- 15.5.2012: Link: Check the site before you surf it
- 15.5.2012: Link: Russian Cyber Crime 2011
- 7.5.2012: Solution to wicd problem
- 12.3.2012: Hacking: Post exploitation
- 28.2.2012: Link: DDoS
- 2.2.2012: Link: Best Security Certificate
- 31.1.2012: Hacking: SQL Injection tools for free
- 31.1.2012: Link: Antivirus stuff
- 31.1.2012: The SEVER Methodology
- 30.1.2012: Humor: Yes, we did it!
Verfasser-Archiv
Link: Check the site before you surf it
15.5.2012 von matti.
lo folks,
We all have to surf to different sites we do not trust.
Good to have a general idea what the site might have installed for you:
Cheers,
Matti
PS: We are benign: http://zulu.zscaler.com/submission/show/70f1d1dc97d2b6e291e2f7c4f63a9c1d-1337103508
Geschrieben in link | Drucken | Keine Kommentare »
Link: Russian Cyber Crime 2011
15.5.2012 von matti.
Hello folks,
This is a really interesting read:
http://group-ib.com/images/media/Group-IB_Report_2011_ENG.pdf
page 5 if you do not like to read. The numbers are impressive.
Also I like it that this is not just numbers but also has some stories at the end.
Really good write up—
Cheers,
Matti
Geschrieben in link | Drucken | Keine Kommentare »
Hacking: Post exploitation
12.3.2012 von matti.
Hello folks,
Came across a nice tool for uploading to a compromised system:
http://blog.gentilkiwi.com/mimikatz/inject
There is a nice method of getting the local password, without cracking any hashes or passing on hashes.
All to do with the SSO implementation in windows. Really nice and works in seconds.
Also cool to inject DLLs into all processes and get it to communicate with the process.
So no reason not to put it into once arsenal…
Cheers,
Matti
Geschrieben in hacking | Drucken | Keine Kommentare »
Link: DDoS
28.2.2012 von matti.
Hi,
There is an interesting change in the last half of 2011 on DDoS attacks.
A good read up can be found here:
http://www.securelist.com/en/analysis/204792221/DDoS_attacks_in_H2_2011
Matti
Geschrieben in link | Drucken | Keine Kommentare »
Link: Best Security Certificate
2.2.2012 von matti.
Hi all,
There are a lot of IT security certificates out there.
But I believe one of the best you can get is:
Check it out.
Cheers,
Matti
Geschrieben in humour, link | Drucken | Keine Kommentare »
Hacking: SQL Injection tools for free
31.1.2012 von matti.
Hello again,
It might be worth to test your applications for SQL Injection.
Here a list of tools:
Sqlninja ( http://sqlninja.sourceforge.net/ )
sqlmap ( http://sqlmap.sourceforge.net/ )
Pangolin 3.2.3 free edition ( http://down3.nosec.org/pangolin_free_edition_3.2.3.1105.zip )
Havij v1.14 Advanced SQL Injection – free version ( http://www.itsecteam.com/files/havij/Havij1.14Free.rar )
SQL Power Injector ( http://www.sqlpowerinjector.com/ )
Marathon Tool ( http://www.codeplex.com/marathontool )
Absinthe ( http://www.0×90.org/…inthe/index.php )
pysqlin ( http://code.google.c…source/checkout )
BSQL Hacker ( http://labs.portcull…on/bsql-hacker/ )
SQL Injection digger (SQLID) ( http://sqid.rubyforge.org/#download)
WITOOL ( http://witool.sourceforge.nSQL, Oracle, Microsoft SQL Server and Microsoft Access.et/ )
sqlus ( http://sqlsus.sourceforge.net/ )
DarkMySQLi16.py ( http://vmw4r3.blogspot.com/ )
mySQLenum ( http://sourceforge.n…ects/mysqlenum/ )
PRIAMOS ( http://www.priamos-project.com/ )
FJ-Injector Framework ( http://sourceforge.net/projects/injection-fwk/files/)
Bobcat SQL Injection Tool ( http://www.northern-…pub/bobcat.html )
SQLIer 0.8.2b ( http://bcable.net/releases.php?sqlier )
bsqlbf-v2 ( http://code.google.com/p/bsqlbf-v2/ )
Safe3 Sql Injector ( http://sourceforge.net/projects/safe3si/)
ExploitMyUnion ( http://sourceforge.n…exploitmyunion/ )Laudanum ( http://sourceforge.n…jects/laudanum/ )
WebRaider ( http://code.google.com/p/webraider/ )
Toolza 1.0 ( http://bug-track.ru/prog/toolza1.0.rar )
SCRT Mini-MySqlat0r (http://www.scrt.ch/attaque/telechargements/mini-mysqlat0r)
SFX-SQLi ( http://www.kachakil.com/ )
DarkMySQL ( http://vmw4r3.blogspot.com/ )
ProMSiD Premium ( http://forum.web-def…02&postcount=15 )
yInjector ( http://y-osirys.com/…-softwares/id10 )
Hexjector ( http://sourceforge.n…ects/hexjector/ )
Happy hacking…
Cheers,
Matti
Geschrieben in hacking | Drucken | Keine Kommentare »
Link: Antivirus stuff
31.1.2012 von matti.
Just as a reminder of different tools to get rid of malware.
Live CDs
Avira AntiVir Rescue System
http://www.avira.com/de/support-download-avira-antivir-rescue-system
F-secure Rescue-cd
http://www.f-secure.com/en/web/labs_global/removal/rescue-cd
BitDefender Rescue CD
http://www.heise.de/software/download/bitdefender_rescue_cd/56298dl_7469f31745ca2bd873d8a959cd9bf6ef_1328034493
Kaspersky Rescue Disk
http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/
G Data BootCD
http://www.gdata.de/support/downloads/tools.html
Dr.Web LiveCD
http://www.freedrweb.com/livecd/
Trinity Rescue Kit
http://trinityhome.org/Home/index.php?content=TRINITY_RESCUE_KIT_DOWNLOAD&front_id=12&lang=en&locale=en
Tools
Malwarebytes
http://www.malwarebytes.org/
Spybot - Search & Destroy 2.0
http://www.safer-networking.org/de/spybotsd2/index.html
Hijackthis
http://www.trendsecure.com/portal/de/tools/security_tools/hijackthis
Keep it clean…
Cheers,
Matti
Geschrieben in link | Drucken | Keine Kommentare »
Humor: Yes, we did it!
30.1.2012 von matti.
Yes folks,
We did it!!!
We are now an official hacking site.
You do not believe us? … Well, see for yourself
Yea baby 
Cheers,
Matti
Geschrieben in humour | Drucken | 1 Kommentar »
Hacking: Tools
28.1.2012 von matti.
I am sometimes quite surprised of how many web security tools start with a single guy coding something up.
Here is such an example of a really cool tool written by guy from London Royal Holloway University, Anastasios Laskos:
Really impressed by the high rate and accuracy of issues it discovers…
So thanks for that tool
Cheers,
Matti
Geschrieben in hacking | Drucken | Keine Kommentare »
Hacking: Traces on the Internet
28.1.2012 von matti.
I was having a look at certain sites and tools that are good for finding things out about other people on the Internet.
Not for stalking 
but for Social Engineering.
Here are some of which I thought where quite useful….
Social Network Search Sites:
http://www.neoformix.com/Projects/TwitterStreamGraphs/view.php
http://twendz.waggeneredstrom.com/
http://twittermap.appspot.com/
Those might be good as well:
http://twittercounter.com/ (needs twitter account)
http://www.ubervu.com/ (demo must be requested)
http://www.alterian.com/socialmedia/products/sm2/ (demo must be requested)
People Search Sites:
People Search Tools
http://ilektrojohn.github.com/creepy/
http://code.google.com/p/fbpwn/
Exploiting
http://www.sptoolkit.com/documentation/001-the-spt-framework/
Cheers,
Matti
Geschrieben in hacking | Drucken | Keine Kommentare »