-up of third party GPS systems – Cool! Now you can use your PSP with GPS. From the website: “Thanks to the availability of MapThis mapping software (free) and GMDL map downloading software (free) PSP owners from most parts
Recent PSP Hacks Summary Read More »
I thought this article was very interesting. You can now harness the unique power of a GPU (Graphics Processing Unit) (ie: video card CPU) to crack password hashes. In the article a Moscow software company discovered that you can use a nVidia GeForce 8800 video card to crack Windows NTLM password hashes apparently 25 times
Crack password hashes with a video card GPU Read More »
Stumbled upon a very good social experiment by another blogger today in which he researched the identity of a “anonymous” Craigslist poster. While Craigslist does have a decent system for providing anonymous postings it goes to show you that there is always going to be human error..or just plain stupidity. (Note the last link…this was
Craigslist and your anonymity Read More »
Yet another example of vulnerabilities in client software (ie: drive by downloads)..which is a huge attack vector. I can’t remember when the last remotely exploitable vulnerability was. As usual, IE ActiveX is to blame (when running RealPlayer 10.5 or 11 beta). Below is an article about the vulnerability: Attacks exploiting RealPlayer zero-day in progress Security
Attacks exploiting RealPlayer zero-day in progress Read More »
Demonstrated at the Toorcon hacking conference in San Diego over the weekend is a new way to attack laptops that use WEP encryption. Typically, the way to attack WEP was to sniff the wireless network traffic and crack the WEP key while in range of a legitimate access point. With this new technique you can
Cafe Latte attack steals data from Wi-Fi PCs – Yahoo! News Read More »
I’m a pretty big Apple fan boy and love my iPod and my PowerBook G4 (hope to upgrade to a Intel Macbook Pro one of these days). One of the misconceptions about Mac’s is that they are more secure then Windows…while in a way this is true (they are not as targeted as Windows because
Simple security for your Mac Read More »
I have been seeing lots of recent articles about using Firefox as a hacking tool. Basically, you can download extensions (ie: plugins) for use in Firefox to manipulate and hack web pages. I have listed some extensions that are worthwhile to use for web application testing: Tamper Data – This extension works a lot like
Turn Firefox into a Web Hacking Machine Read More »
