AutoRooter – PHP based Exploit

Publisher Description A PHP based auto Local Exploit trigger. It detects kernel version ,gcc and auto pwn it for specific vulnerabilities. A standard proof of concept.This PHP based script, when allows to upload on vulnerable server . AutoRooter – PHP based Exploit is a free software application from the Other subcategory, part of the … Read more

Exploitable Vulnerable Apps Operating Systems Virtual Machines VMs for Testing

Badstore: Badstore is one of the most vulnerable web application on which security researchers can practice their skills. It has vulnerabilities like cross-site scripting (XSS), SQL injection, clickjacking, password hash (MD5 decoding) and, if you’re good at penetration testing, you may find the robot.txt file and use it for further exploits. You need to download … Read more

Practice SQLi XSS CSRF, File Injection and Download DVWA Damn Vulnerable Web App

DVWA – It stands for Damn Vulnerable Web App. It is based on PHP and runs on MySQL database server, which is indeed damn vulnerable. It has three levels of security: Low, Medium, and High. Each level of security demands different skills. Developers have decided to share its source code, too, so that security researchers can … Read more

The Evolution of Hacking and Security – From Bindshells to Reverse Shells

So, if you read my previous post on what hacking was like in the mid 90’s to early 2000’s this post will be basically the polar opposite. The hacking game has drastically changed, the old wild wild west version of the internet has turned into cities and suburbs where hacking still takes place but there … Read more

Detailed Analysis of the processes and stages of an Exploit Kit – Java and IE exploited by Flashpack Web Based Kit

Here you can see the webpage that the hackers exploited ( and inserted within that page an iframe which includes a link to a Javascript Redirect file 2012-09-18 22:41:42.001035 IP > Flags [P.], seq 1:395, ack 1, win 64240, length 394 E…*.@…….j.\+lF…P7_Z.X.X.P….?..GET /Lk1SsGQm/js.js HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; … Read more

Malware Has Not Gone Away Like Some People Think

Cyber Security Analysts and Specialist alike have noticed a significant downward trend in the number of infections being reported. This doesn’t mean that the Crimeware bosses have packed up shop and gone legit. There are many contributing factors to the current number of infections. Reviewing many of the largest security solution providers logs and examining … Read more

SSDP Distributed Reflection Denial of Service (DrDoS) Attacks may be biggest threat – Traffic Sample & Snort Rule

  SSDP Distributed Reflection Denial of Service attacks are on the rise and may be the biggest threat right now. SSDP attacks do not have the biggest amplification number but they may have the most vulnerable systems to abuse in a reflection attack. Open source reports indicate that there are over 5 million vulnerable systems … Read more