PHP Vulnerability Hunter v.1.1.4.6 - Automated fuzz testing tool

PHP Vulnerability Hunter v.1.1.4.6 - Automated fuzz testing tool This is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan; PHP Vulnerability Hunter doesn’t even need a user specified starting URI. At the core of the PHP Vulnerability...

Read More

WAFP : Web Application Finger Printer Tool

WAFP : Web Application Finger Printer Tool WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB. WAFP fetches the files given by the Finger Prints from a webserver andchecks if the checksums of those files are matching to the given checksums from theFinger Prints. This way it is able to detect the detailed version andeven the build number of a Web Application. Sample Scan Result:    wafp.rb --verbose -p phpmyadmin https://phpmyadmin.example.de    VERBOSE:...

Read More

Bizztrust : The Most Secure Android Phone

Bizztrust : The Most Secure Android Phone With companies these days justifiably concerned about the security of the mobile devices provided to their workforce, many workers find themselves carrying around two mobile phones - one for personal use and another for business. Sure, mobile phones aren't the huge pocket-stretching devices they once were but for the sake of convenience, one is most definitely better than two. A new German project makes Android phones significantly more secure for business...

Read More

Virtual Machine for Android Reverse Engineering (A.R.E) Released

Virtual Machine for Android Reverse Engineering (A.R.E) Released The Honeynet Project release of the Android Reverse Engineering (A.R.E.) Virtual Machine. Do you need to analyze a piece of Android malware, but dont have all your analysis tools at hand? The Android Reverse Engineering (A.R.E.) Virtual Machine, put together by Anthony Desnos from our French chapter, is here to help. A.R.E. combines the latest Android malware analysis tools in a readily accessible toolbox. Tools currently found on...

Read More

The Hacker’s Choice releases SSL DOS Tool

The Hacker’s Choice releases SSL DOS Tool German hacker group “The Hacker’s Choice” officially released a new DDoS tool. The tool exploits a weakness in SSL to kick a server off the Internet. Establishing a secure SSL connection requires 15x more processingpower on the server than on the client.THC-SSL-DOS exploits this asymmetric property by overloading theserver and knocking it off the Internet.This problem affects all SSL implementations today. The vendors are awareof this problem since 2003...

Read More

Japan under Heavy Cyber Attack !

Japan under Heavy Cyber Attack ! In last two days several Cyber attacks breach corporate and National Security of Japan. First, Japanese parliament hit by cyber attack from China according to Report. A server located in China was used for the attack on the Japanese Lower House. This led to an extraordinary meeting of a key subcommittee after it emerged that hackers had access to emails and documents belonging to the chamber's 480 legislators for at least one month. The personal computers...

Read More

Derbycon 2011 Videos talks

Derbycon 2011 Videos Talks The idea behind DerbyCon was developed by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). Their motivation stemmed from a desire to see more of the old-style talks and events of the conventions of the past. DerbyCon was hosted by some specialized two-day training courses from 30th Sep-2nd Oct 2011 in Louisville, Kentucky. DerbyCon isn’t just another security conference. They have taken the best elements from all of the conferences. DerbyCon...

Read More

Exploit Pack - An open source security framework

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules. A GPL license for the entire project helps to ensure the code will remain free. It also features a ranking system for contributors, tutorials for everyone who wants to...

Read More

Beware of New Twitter Spam - "Bad blog going around about you"

Beware of New Twitter Spam - "Bad blog going around about you" This is not first time I have received spam messages from Twitter. Just now I checked my twitter account and what I see is two Direct Message saying “Bad blog going around about you, have you read it yet?” followed by a URL shortened with twitter shortener. I just Visit That Link and Found that, its a Phishing Page of twitter. Its Looks almost 99% Similar to Original Twitter Login page. I am sure that 70% of people who receiving this...

Read More

Twitter accomplishes 100 Million active users milestone

Twitter has announced that it has now 100 million active users across the world. The micro-blogging site says half of its users log on to the site everyday and 40 percent of them simply read what others are posting, without tweeting themselves. Twitter also discloses that nearly five billion tweets are posted every month and that the site gets 400 million unique visitors every month. It further revealed that half of its active users are mobile users.

Announcing the milestone, Twitter says in its blog that it is going to support 17 more languages in addition to Hindi, Filipino, Malay and Simplified and Traditional Chinese. To illustrate its popularity, Twitter also cites some of the prominent celebrities, politicians and sports stars using its services. It further disclosed that some 40 percent of British legislators were on Twitter.
Even though the figures put up by Twitter is quite high but it still trails far behind Facebook, which has more than 750 million active users worldwide. Google+, Google's latest social networking experiment, is also reported to be growing rapidly. Earlier this year, LinkedIn had announced it had 100 million users.
Twitter's latest figures come a week after it announced a new record for tweets per second. Twitter said that nearly 9,000 tweets were posted each second soon after Beyonce announced she was pregnant.
Twitter CEO Dick Costolo at a press conference in San Francisco said that the company is aiming for more improvements in Twitter, including furnishing more relevant content for users and making it easier for users to find content from people whom they know.

Read More