Uniscan 5.2 is released - vulnerability scanner

Uniscan 5.2 is released - vulnerability scanner Uniscan is a open source vulnerability scanner for Web applications. Uniscan 2.0 is a perl vulnerability scanner for RFI, LFI, RCE, XSS and SQL-injection. features: Identification of system pages through a Web Crawler. Use of threads in the crawler. Control the maximum number of requests the crawler. Control of variation of system pages identified by Web Crawler. Control of file extensions that are ignored. Test of pages found via the GET method. Test...

Read More

FreeFloat FTP Server - Buffer Overflow Vulnerability

FreeFloat FTP Server - Buffer Overflow Vulnerability Ashfaq Ansari Reported FreeFloat FTP Server - Buffer Overflow Vulnerability. In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, whilewriting data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case ofviolation of memory safety.Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program...

Read More

Web App Pentesting - PenTest Magazine

Web App Pentesting - Pentest MagazineThe significance of HTTP and the Web for Advanced Persistent Threats Web Application Security and Penetration Testing Developers are form Wenus, Application Security guys from Mars Pulling legs of Arachni XSS BeeF Metaspolit Exploitation Cross-site request forgery. In-depth analysis First the Security Gate, then the Airplane Download Magazine H...

Read More

Burp Suite Pro v1.4.03 released - CSRF generator, SSL strip Added

Burp Suite Pro v1.4.03 released - CSRF generator, SSL strip Added There is a new CSRF generator, which produces proof-of-concept HTML for generating virtually any HTTP request. You can access this feature by right-clicking any item within Burp, and using the engagement tools context menu to select "generate CSRF PoC". Some useful features are: Support for all form encoding types: standard URL encoding, multipart encoding, and plain text encoding. Auto-detection of the optimal encoding type, with...

Read More

Operation Brotherhood Shutdown : Multiple Sites taken down by Anonymous Hackers

Operation Brotherhood Shutdown : Multiple Sites taken down by Anonymous Hackers Anonymous Hackers take down the The Muslim Brotherhood websites. The hacking group had made an announcement Tuesday in which they threatened to launch “Operation Brotherhood Takedown,” on all Brotherhood sites at 8pm on Friday, 11 November. According to a video released by them on youtube as shown above. They claim to taken down following sites: As of 2:24 PM EST, ikhwanonline.com IS DOWN. As of 2:26...

Read More

Brazil ISP servers under Massive DNS poisoning attacks

Brazil ISP servers under Massive DNS poisoning attacks Kaspersky Lab expert Fabio Assolini Report that A massive DNS cache poisoning attack attempting to infect users trying to access popular websites is currently under way in Brazil. Several large ISPs in the highly connected country have been affected by the attack, and police have made at least one arrest in connection with the operation. Attackers have been able to poison the DNS cache records for several major Web sites at some...

Read More

Virtual Machine for Android Reverse Engineering (A.R.E) Released

Virtual Machine for Android Reverse Engineering (A.R.E) Released The Honeynet Project release of the Android Reverse Engineering (A.R.E.) Virtual Machine. Do you need to analyze a piece of Android malware, but dont have all your analysis tools at hand? The Android Reverse Engineering (A.R.E.) Virtual Machine, put together by Anthony Desnos from our French chapter, is here to help. A.R.E. combines the latest Android malware analysis tools in a readily accessible toolbox. Tools currently found on...

Read More

Mobile Security and Lack thereof

Mobile Security and Lack thereof Nidhi Rastogi ,A Security Consultant with Logic Technology Inc, New York share her Views about the Mobile Security and Lack thereof . The Article is taken from our September Month Magazine Edition .Here we go.. Mobile technology, particularly smartphones, has come of age and is increasingly replacing PCs for internet surfing, emails, gaming and social networking. As per a recent survey by Neilson Media Research, smartphones now comprise over 38% of the...

Read More

FOCA 3.0 - Network Infrastructure Mapping Tool Free Release

FOCA 3.0 - Network Infrastructure Mapping Tool Free Release This new version has new fresh look and feel, and it is full of new features that you will love to discover. If you want to learn more about FOCA, and Get FOCA 3 PRO, then you can book for a seat in the next online training about FOCA. It is going to be delivered on 4th of November in English and on 8th of November in Spanish. Both of them delivered by our FOCA father Chema Alonso. In FOCA 3 PRO you will discover features focused in discovering...

Read More

Facebook EXE attachment Vulnerability can Compromise with Users Security

Facebook EXE attachment Vulnerability can Compromise with Users Security Nathan Power from SecurityPentest has discovered new Facebook Vulnerability, that can easily attach EXE files in messages,cause possible User Credentials to be Compromised . When using the Facebook 'Messages' tab, there is a feature to attach a file. Using this feature normally, the site won't allow a user to attach an executable file. A bug was discovered to subvert this security mechanisms. Note, you do...

Read More

Most advanced and dangerous malware for Apple products - why you should be concerned !

Most advanced and dangerous malware for Apple products - Why you should be concerned ! Indian security researcher from MalCon has created an advanced and dangerous malware for Apple products which can not only compromize your privacy but also steal important data and let hackers control your device by simple text messages. If you are using any Apple product such as iPhone, iPad or iPod, then you shuuld be concerned. Indian security researcher from MalCon, Atul Alex has created an advanced malware...

Read More

How Facebook Ticker exposing your information and behavior without your knowledge

How Facebook Ticker exposing your information and behavior without your knowledge Nelson Novaes Neto, a Brazilian (independent) Security and Behavior Research have analyze a privacy issue in Facebook Ticker that allows any person chasing you without your knowledge or consent . He explain that this is not a code vulnerability, but here the whole issue is related to users privacy. Nelson said on his blog "This tool - monitor others began to run when it introduced a new feature...

Read More

Latest Security Flaw in Skype Enables IP address & Location Tracking

Latest Security Flaw in Skype Enables IP address & Location Tracking The serious breach in the widely-used, internet video chat program means that any evil computer nerd could easily hunt down users' whereabouts, according to a study co-authored by an NYU-Poly professor. The flaw in Skype could allow a skilled hacker to find out the IP address from which a user has logged in to Skype, thereby determining the location of Skype users, which is a massive breach of privacy and security. The...

Read More

Tor anonymizing network Compromised by French researchers

Tor anonymizing network Compromised by French researchers French researchers from ESIEA, a French engineering school, have found and exploited some serious vulnerabilities in the TOR network. They performed an inventory of the network, finding 6,000 machines, many of whose IPs are accessible publicly and directly with the system’s source code. They demonstrated that it is possible to take control of the network and read all the messages that circulate. But there are also hidden nodes, the...

Read More

new googal by kohli bro

www.non-googal.tk
           try it

Read More

iPhone can be used as spy phone to get desktop Keystrokes

iPhone can be used as spy phone to get desktop Keystrokes What if a hacker could log every key you typed on your PC by placing a cellphone nearby? US researchers have shown how this is possible using any smartphone available today. At a conference in Chicago on Thursday, a group of computer researchers from Georgia Tech will report on another potential threat. The researchers have shown that the accelerometer and orientation sensor of a phone resting on a surface can be used to eavesdrop as a...

Read More

Exploit Pack - An open source security framework

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules. A GPL license for the entire project helps to ensure the code will remain free. It also features a ranking system for contributors, tutorials for everyone who wants to...

Read More

REMnux: A Linux Distribution for Reverse-Engineering Malware

REMnux: A Linux Distribution for Reverse-Engineering Malware REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser. REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As part of this process, the analyst typically infects another laboratory system with the malware...

Read More

Optima DDOS 10a Botnet leaked on Underground Forums

Optima DDOS 10a botnet leaked on Underground Forums On underground forums "Optima DDOS 10a Botnet" full version posted for all to download and use. Complete new version of the acclaimed DDoS bot Optima Darkness. In this new version 10a according to the author was raised in secrecy bot system and optimized grabber passwords. It cost about $ 600 worth. Features a bot: DDoS attacks of three types - http flood, icmp-flood, syn-flood. Theft of stored passwords from some applications installed...

Read More

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release  The third beta of OWASP Mantra Security Toolkit has been released. One of the main features of this version is the multi-language support. Mantra now supports Hindi and Spanish, in addition to English. If you can give us a helping hand by translating Mantra into more languages, feel free to contact us and we will look forward to see you in Team Mantra. This version is based on Firefox 7.0.1 and comes with some new extensions which you will...

Read More