background preloader

Top 10 Web hacking techniques of 2010 revealed

Top 10 Web hacking techniques of 2010 revealed
Network World - A Web hack that can endanger online banking transactions is ranked the No. 1 new Web hacking technique for 2010 in a top 10 list selected by a panel of experts and open voting. Called the Padding Oracle Crypto Attack, the hack takes advantage of how Microsoft's Web framework ASP.NET protects AES encryption cookies. FROM THE SECURITY WORLD: Quirky moments at Black Hat DC 2011 If encryption data in the cookie has been changed, the way ASP.NET handles it results in the application leaking some information about how to decrypt the traffic. The developers of the hack -- Juliano Rizzo and Thai Duong -- have developed a tool for executing the hack. The ranking was sponsored by Black Hat, OWASP and White Hat Security, and details of the hacks will be the subject of a presentation at the IT-Defense 2011 conference next month in Germany. Here are the rest of the top 10 Web hacks voted in the competition: 2. 3. 4. 5. 6.

The War On Cyber CyberTerrorists - The War On Cyber: CyberTerrorists - The War On Cyber Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. Subscribe to topics and forums to get automatic updates Welcome to CyberTerrorists - The War On Cyber, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information. Looking for Developers !! Autodesk Revit Structure 2012 Build 2315 + Portable by Today, 05:46 AM Application Pack for iPad and iPhone by Today, 05:16 AM p777 God z da Shortest distance from Zero to INFiNiTY.........!!! locon i want access to TRACK2.NAME ONLINE DUMP SHOP Toggle this category ..:: CT Global Rules, Announcements, News & Feedback ::.. Forum Rules & Announcement, Read RULES before Posting any kind of thing here.

Mac Hacking [dot] net - Knowledge Base DARKSIDE RG How the NSA's Firmware Hacking Works and Why It's So Unsettling One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. Here’s what we know about the firmware-flashing module. How It Works Hidden Storage Is the Holy Grail

hackergames.net Phone hacking Phone hacking is the practice of intercepting telephone calls or voicemail messages, often by accessing the voicemail messages of a mobile phone without the consent of the phone's owner. The term came to prominence during the News International phone hacking scandal, in which it was alleged (and in some cases proved in court) that the British tabloid newspaper the News of the World had been involved in the interception of voicemail messages of the British Royal Family, other public figures, and the murdered schoolgirl Milly Dowler.[1] Risks[edit] Although any mobile phone user may be targeted, "for those who are famous, rich or powerful or whose prize is important enough (for whatever reason) to devote time and resources to make a concerted attack, there are real risks to face."[2] Techniques[edit] Voicemail[edit] Handsets[edit] Other[edit] Legality[edit] See also[edit] References[edit] External links[edit]

Smartsniff Password Sniffer Related Links Windows Password Recovery ToolsSmartSniff - Monitoring TCP/IP packets on your network adapter Mail PassView - Recover POP3/IMAP/SMTP email passwords. Dialupass - Recover VPN/RAS/Dialup passwords Search for other utilities in NirSoft Description SniffPass is small password monitoring software that listens to your network, capture the passwords that pass through your network adapter, and display them on the screen instantly. Versions History Version 1.13: Fixed bug: When opening the 'Capture Options' dialog-box after Network Monitor Driver 3.x was previously selected, SniffPass switched back to Raw Sockets mode. System Requirements SniffPass can capture passwords on any 32-bit Windows operating system (Windows 98/ME/NT/2000/XP/2003/Vista) as long as WinPcap capture driver is installed and works properly with your network adapter. On Windows XP/SP1 passwords cannot be captured at all - Thanks to Microsoft's bug that appeared in SP1 update... Using SniffPass Command-Line Options

Top 50 Hacking Tools That You Must Have Whether you are a Penetration tester, a hacker or an aspiring newbie trying to learn Cyber Security, you must have a nice catalogue of tools to make your life easier. While these tools do make working simpler but cannot compensate for the vast amount of knowledge required in this field. In this post i’m going to mention 50 different tools under 9 categories that your ‘Hack Lab’ must have. Most of the tools mentioned in this post are pre-included in Kali Linux which you can install to have them at once. Intrusion Detection Systems :- These are the tools you must have if you’re building a hack lab for penetration testing or for any security arrangement. SnortNetCop Encryption Tools :- While the above tools do identify any suspicious activity but they can’t protect your data, you need encryption tools for that. TrueCrypt (The project has been shut down and no longer supported)OpenSSHPuttyOpenSSLTorOpenVPNStunnelKeePass Port Scanners :- NmapSuperscanAngry IP Scanner Packet Sniffers :- Enjoy..!!

100+ Free Hacking Tools To Become Powerful Hacker Wondering which software is used for hacking? What is the best software for hacking password? We have created a list of useful hacking tools and software that will help you do you job much easier. Ethical hacking and online security involve a lot of efforts. Many tools are used to test and keep software secure. A hacking tool is a computer program or software which helps a hacker to hack a computer system or a computer program. Password Cracker Software A password cracker software, which is often referred to as a password recovery tool, can be used to crack or recover the password either by removing the original password, after bypassing the data encryption or by an outright discovery of the password. In the next section you would be getting familiar with some of the popular Password Cracker tools which are used by hackers for password cracking. Ophcrack It is a free password cracker software which is based on the effective implementation of the rainbow tables. Medusa RainbowCrack Wfuzz Nmap

Related: