Collaborate Disseminate
OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST. The purpose of this tool is to automate the manual and uncreative parts of pen testing. For example, Figuring […]
The…
Read the full post at darknet.org.uk
Continue reading OWASP OWTF – Offensive Web Testing Framework
The big buzz on my Twitter this week was about the Tesla Hack carried out by a Chinese crew called Keen Security Lab. It’s no big surprise even though Tesla is known for being fairly security concious and proactive about it. With it being a connected car, that’s pretty important that any remote control capabilities […]
The post Tesla Hack…
Read the full post at darknet.org.uk
Continue reading Tesla Hack – Remote Access Whilst Parked or Driving
MANA Toolkit is a set of tools for rogue access point (evilAP) attacks and wireless MiTM. More specifically, it contains the improvements to KARMA attacks implemented into hostapd, as well as some useful configs for conducting MitM once you’ve managed to get a victim to connect. Contents MANA Toolkit contains: kali/ubuntu-install.sh – simple…
Read the full post at darknet.org.uk
Continue reading MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection… Continue reading BBQSQL – Blind SQL Injection Framework
DDoS or Booter services have been around for a while, but VDoS-s.com was a particularly slick (and shameless) one with a content marketing strategy and active social media accounts. Two Israeli men were arrested for running the service after ironically being hacked by a security researcher. They called their service a ‘Stresser’ and claimed to…
Read the full post at darknet.org.uk
Continue reading Two Israeli Men Arrested For Running VDoS-s.com DDoS Service
PunkSPIDER is a global-reaching web vulnerability search engine aimed at web applications. The goal is to allow the user to determine vulnerabilities in websites across the Internet quickly, easily, and intuitively. Please use PunkSPIDER responsibly. I… Continue reading PunkSPIDER – A Web Vulnerability Search Engine
DET is a proof of concept Data Exfiltration Toolkit using either single or multiple channel(s) at the same time. The idea behind DET was to create a generic tool-kit to plug any kind of protocol/service to test implemented Network Monitoring and Data L… Continue reading DET – Data Exfiltration Toolkit
So it seems the alleged kernel.org hacker has finally been caught, kinda by accident after being stopped for a traffic violation. It was quite a high profile hack, especially in the open source community as anyone downloading kernel files during that period could have theoretically been compromised. It’s unlikely the kernel code was actually…
Read the full post at darknet.org.uk
Continue reading Linux kernel.org Hacker Arrested After Traffic Stop
DBPwAudit is a Java database password auditing tool that allows you to perform online audits of password quality for several database engines. The application design allows for easy adding of additional database drivers by simply copying new JDBC drive… Continue reading DBPwAudit – Database Password Auditing Tool
So was Dropbox Hacked? There was some rumours going around last week after it sent out a password reset e-mail warning to all users. It seems like it’s limited to users who were active in 2012 and the only ones who would be in trouble are as usual, those who haven’t changed their password since […]
The post Dropbox Hacked – 68 Million…
Read the full post at darknet.org.uk
Continue reading Dropbox Hacked – 68 Million User Accounts Compromised