Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Axon

Pages: 1 [2] 3 4 ... 34
Security Tools / LFiFreak
« on: April 04, 2015, 02:31:36 pm »
LFiFreak is a unique tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods.

-Works with Windows, Linux and OS X
-Includes bind and reverse shell for both Windows and Linux
-Written in Python 2.7

Found it on the Webs / SecureDrop: Open source whistleblower platform
« on: April 04, 2015, 01:48:39 pm »

SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.


GitHub page:

Operating System / Freepto: Encrypted GNU/Linux on USB
« on: March 31, 2015, 11:20:17 pm »
Freepto is a Linux-based operating system on USB stick preconfigured for security and encryption. Data you save on the USB stick will always automatically be encrypted. The idea behind Freepto is to offer an easy way to deal with the most common needs of activists, without giving up the convenience of a traditional operating system.

Articles / Wave-Particle Duality, Visible at Last
« on: March 13, 2015, 08:03:25 pm »
Ever since Louis de Broglie proposed the wave nature of matter in the 1920s, countless physics students have tried to picture wave-particle duality. Thanks to modern electron microscopy techniques, scientists based in Switzerland have captured the first image of light exhibiting both properties simultaneously.

New evidence by Kaspersky researchers suggests that the hacking group could be NSA personnel in disguise.

It was almost after 2 years since the Snowden leaks that Russian firm Kaspersky Lab’s Global Research and Analysis Team presented a report last month where it clearly showed that NSA i.e. National Security Agency is the major suspect in global hacking campaign which attacks the firmware of the hard drives. The action of this hacking group was termed as “Equation Group” by Kaspersky due to the advanced methods used by the hackers to carry out its actions.

The new report which Kaspersky’s researchers published on Wednesday shows that the term “BACKSNARF” was one of the terms which was used by the Equation Group in one of their codes in their online platform and on the other hand NSA’s cyber warfare unit was using the same term for one of its project.

The report

Security Tools / Hyperfox
« on: March 11, 2015, 11:13:20 pm »
Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key (both provided by the user). If the target machine recognizes the root CA as trusted, then HTTPs traffic can be succesfully intercepted and recorded. Hyperfox saves captured data to a SQLite database for later inspection and also provides a web interface for watching live traffic and downloading wire formatted messages.

I've reading heavily on the situation of the Ukrainian crises, and the US intervention in this crises which has a far reaching goals, that most of us are oblivious to.
This is the video, since the original one requires age verification

The big picture is clear. This coup was instigated and supported by US to overthrow the democratically elected pro-russian president, and install a NATO friendly anti Russian president.

But, why the US is doing all this mayhem and chaos, the following link is the most important. It doesn't only explain why US is starting this war, but takes the reader back to the first WW to explain a similarity between both events.

We can see now the main goal of the US administration which is complete world domination, militarily and financially.

Found it on the Webs / Android Security Wiki
« on: March 04, 2015, 05:26:24 pm »
One link for android security resources.

Found it on the Webs / VoCore
« on: March 02, 2015, 10:01:18 am »
VoCore is an open hardware runs OpenWrt. It has WIFI, USB, UART, 20+ GPIOs but size is only one square inch. It helps you make a smart house, study embedded system or even make the tiniest router on the earth. You will not only get the VoCore but also its full hardware design including sch, pcb, bom; full source code including boot loader, os(openwrt), applications. You are able to control EVERY BIT of your VoCore.

A new Android Malware has been discovered by AVG which can be “spying” on the user even when the phone is in “Switch off mode”

Mobile Malware Research Team AVG have discovered a new bug which is of great concern to all the Android smartphone users. Usually when user shuts down or puts off the Android phone a dialog box opens asking for 3 options: Power Off, Airplane Mode or Mute. Usually user would select the Power Off option and then the Android phone would shut off. Mobile security AVG team discovered that this Malware captures the “root permission” level of the Power Off process. Once this is done the malware will inject the virus so that the entire Power Off process is locked.

With the malware taking over the Power Off process, whenever the victim clicks the Power Off button an artificial dialog pops up and then the entire fake shutdown process takes place which would resemble as if actually the phone is shutting down. However in reality the phone is still active and working.

AVG website with some code snippets

Hacking and Security / Lenovo superfish scandel
« on: February 21, 2015, 10:59:03 pm »
Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said.

Rob Graham, CEO of security firm Errata Security, has cracked the cryptographic key encrypting the Superfish certificate. That means anyone can now use the private key to launch man-in-the-middle HTTPS attacks that won't be detected by machines that have the certificate installed.

This is crazy, now we can't even trust the laptops manufacturers!! I wonder if other companies have done the same but are still not discovered.

Lesson learned: Do Not Trust The Chinese.

Articles / US authorities discover a deadly virus
« on: February 21, 2015, 10:33:17 pm »
Washington (AFP) - US health authorities on Friday announced the discovery of a new virus believed to be responsible for the death of a previously healthy man in Kansas last year. The virus -- named "Bourbon" after the county where the victim lived -- is part of a group of viruses known as thogotovirus, the Centers for Disease Control and Prevention said in a statement.

Found it on the Webs / PwnPi
« on: February 13, 2015, 06:05:07 pm »
PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation’s website and uses Openbox as the window manager. PwnPi can be easily setup to send reverse connections from inside a target network by editing a simple configuration file.

The USB Armory is full-blown computer (800MHz ARM® processor, 512MB RAM) in a tiny form factor (65mm x 19mm x 6mm USB stick) designed from the ground up with information security applications in mind. Not only does the USB Armory have native support for many Linux distributions, it also has a completely open hardware design and a breakout prototyping header, making it a great platform on which to build other hardware.

The ability to emulate arbitrary USB devices in combination with the i.MX53 SoC speed and fully customizable operating environment makes the USB Armory an ideal platform for all kinds of personal security applications. Not only is the USB Armory an excellent tool for testing the security of other devices, but it also has great security features itself:
Technical documentations.

Android / Android Application Security Tutorials
« on: February 03, 2015, 11:19:15 pm »
This series contains some blog post about different types of vulnerabilities which are possible in Android Application’s and there exploitation methods.

Pages: 1 [2] 3 4 ... 34

Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.