Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Axon

Pages: 1 ... 3 4 [5] 6 7 ... 35
61
Hacking and Security / Pass-the-Hash is Dead, or is it?
« on: July 30, 2014, 10:44:05 pm »
This is a good read on the recent fix by Microsoft called KB2871997, which some have dubbed "Pass the hash fix". According to this fix, local accounts can no longer be used to access remote systems, either via simple network logon or interactive login. This includes using tools like PSEXEC or even browsing to C$ remotely. But this is not always the case?

http://www.harmj0y.net/blog/

http://www.pwnag3.com/2014/05/what-did-microsoft-just-break-with.html

62
Articles / Scientists Discover Mysterious Giant Hole in Siberia
« on: July 19, 2014, 01:50:36 am »
Quote
Scientists have discovered a mysterious giant hole that has appeared in one of Russia's most isolated northernmost regions, state television reported.

A preliminary study on Thursday determined that the gaping crater, about 100 meters in diameter, was created by a natural event — but not a meteorite impact.

There were no signs that the hole was artificially made, and the radiation level at the site was not dangerous, a team of scientists from Siberia's Institute of the Earth Cryosphere said in a press release quoted by Russian media.

Speculation has swirled about how the hole could have been created — including theories of an unknown meteorite or even alien beings — after a video of the mysterious site went viral on YouTube last week.

The hole is located in the vast region of Yamal, which means "the end of the Earth" in the local Nenets language. Straddling the Arctic Circle, the region is a place where temperatures plummet to negative 50 degrees Celsius and the sun barely rises in winter.

Inhabited by indigenous reindeer herders, Yamal is one of Russia's richest regions in natural gas. The hole was found near the Bovanentsky gas field, leading to speculation that it could have been caused by an underground explosion.

TV Zvezda, broadcast by the Defense Ministry, reported that the person who shot the video said the hole appeared to have been caused from below and that the darker soil around its top indicated the effect of high temperatures.
http://www.themoscowtimes.com/news/article/scientists-discover-mysterious-giant-hole-in-siberia-video/503611.html

More to the news.
http://www.dailymail.co.uk/travel/travel_news/article-2693105/Giant-hole-appears-Siberia-Huge-crater-emerges-end-world.html

http://sploid.gizmodo.com/new-footage-of-mysterious-giant-siberian-hole-as-scient-1606452428

Russia ::)

63
Found it on the Webs / SSL Blacklist
« on: July 18, 2014, 01:13:37 pm »
database of SSL certificates used by malware or botnets.
https://sslbl.abuse.ch/

64
General discussion / Germany wins 2014 world cup
« on: July 14, 2014, 12:39:13 am »
http://sports.yahoo.com/news/mario-gotze-hands-germany-world-cup-title-213617048.html

Finally after 24 years, Germany got it hands on world cup, many of you might not know about the irony in 2014 world cup. Last time Germany won world cup was in 1990 in Italy, they played against Argentine and won 1-0?

65
Articles / Searching SHODAN For Fun And Profit
« on: July 10, 2014, 10:44:56 pm »
This paper act as a guide for penetration testers and security folks who want to use Shodan and helps them to understand how it can be used it for security auditing purposes. This paper also outlines the procedure and explains the methods to find various vulnerable services and devices located on the internet. It helps to explain the basic filters that could be used by Shodan and its integration with other tools .It can be mainly used for reconnaissance phase of penetration testing.
http://upload.evilzone.org/download.php?id=8813862&type=rar

66
Articles / The ultimate XSS protection cheat sheet for developers
« on: July 10, 2014, 10:43:15 pm »
This guide is a compilation of information available on XSS Protection from various organization, researchers, websites, and from the author's own experience. This document follows a simple language and justifying explanations that helps a developer to implement the correct XSS defense and to build a secure web application that prevents XSS vulnerability and Post XSS attacks.
http://upload.evilzone.org/download.php?id=5522170&type=rar

67
Security Tools / UPnP Pentest Toolkit
« on: June 30, 2014, 06:33:33 am »
This tool aims to bring together a range of UPnP assessment features, enabling quick assessment with minimal configuration and set-up. It has been developed to aid security consultants in exploring, spoofing and manipulating of UPnP devices and the underlying protocols at work. It is intended as a proof of concept to be used for research purposes in a trusted environment.

https://github.com/nccgroup/UPnP-Pentest-Toolkit

68
Found it on the Webs / Python Arsenal for Reverse Engineering
« on: June 30, 2014, 06:32:22 am »
This site is a collection of various python engines, extensions, libraries, shells, that aids in the job code for understanding, analyzing and sometimes breaking code.
http://pythonarsenal.erpscan.com/

69
Interesting guide on how to perform remote debugging for each of the three major mobile platforms.
http://developer.telerik.com/featured/a-concise-guide-to-remote-debugging-on-ios-android-and-windows-phone/#weinre

70
In short, the author uses a PowerShell script that uses Service Principal Name (SPN) records from Active Directory to identify and attack SQL Servers on Windows domains without having to perform discovery scanning.
https://www.netspi.com/blog/entryid/228/locate-and-attack-domain-sql-servers-without-scanning

71
Security Tools / Lynis
« on: June 07, 2014, 10:00:54 pm »
Lynis is a Security and system auditing tool to harden Linux systems. Lynis is an auditing tool for Unix/Linux (specialists). It scans the system and available software and performs many individual security checks. It determines the hardening state of the machine and detects security issues. Beside security related information it will also scan for general system information, installed packages and possible configuration errors.

http://cisofy.com/lynis/

72
Security Tools / WAIDPS
« on: June 07, 2014, 02:12:51 pm »
WAIDPS (Wireless Auditing, Intrusion Detection and Prevention System) is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.
https://github.com/SYWorks/waidps

75
Android / [Q] Android mac changing
« on: June 04, 2014, 04:48:00 am »
Is there a practical method of changing mac address on android OS, I've tried several methods and apps but to no avail . You lose wifi connectivity as soon as you change the mac address, I've read that the best way is to change the first three parts of the mac address because the last three are reserved for the manufacturer, I've tried change the first three and the last three independently and nothing happened. Any help would appreciated?

Pages: 1 ... 3 4 [5] 6 7 ... 35


Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.