Archives for March 2nd, 2011

02 Mar

Google acquires zynamics

NJ Ouchn Business No Comment

Google has acquired a small German security start-up called Zynamics, which is well-known in the security industry for its reverse-engineering and analysis tools. Zynamics announced the ...

02 Mar

Wophcrack The Ophcrack Web Interface

NJ Ouchn Tools No Comment

Source: Exploit.co.il Rainbow tables are really useful when cracking password hashes, One disadvantage of these tables is their size which can get up to tens and ...

02 Mar

Comitari Free Web Protection Suite Released

NJ Ouchn Tools No Comment

Comitari is the next generation of Web Security solutions – protecting you in real-time as you surf the web, from within your browser ...

02 Mar

Exploiting XSS with DefaceTool

NJ Ouchn Tools No Comment

DefaceTool is an open-source Java Server Faces(JSF) testing tool for decoding view state and creating view state attack vectors. The tool can be used to ...

02 Mar

Pentesting Jboss servers with jboss-autopwn

NJ Ouchn Tools No Comment

This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability ...

02 Mar

NiX Brute Forcer v1.1.2 released

NJ Ouchn Tools No Comment

NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. ...

02 Mar

Nessus 4.4.1 Released

NJ Ouchn Tools No Comment

Tenable is pleased to announce the release of Nessus 4.4.1! This is a point release (moving from 4.4.0 to 4.4.1), containing several enhancements ...

[Paper] Blackberry Z10 Research Primer by SEC Consult

Blackberry Z10 Research Primer - 'Dissecting Blackberry 10 – An initial analysis'. The goal of this ...
[Papers] Game Engines: A 0-day’s Tale by ReVuln

This paper details several issues affecting different game engines. All the vulnerabilities discussed in this ...
[Paper] WASC: Static Analysis Technologies Evaluation Criteria v1.0 (SATEC)

The goal of the SATEC (Static Analysis Technologies Evaluation Criteria) project is to create a ...
[Report] For Their Eyes Only: The Commercialization of Digital Spying (The Citizen Lab)

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs,at the University ...
The Art of Exploiting Injection Flaws at Black Hat Vegas 2013

(Article by Sumit 'Sid' Siddharth) Read other Sid's posts at www.notsosecure.com) So, you found a SQL ...

R.I.P Brad “the Nurse” Smith – A Blackhat Icon passed away

Dear all, This is a very sad news for the Hackers & Blackhat Community. After a ...
A Day in the Blackhat Arsenal without Brad ‘TheNurse’ Smith

This year, The Blackhat Arsenal had a bitter aftertaste without the participation of a renowned ...
Blackhat USA 2012: Interview with Stach & Liu Team about Google Diggity Project

Francis Brown Stach & Liu, LLC Francis Brown, CISA, CISSP, MCSE, is a Managing Partner at Stach ...
Blackhat USA 2012: Interview with FishNet Team about SIRA

Justin Engler FishNet Security Justin Engler is a Senior Security Consultant for FishNet Security's Application Security practice. ...
Blackhat USA 2012: Interview with Raphael Mudge about Armitage (Also Introducing CobaltStrike)

Raphael Mudge Strategic Cyber LLC Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC ...