Lucene search
K

196 matches found

The Hacker News
The Hacker News
added 2011/08/29 8:36 a.m.9 views

Morto Worm spreading via Remote Desktop Protocol

Morto Worm spreading via Remote Desktop Protocol Organizations large and small often make use of Remote Desktop or Terminal Services to remotely connect to Windows computers over the Internet and internally. These tools use Microsoft's RDP protocol to allow the user to operate the remote system...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/22 6:30 a.m.11 views

OWASP Zed Attack Proxy (ZAP) v.1.3.2 Released

OWASP Zed Attack Proxy ZAP v.1.3.2 Released The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/11 2:1 a.m.13 views

RawCap sniffer for Windows released !

RawCap sniffer for Windows released We are today proude to announce the release of RawCap, which is a free raw sockets sniffer for Windows. Here are some highlights of why RawCap is a great tool to have in your toolset: Can sniff any interface that has got an IP address, including 127.0.0.1...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/08 11:31 a.m.7 views

DRIL: Domain Reverse IP Lookup Tool Download

DRIL : Domain Reverse IP Lookup Tool Download DRIL Domain Reverse IP Lookup Tool is a Reverse Domain Tool that will really useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which use the Bing API key.DRIL has...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2011/03/17 9:0 p.m.21 views

Fox Sitcom Will Depict Pen Testing Firm

Hollywood is taking another crack at hacker culture – this time with a decidedly contemporary twist: a sitcom that will depict the zany doings of a group of security geeks who work as corporate penetration testers. The new show, breakingin, is scheduled to debut on April 6 and will star Christian...

7AI score
Exploits0References2
The Hacker News
The Hacker News
added 2010/12/16 1:48 a.m.8 views

Mantra: A Browser based Security Framework !

Mantra is a dream that came true for the author. It is a collection of free and open source tools integrated into a web browser – Firefox, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2010/11/11 12:49 a.m.9 views

Watcher 1.4.1 - latest version download

"Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2010/11/04 12:38 a.m.15 views

Update : SQLNinja 0.2.5 - New Version

"Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help a...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2010/11/04 12:28 a.m.19 views

Update : Havij v1.13 automated SQL Injection tool - New version

Update : Havij v1.13 automated SQL Injection tool - New version "Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform...

8.4AI score
Exploits0
ThreatPost
ThreatPost
added 2010/07/09 8:57 a.m.188 views

The Rise of the Rogue AV Testers

By Costin Raiu Recently, I was sitting around with a number of colleagues from Kaspersky Lab, discussing everybody’s favorite subject: the state of anti-virus testing these days. During the talks, somebody brought up the name of a new, obscure testing organization in the Far East. Nobody else had...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2010/04/20 6:37 p.m.10 views

Top 20 'Critical Controls' from SANS Institute

The SANS Institute has released critical security controls for cyber defense agreed to by a consortium of agencies including: “NSA, US Cert, DoD, DoD JTF-GNO, the Department of Energy Nuclear Laboratories, Department of State, DoD Cyber Crime Center plus the top commercial forensics experts and p...

1.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/03/04 3:10 p.m.10 views

Social Pen Testers Highlight Gullible Users

Security B-Sides: Security penetration testers Mike Bailey and Mike Murray rely plenty on attacks that exploit weaknesses in websites and servers, but their approach is better summed up by the famous phrase “There’s a sucker born every minute.” Read the full article. The Register...

2.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/01/18 5:21 p.m.77 views

Botnets Hit Perl Testers With Denial of Service Attack

According to a posting on the CPAN Testers’ blog, the CPAN Testers’ server has been being aggressively scanned by “20-30 bots every few seconds” in what they call “a dedicated denial of service attack”; these bots “completely ignore the rules specified in robots.txt”. Read the full article. The H...

9.3CVSS2.9AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2009/11/12 5:52 p.m.11 views

Proof of Concept Pen Testing Tools Coming

A researcher is working on tools for penetration testers that’s a first step toward ultimately integrating and correlating data among different types of penetration-testing products. Josh Abraham, a.k.a. “Jabra,” will release some proof-of-concept tools at the OWASP AppSec Conference in Washingto...

2.5AI score
Exploits0References1
Nmap
Nmap
added 2009/06/10 11:13 p.m.1693 views

smb-brute NSE Script

Attempts to guess username/password combinations over SMB, storing discovered combinations for use in other scripts. Every attempt will be made to get a valid list of users and to verify each username before actually using them. When a username is discovered, besides being printed, it is also sav...

10CVSS9.3AI score0.99448EPSS
Exploits33
seebug.org
seebug.org
added 2006/12/15 12:0 a.m.23 views

Microsoft Visual Studio WmiScriptUtils.dll跨域脚本漏洞

Microsoft Visual Studio是一套微软公司的开发工具套件系列产品。 Microsoft Visual Studio WMIScriptUtils.WMIObjectBroker2 ActiveX控件处理存在问题,远程攻击者可利用漏洞以应用程序进程权限执行任意指令。 Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX控件存在安全问题,攻击者可以构建恶意页面,诱使用户访问,导致绕过Internet域安全限制,并实例化其他危险的对象,造成 任意指令执行。 Visual Studio 2005 Standard Edition...

7AI score
Exploits0
Rows per page
Query Builder