Entries in Category ‘Security in general’

In dieser Woche erscheint das Linux Magazin 05/2012: Diese Ausgabe beinhaltet einen Artikel von Thilo und mir: “Log-Wellenreiter – Logfiles überwachen und Aktionen anstoßen“. Dieser Artikel behandelt die automatisierte Auswertung von Log-Dateien und das Reagieren auf vordefinierte Events. Zusätzlich durfte ich den Artikel “Linux-Multimeter – Systemdiagnose von Vmstat über Netstat bis Dstat” beisteuern. Dieser Beitrag […]

(Continue reading…)

Today I am releasing my Simple LAN Scanner 1.0 (08th January 2011). [Download] Description The Simple LAN Scanner is a very simple LAN scanner written in Python. It scans the local network and tries to give you the MAC and IP addresses of the discovered running systems. Furthermore it creates a small log file at […]

(Continue reading…)

Today I am releasing my Simple Local File Inclusion Vulnerability Scanner 1.0 (29th December 2010). [Download] Description The Simple Local File Inclusion Vulnerability Scanner helps you to find LFI vulnerabilities. Usage ./lfi_scanner.py –url= Usage example ./lfi_scanner.py –url=”http://www.example.com/page.php?file=main” Usage notes – Always use http://…. – This tool does not work with SEO URLs, such as http://www.example.com/news-about-the-internet/. […]

(Continue reading…)

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:

(Continue reading…)

I have been interested in IT-Security since I was 16 or 17. Back then I was fascinated by basic concepts and the idea of exploiting weaknesses within a network, piece of software or simply human stupidity. It was exciting to see that the Internet is full of amazing websites, providing security enthusiasts with tools, source […]

(Continue reading…)

Just a few minutes ago I received a Google alert concerning packetstormsecururity.org. After a visit, clearly a very cool new website could be viewed. packetstormsecurity.org is now equipped with a modern look (new design + layout), pages for authors and profiles (registering is possible). Furthermore the start page and files organisation got over-worked. For me, […]

(Continue reading…)

This morning I woke up and read some very exciting stuff on the blog of the Exploit-DB team. A blog post announces the very interesting revival of the Google Hacking-Database (GHDB). The GHDB is a collection of Google search terms, called dorks, which help revealing interesting information. It is a common case that Google is […]

(Continue reading…)

Since most of my blog readers may be related to the security scene in some way, you might know this Israeli website: nullbyte.org.il. It is a database for exploit and papers, very similar to Exploit DB or milw0rm. They used to only accept new submissions from Israeli security researchers. Recently, they changed their policies and […]

(Continue reading…)

Some of you might have read my little tutorial about how to use Google Skipfish for web vulnerability scanning. While I was fascinated by the efficiency and speed of this application, I started to use it more often. Although manual testing can’t be replaced by a machine, web vulnerability scanners are still a helping hand. During […]

(Continue reading…)

During the last weeks I have given Mobile Device Security a big thought. As you may know, especially mobile phones are one of the most widely spread sort of device in the world. Almost everyone living in the western world has at least one of them. It is obvious to think further and say that […]

(Continue reading…)