Lucene search
K

693 matches found

ThreatPost
ThreatPost
added 2014/04/28 2:21 p.m.11 views

AOL Breached, Investigating Spam from Spoofed Accounts

AOL reported today that it has been breached and urges users of its web-based email and other online services to change their passwords. AOL’s investigation of a breach of its internal network and systems is under way with the help of federal authorities and a forensics firm, the company said. La...

0.8AI score
Exploits0References2
Packet Storm
Packet Storm
added 2014/04/24 12:0 a.m.272 views

Heartbleed OpenSSL Information Leak Proof Of Concept

/ CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted...

5CVSS8.2AI score0.99999EPSS
Exploits87
The Hacker News
The Hacker News
added 2014/04/15 11:17 p.m.14 views

WhatsApp Flaw leaves User Location Vulnerable to Hackers and Spy Agencies

If you are using WhatsApp to chit-chat with your friends or relatives, then you should be careful about sharing your location with them using WhatsApp ‘Location Share’ feature. No doubt, WhatsApp communication between your phone and company’s server is now encrypted with SSL, which means whatever...

6.5AI score
Exploits0
Kitploit
Kitploit
added 2014/04/07 11:29 p.m.21 views

Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2014/03/23 11:9 p.m.17 views

[Argus] Real Time Flow Monitor

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitte...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/03/20 7:52 p.m.27 views

[SSLsplit] Transparent and scalable SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...

9.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/03/18 12:59 p.m.12 views

Gap Widens Between Attackers, BIOS Forensics, Research

Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look...

Exploits0References2
Kitploit
Kitploit
added 2014/02/18 10:47 p.m.18 views

[Pac4Mac] Forensics Framework for Mac OS X

Pac4Mac Plug And Check for Mac OS X is a portable Forensics framework to launch from USB storage allowing extraction and analysis session informations in highlighting the real risks in term of information leak history, passwords, technical secrets, business secrets, .... Pac4Mac can be used to...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/02/06 11:29 p.m.19 views

[Rekall] Memory Forensics Analysis Framework

The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated but...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/01/23 8:30 p.m.22 views

[Autopsy] Digital Investigation Analysis

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2014/01/20 11:19 p.m.16 views

[IPhone Analyzer] IPhone Forensics Tool

iPhone Analzyer allows you to forensically examine or recover date from in iOS device. It principally works by importing backups produced by iTunes or third party software, and providing you with a rich interface to explore, analyse and recover data in human readable formats. Because it works fro...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/01/15 12:56 a.m.9 views

[The Sleuth Kit] Library and collection of command line tools to investigate disk images

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images. The Sleuth Kit® TSK is a library and collection of command line tools that...

7.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2014/01/14 12:37 p.m.10 views

Detecting and Preventing Compromises in Retail Payment Systems

Information Weeks Matthew Swartz published an article on the recently- confirmed payment card breaches at Target, Nieman Marcus and three other unnamed retailers. This article and many others reveal that these attacks involve sophisticated malware and some even suggest it is the work of the same...

1.7AI score
Exploits0
Kitploit
Kitploit
added 2013/12/31 5:28 p.m.38 views

[Lynis v1.3.8] The Unix/Linux Hardening tool

Lynis is a security tool to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan ...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/27 12:43 p.m.22 views

Encrypted PINs Stolen in Target Data Breach

Target confirmed this morning that encrypted PIN data was stolen in the Black Friday data breach that exposed 40 million accounts to fraud. Spokesperson Molly Snyder said the ongoing forensics investigation confirmed that PIN data was accessed as well, contrary to previous claims made by the reta...

6.5AI score
Exploits0References4
Kitploit
Kitploit
added 2013/12/27 12:10 a.m.46 views

[Bugtroid] Pentesting for Android

Bugtroid is an innovative tool developed by the team of Bugtraq-Team. The main features of this apk, is that it has more than 200 Android and Linux tools PRO for pentesting and forensics through its Smarthphone or tablet. It has a menu categorized according to the nature of the tool may find:...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/18 6:56 p.m.10 views

Target Corp. Suffers Black Friday Data Breach

UPDATE – TJX and Heartland Payment Systems may soon have company atop the list of the worst retail data breaches in U.S. history after reports surfaced that Target Corp. was breached around Black Friday and millions of credit and debit cards were stolen. Target confirmed the breach this morning a...

0.1AI score
Exploits0References2
Kitploit
Kitploit
added 2013/11/09 12:44 a.m.18 views

[Volatility v2.3] The advanced memory forensics framework (Support of OSX)

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/11/04 1:0 p.m.8 views

Microsoft Changes Bug Bounty Program to Include Incident Responders, Forensics Specialists

Having found some initial success with its first foray into the bug bounty world, Microsoft is expanding the program to open up payments of up to $100,000 to incident response teams and forensics experts who come across active attacks in the wild that include new techniques that bypass exploit...

0.2AI score
Exploits0References3
Kitploit
Kitploit
added 2013/10/22 12:22 a.m.16 views

[Ghiro v0.1] Digital Image Forensic Analyzer

Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...

6.8AI score
Exploits0
Rows per page
Query Builder