In eigener Sache: Das Linux Magazin 05/2012

In dieser Woche erscheint das Linux Magazin 05/2012: Diese Ausgabe beinhaltet einen Artikel von Thilo und mir: “Log-Wellenreiter – Logfiles überwachen und Aktionen anstoßen“. Dieser Artikel behandelt die automatisierte Auswertung von Log-Dateien und das Reagieren auf vordefinierte Events. Zusätzlich durfte ich den Artikel “Linux-Multimeter – Systemdiagnose von Vmstat über Netstat bis Dstat” beisteuern. Dieser Beitrag […]... Read More

Simple LAN Scanner 1.0 released

Today I am releasing my Simple LAN Scanner 1.0 (08th January 2011). [Download] Description The Simple LAN Scanner is a very simple LAN scanner written in Python. It scans the local network and tries to give you the MAC and IP addresses of the discovered running systems. Furthermore it creates a small log file at […]... Read More

Simple Local File Inclusion Vulnerability Scanner version 1.0 released

Today I am releasing my Simple Local File Inclusion Vulnerability Scanner 1.0 (29th December 2010). [Download] Description The Simple Local File Inclusion Vulnerability Scanner helps you to find LFI vulnerabilities. Usage ./ –url= Usage example ./ –url=”” Usage notes – Always use http://…. – This tool does not work with SEO URLs, such as […]... Read More

The Joomla Hacking Compendium

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:... Read More

Not yet another Full Disclosure vs Responsible Disclosure debate

I have been interested in IT-Security since I was 16 or 17. Back then I was fascinated by basic concepts and the idea of exploiting weaknesses within a network, piece of software or simply human stupidity. It was exciting to see that the Internet is full of amazing websites, providing security enthusiasts with tools, source […]... Read More’s awesome relaunch

Just a few minutes ago I received a Google alert concerning After a visit, clearly a very cool new website could be viewed. is now equipped with a modern look (new design + layout), pages for authors and profiles (registering is possible). Furthermore the start page and files organisation got over-worked. For me, […]... Read More

Exciting Google Hacking-Database (GHDB) revival by Exploit-DB

This morning I woke up and read some very exciting stuff on the blog of the Exploit-DB team. A blog post announces the very interesting revival of the Google Hacking-Database (GHDB). The GHDB is a collection of Google search terms, called dorks, which help revealing interesting information. It is a common case that Google is […]... Read More

Israeli security website changed their policies

Since most of my blog readers may be related to the security scene in some way, you might know this Israeli website: It is a database for exploit and papers, very similar to Exploit DB or milw0rm. They used to only accept new submissions from Israeli security researchers. Recently, they changed their policies and […]... Read More

Security / Penetration Testing (Debian/Ubuntu) – Why Google Skipfish failes to be a top-class web vulnerability scanner

Some of you might have read my little tutorial about how to use Google Skipfish for web vulnerability scanning. While I was fascinated by the efficiency and speed of this application, I started to use it more often. Although manual testing can’t be replaced by a machine, web vulnerability scanners are still a helping hand. During […]... Read More