Dradis is an open source tool for sharing information during security assessments. It provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.
Iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed.
It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum analyzer hardware from Metageek LLC. They include userspace drivers for the hardware (implemented via libusb), a graphing UI built on GTK/Cairo, network servers for remote devices, and simple utilities for developing additional tools.
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
Apple Safari & Quicktime Denial of ServiceMonday, 15 June 2009 Apple Safari & Quicktime Denial of ServiceShameless plug :------------------------------------------------------------------------You are invited to join the 2009 edition of... + Full Exploit
LinkLogger 2.4.10.15 syslog DoSMonday, 15 June 2009#!/usr/bin/perl####################################################### LinkLogger 2.4.10.15 syslog DoS# Tested against 2.4.10.15# Coded by Mike Cyr, aka h00die# mcyr2 at csc ... + Full Exploit
Buffer Overflow Primer Part 1 (Smashing the Stack)Friday, 24 April 2009In this video series we will learn the basics of Buffer Overflow
attacks and demonstrate how one can exploit Buffer Overflows in
programs for fun and profit. The pre-requisite for this video series is
that you are familiar with Assembly language. If you are not familiar
with Assembly language, no worries, I have created detailed video
tutorials for Assembly language here - Assembly Language Primer for
Hackers.In Part 1 of the Buffer Overflow
series we will look at why buffer overflow attacks happen. We will
discuss how the is laid out when a function call happens, then how a
buffer can be overwritten if proper bounds checking does not happen and
finally how a hacker could take control of the program by
overwriting the return address stored on the stack to an
arbitrary value.We will use a sample program - Demo.c to demonstrate how
it is possible to change the Return address by overwriting the stack
using user supplied input.
var s1 = new
SWFObject('http://miliw0rm.securitytube.net/player.swf','player','640','480','9');
s1.addParam('allowfullscreen','true');
s1.addParam('allowscriptaccess','always');
s1.addParam('flashvars','file=http://videos.securitytube.net/Buffer
Overflow Primer Part 1 (Smashing the Stack).mp4'); s1.write('preview');
+ Watch video
Windows HackingAt the Windows hacking stage of the process, things start to change, as this stage is about breaking and entering the targeted system. Previous steps, such as footprinting, scanning,... + Full Guide
Linux SecurityLinux is an operating system that is based on UNIX. Linux was originally created by Linus Torvalds with help from programmers from around the world. If you're new to Linux, this... + Full Guide