Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Axon

Pages: 1 ... 3 4 [5] 6 7 ... 34
61
Found it on the Webs / SSL Blacklist
« on: July 18, 2014, 01:13:37 pm »
database of SSL certificates used by malware or botnets.
https://sslbl.abuse.ch/

62
General discussion / Germany wins 2014 world cup
« on: July 14, 2014, 12:39:13 am »
http://sports.yahoo.com/news/mario-gotze-hands-germany-world-cup-title-213617048.html

Finally after 24 years, Germany got it hands on world cup, many of you might not know about the irony in 2014 world cup. Last time Germany won world cup was in 1990 in Italy, they played against Argentine and won 1-0?

63
Articles / Searching SHODAN For Fun And Profit
« on: July 10, 2014, 10:44:56 pm »
This paper act as a guide for penetration testers and security folks who want to use Shodan and helps them to understand how it can be used it for security auditing purposes. This paper also outlines the procedure and explains the methods to find various vulnerable services and devices located on the internet. It helps to explain the basic filters that could be used by Shodan and its integration with other tools .It can be mainly used for reconnaissance phase of penetration testing.
http://upload.evilzone.org/download.php?id=8813862&type=rar

64
Articles / The ultimate XSS protection cheat sheet for developers
« on: July 10, 2014, 10:43:15 pm »
This guide is a compilation of information available on XSS Protection from various organization, researchers, websites, and from the author's own experience. This document follows a simple language and justifying explanations that helps a developer to implement the correct XSS defense and to build a secure web application that prevents XSS vulnerability and Post XSS attacks.
http://upload.evilzone.org/download.php?id=5522170&type=rar

65
Security Tools / UPnP Pentest Toolkit
« on: June 30, 2014, 06:33:33 am »
This tool aims to bring together a range of UPnP assessment features, enabling quick assessment with minimal configuration and set-up. It has been developed to aid security consultants in exploring, spoofing and manipulating of UPnP devices and the underlying protocols at work. It is intended as a proof of concept to be used for research purposes in a trusted environment.

https://github.com/nccgroup/UPnP-Pentest-Toolkit

66
Found it on the Webs / Python Arsenal for Reverse Engineering
« on: June 30, 2014, 06:32:22 am »
This site is a collection of various python engines, extensions, libraries, shells, that aids in the job code for understanding, analyzing and sometimes breaking code.
http://pythonarsenal.erpscan.com/

67
Interesting guide on how to perform remote debugging for each of the three major mobile platforms.
http://developer.telerik.com/featured/a-concise-guide-to-remote-debugging-on-ios-android-and-windows-phone/#weinre

68
In short, the author uses a PowerShell script that uses Service Principal Name (SPN) records from Active Directory to identify and attack SQL Servers on Windows domains without having to perform discovery scanning.
https://www.netspi.com/blog/entryid/228/locate-and-attack-domain-sql-servers-without-scanning

69
Security Tools / Lynis
« on: June 07, 2014, 10:00:54 pm »
Lynis is a Security and system auditing tool to harden Linux systems. Lynis is an auditing tool for Unix/Linux (specialists). It scans the system and available software and performs many individual security checks. It determines the hardening state of the machine and detects security issues. Beside security related information it will also scan for general system information, installed packages and possible configuration errors.

http://cisofy.com/lynis/

70
Security Tools / WAIDPS
« on: June 07, 2014, 02:12:51 pm »
WAIDPS (Wireless Auditing, Intrusion Detection and Prevention System) is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.
https://github.com/SYWorks/waidps

73
Android / [Q] Android mac changing
« on: June 04, 2014, 04:48:00 am »
Is there a practical method of changing mac address on android OS, I've tried several methods and apps but to no avail . You lose wifi connectivity as soon as you change the mac address, I've read that the best way is to change the first three parts of the mac address because the last three are reserved for the manufacturer, I've tried change the first three and the last three independently and nothing happened. Any help would appreciated?

74
Found it on the Webs / Cracking complex passwords
« on: June 03, 2014, 01:00:54 am »
This is a good method of cracking complex passwords using qwerty-gen, which generates keyboard sequences according to a given layout and creates dictionary files for bruteforcing. Although this is not the ultimate passwords cracking method, but it's useful against some complex ones.
http://xangosec.blogspot.com/2014/01/cracking-more-passwords-qwerty-gen.html

75
Found it on the Webs / Stealing Passwords Every Time They Change
« on: May 31, 2014, 10:26:42 pm »
Here's a good way to steal passwords from a system no matter how complex they are and in clear text. Interesting to read.
http://www.room362.com/blog/2013/09/11/stealing-passwords-every-time-they-change/

Pages: 1 ... 3 4 [5] 6 7 ... 34


Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.