KaffeNews
Caffeinated InfoSec News
Joomscan: Tool for testing vulnerability in joomla
Joomscan is a tool for testing the vulnerability of websites that use free system to regulate online content ‘Joomla’. Given that the last update was in 2009, we decided to go further and help users to protect their Joomla sites. The last update was entered in the database 466 vulnerable components, today it is [...]
Full Story »
THC-HYDRA v7.2
THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows, Cygwin, [...]
Full Story »
(IN)SECURE Magazine Issue 33
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. (IN)SECURE Magazine Issue 33, the February 2012 issue has been released! Table of contents for (IN)SECURE Magazine Issue 33: Securing Android: Think outside the box Interview with Joe Sullivan, CSO at Facebook White hat shellcode: Not for exploits Using [...]
Full Story »
FatCat: Auto SQLl Injector
This is an automatic SQL Injection tool called as FatCat , Use of FatCat for testing your web application and exploit your application more deeper. FatCat Features that help you to extract the Database information, Table information, and Column information from web application. Only If it is vulnerable to SQL Injection Vulnerability. If used inhouse [...]
Full Story »
Mobius Forensic Toolkit v0.5.11
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. Official change log for Mobius Forensic Toolkit v0.5.11: This release features 14 new registry reports: autorun services [...]
Full Story »
Anti: Android Network Toolkit
Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti Using Anti is very intuitive on each run, it will map your network, scan for active devices and vulnerabilities, and will display the information accordingly: Green led signals an ‘Active device’, Yellow led [...]
Full Story »
Armitage V 01.19.12
“Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage [...]
Full Story »
ClubHACK Magazine January 2012
ClubHACK has released the January 2012 version of their magazine. It is the first Indian “Hacking” Magazine. This issue is not theme based. You will read about how Facebook’s authentication and security can be bypassed, learn how Facebook apps can be bad. More to read on SQLMap, Matriux and IT Law. Contents: Tech Gyan: One [...]
Full Story »
IPhone Applications Tune-up |E-Book|
Packt recently published a new book- IPhone Applications Tune-up. The book is of course about programming for the iPhone. But there is one chapter on maintainability that is far broader applicability than just the iPhone. This review was written by Wes Boudville. Read more about the book or download a free Sample Chapter here: Sample [...]
Full Story »
Aidsql: Sql Injection Penetration Testing Tool
This is a video showing you howto effecitvely audit your website with aidsql Description: aidSQL is a PHP application provided for detecting security holes in your websites. It is a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. Download aidSql from here
Pentagon OKs Android for DoD Usage
The Pentagon has approved a version of Android running on Dell hardware to be used by DoD officials, along with the BlackBerry. The approval of Android by the DoD is a major setback for Apple’s iPhone. The military approval is quite specific. Android can only be used on Dell’s hardware running Android 2.2. Dell is [...]
How To Avoid The Most Common And Dangerous Passwords
The most people set password which are very easy to crack such as qwerty, abc123, 123456 etc. To avoid setting common passwords for your accounts and creating a strong password that is easy to remember, check out the infographic(below). (Click image to enlarge)
How a Firewall Protects You From the Inside Out
Why I need a firewall? This is a most common question beside Anti-virus you must have a firewall but why? Firewall protect your computer from different types of hacking attack because Firewall is a wall just like your home door, if your door unlock than everyone can easily get into your home so use a [...]
5 Most Common Web Application Vulnerabilities
Injection Examples of injection flaws are SQL, LDAP, HTTP header injection (cookies, requests), and OS command injections Attacks occur when untrusted data, such as a query, command or argument, is sent to an interpreter Vulnerable applications can be tricked into executing unintended commands or allowing the attacker to access, and modify, data Cross Site [...]
ClubHACK Magazine December 2011!
ClubHACK has released the December 2011 version of their magazine. It is the first Indian “Hacking” Magazine. This issue of CHMag is dedicated Mobile/Telecom Hacking and Security. Contents of ClubHACK Magazine December 2011: Tech Gyan: GSM In this article we will describe the various tools, software, hardware and techniques, that can be employed to attack [...]
Linux Kernel 3.2 RC6 Is Available for Testing
Linus Torvalds announced last evening, December 16th, that another Release Candidate version of the upcoming Linux kernel 3.2 is available for download and testing. Linux kernel 3.2 RC5 brings some filesystem updates, especially for Btrfs and CIFS. But the most important changes are among the drivers, like swim3, i915 or eDP. And, as usual, some [...]
Cain & Abel v4.9.43
Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Features: Added SAP R/3 sniffer filter [...]
