Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Axon

Pages: 1 [2] 3 4 ... 30
16
Operating System / CrunchPwn
« on: February 22, 2014, 11:26:01 pm »
CrunchPwn is a penetration testing repository/addition for CrunchBang Linux, it can be installed on top of existing environment or downloaded as an ISO.


Code: [Select]
http://www.crunchpwn.org/

Just another Pentest distro. Just how many of them out there ::)

17
Just found this interesting, I'm no expert in php shells, I though this might be interesting for some of you folks out there. Are people still using c99 and r57 shells?


http://thehackerblog.com/hacking-script-kiddies-r57-gen-tr-shells-are-backdoored-in-a-way-you-probably-wouldnt-guess/

18
Found it on the Webs / Hacking Tools Repository
« on: February 22, 2014, 07:57:17 pm »
Here is a list of security tools that have been collected from the internet. These tools are specifically aimed toward security professionals and enthusiasts/hobbyists for testing and demonstrating security weaknesses.

http://gexos.github.io/Hacking-Tools-Repository/



19
Hacking and Security / Cyanogenmods Updater Vulnerable to MITM Attack
« on: February 17, 2014, 06:56:20 pm »
So it turns out that Cyanogemod’s built in updater gets it’s update information by contacting http://download.cyanogemod.org/api


Note the http:// part there. It also turns out there’s no signature verification of the flashable .zip file that the custom recovery uses to update. What this means is that anyone who can MITM your connection (Which means the NSA to anyone who can manipulate the BGP routing table all the way down to anyone who can own your router/has access to your local LAN/WLAN) can change where the cyanogenmod update looks for the image file that CM will flash.


https://kyhwana.org/blog/2014/02/17/cyanogenmods-updater-vulnerable-to-mitm-attack/

20
Quote
A quarter of Americans surveyed could not correctly answer that the Earth revolves around the sun and not the other way around, according to a report out Friday from the National Science Foundation. The survey of 2,200 people in the United States was conducted by the NSF in 2012 and released on Friday at an annual meeting of the


http://www.npr.org/blogs/thetwo-way/2014/02/14/277058739/1-in-4-americans-think-the-sun-goes-around-the-earth-survey-says


Hahahahaha.

21
Articles / Holy Logic: Computer Scientists 'Prove' God Exists
« on: February 13, 2014, 12:41:29 am »
Quote
Two scientists have formalized a theorem regarding the existence of God penned by mathematician Kurt Gödel. But the God angle is somewhat of a red herring -- the real step forward is the example it sets of how computers can make scientific progress simpler.


http://www.spiegel.de/international/germany/scientists-use-computer-to-mathematically-prove-goedel-god-theorem-a-928668.html


http://arxiv.org/pdf/1308.4526v4.pdf

22
Hacking and Security / Two Security Issues Found in the Android SDK Tools
« on: February 06, 2014, 11:28:29 pm »
During an audit of the Android ADB source code, two security issues within the Android SDK Platform Tools were discoverd. When combined together, these issues can allow an unprivileged local user to gain access to the account of someone that uses the ADB tool.


http://www.droidsec.org/advisories/2014/02/04/two-security-issues-found-in-the-android-sdk-tools.html

23
Found it on the Webs / DARPA open source catalog
« on: February 06, 2014, 11:22:00 pm »
This is DARPA Open Catalog, which contains a curated list of DARPA-sponsored software and peer-reviewed publications. The DARPA Open Catalog organizes publically releasable material from DARPA programs.


http://www.darpa.mil/OpenCatalog/index.html





24
Android / Android IMSI Catcher Detector
« on: January 31, 2014, 07:33:48 pm »
The android IMSI catcher detector is an android based project to detect and (hopefully one day) avoid fake base stations (IMSI-Catchers) in GSM/UMTS Networks.
With IMSI-Catchers being exponentially popular lately, and with an explosion of various "bastards" with governments and criminals all the same, using it. Anyone can now buy an IMSI-Catcher (or build a cheap one on his own). In addition they can all crack the A5.1-3 encryption on the fly!.


https://github.com/SecUpwN/Android-IMSI-Catcher-Detector


Project size is around 85mb, it contains papers and ebooks about GSM protocols and related subjects, some papers are in German.

25
Security Tools / wifijammer
« on: January 30, 2014, 05:51:22 pm »
wifijammer is a python tool used to continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block's range with heavy access point saturation


https://github.com/DanMcInerney/wifijammer

26
Found it on the Webs / GSM security map
« on: January 29, 2014, 01:15:16 pm »
The GSM Security Map website compares the protection capabilities of mobile networks from different countries worldwide. Networks are rated in their protection capabilities relative to a reference network that implements all protection measures that have been seen “in the wild”.


Code: [Select]
https://www.gsmmap.org

27
General discussion / Numbers pattern recognition software
« on: January 25, 2014, 06:16:21 pm »
Does anyone know any software (preferably open source) for numbers pattern recognition? I'm looking for a software where the user inputs a set of numbers, then the software will do a pattern recognition, after that the software will generate numbers based on the patterns.

28
eBooks / Hacking with Kali: Practical Penetration Testing Techniques
« on: January 23, 2014, 05:13:06 pm »



Publication Date: December 18, 2013


Quote
Hacking with Kali introduces you the most current distribution of the de facto standard tool for Linux pen testing. Starting with use of the Kali live CD and progressing through installation on hard drives, thumb drives and SD cards, author James Broad walks you through creating a custom version of the Kali live distribution. You'll learn how to configure networking components, storage devices and system services such as DHCP and web services. Once you're familiar with the basic components of the software, you'll learn how to use Kali through the phases of the penetration testing lifecycle; one major tool from each phase is explained.


• Provides detailed explanations of the complete penetration testing lifecycle
• Complete linkage of the Kali information, resources and distribution downloads
• Hands-on exercises reinforce topics



http://upload.evilzone.org/download.php?id=3976340&type=rar

29
Found it on the Webs / Reducing the Effectiveness of Pass-the-Hash
« on: January 22, 2014, 09:18:00 pm »
NSA presents "Reducing the Effectiveness of  Pass-the-Hash". The irony?  ;)


http://www.nsa.gov/ia/_files/app/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf

30
Chinese researchers have done the seemingly impossible: observed and recorded an instance of ball lightning completely by accident. And it bodes well for a decade-old theory about the nature of the conundrum.


http://news.cnet.com/8301-11386_3-57617432-76/scientists-accidentally-record-ball-lightning-in-nature-for-first-time/

Pages: 1 [2] 3 4 ... 30


Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Bluechill or Kulverstukas on the forum or at IRC.