Nytro

Prin ce metoda se injecteaza, CreateRemoteThread?

Ca ateu, nu am nimic cu ratatii care vin sa pupe oase, dar am ceva cu BOR-ul (Biserica Ortodoxa Romana) si cu magariile financiare pe care le fac.

Sunt diferente: - versiunea de kernel si driverele pentru placile de retea suportate - patch-urile pentru drivere ca sa suporte packet injection (sau cum se cheama) - versiunile de airmon/aircrack... pe langa celelalte utilitare Deci, cel putin in teorie, 5 ar trebui sa aiba multe plusuri fata de 3. PS: Aceste diferente nu prea sunt "vizibile" de obicei, poate doar sa folosesti --channel in loc de -c.

Redirecting functions in shared ELF libraries By Apriorit Inc, Anthony Shoumikhin | 2 Apr 2010 | Unedited contribution This article gives brief description of ELF libs structure and functioning and also shows how to intercept function calls from one library into another TABLE OF CONTENTS 1. The problem 1.1 What does redirecting mean? 1.2 Why redirecting? 2. Brief ELF explanation 2.1 Which parts does ELF file consist of? 2.2 How do shared ELF libraries link? 2.3 Some useful conclusions 3. The solution 3.1 What is the algorithm of redirection? 3.2 How to get the address, which a library has been loaded to? 3.3 How to write and restore a new function address? 4. Instead of conclusion 5. Useful links 1. The problem We all use Dynamic Link Libraries (DLL). They have excellent facilities. First, such library loads into the physical address space only once for all processes. Secondly, you can expand the functionality of the program by loading the additional library, which will provide this functionality. And that is without restarting the program. Also a problem of updating is solved. It is possible to define the standard interface for the DLL and to influence the functionality and the quality of the basic program by changing the version of the library. Such methods of the code reusability were called "plug-in architecture". But let's move on. Of course, not every dynamic link library relies only on itself in its implementation, namely, on the computational power of the processor and the memory. Libraries use libraries or just standard libraries. For example, programs in the C\C++ language use standard C\C++ libraries. The latter, besides, are also organized into the dynamic link form (libc.so and libstdc++.so). They are stored in the files of the specific format. My research was held for Linux OS where the main format of dynamic link libraries is ELF (Executable and Linkable Format). Recently I faced the necessity of intercepting function calls from one library into another - just to process them in such a way. This is called the call redirecting. 1.1 What does redirecting mean? First, let’s formulate the problem on the concrete example. Supposing we have a program called "test" on the C language (test.c file) and two split libraries (libtest1.c and libtest2.c files) with permanent contents and which were compiled beforehand. These libraries provide functions: libtest1() and libtest2(), respectively. In their implementation each of them uses the puts() function from the standard library of the C language. A task consists in the following: To replace the call of the puts() function for both libraries by the call of the redirected puts() function. The latter is implemented in the master program (test.c file) that can in its turn use the original puts() function; To cancel the performed changes, that is to make so that the repeated call of libtest1() and libtest2() leads to the call of the original puts() function. It is not allowed to change the code or recompile the libraries. We can change only the master program. Articol complet: http://www.codeproject.com/KB/library/elf-redirect.aspx

Howto Use Droidsheep - Tutorial Description: This official tutorial for DroidSheep for Android shows how to use DroidSheep to capture sessions in your local network. DroidSheep runs on your Android device and listens to the networks traffic. If it captures a cookie, it shows a list with the cookies and the user can simply use the victims account without knowing his user credentials. Download droidsheep: Droidsheep - Insecure Stuff If u have any problem then contact me on twitter: Twitter Video: http://www.securitytube.net/video/2374

Super, inseamna ca nu e problema daca ti-am sters ultimele cifre (referral) din link nu?

Cred ca acum e --channel in loc de -c. In acel fisier se salveaza pachetele (nu intregi) necesare pentru spargerea parolei. Nici eu nu stiu prea multe in acest domeniu, pune un nume de fisier, pe care sa il tii minte, il vei folosi cu aircrack.

DNS poisoning via Port Exhaustion Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables remote DNS poisoning using Java applets. This vulnerability can be triggered when opening a malicious webpage. A successful exploitation of this vulnerability may lead to disclosure and manipulation of cookies and web pages, disclosure of NTLM credentials and clipboard data of the logged-on user, and even firewall bypass. A vulnerability in multiuser Windows environments which enables local DNS cache poisoning of arbitrary domains. This vulnerability can be triggered by a normal user (i.e. one with non-administrative rights) in order to attack other users of the system. A successful exploitation of this vulnerability may lead to information disclosure, privilege escalation, universal XSS and more. The whitepaper can be found here. http://blog.watchfire.com/files/dnsp_port_exhaustion.pdf A few video demos of our Proof-of-Concept: Attack: Remote DNS poisoning via Java Applets: Cookie theft. Environment: Ubuntu 11.04, Firefox 7.0.1. http://www.youtube.com/watch?v=eSEvFmsw55A Attack: Remote DNS poisoning via Java Apples: NTLM credentials and Clipboard theft. Environment: Windows 2008, Internet Explorer 9. http://www.youtube.com/watch?v=i-Fmk7-pFFA Attack: Remote DNS poisoning via Java Applets: Firewall bypass. Environment: Windows 2008, Firefox 7.0.1. http://www.youtube.com/watch?v=7CFq_pofeBU Attack: Local DNS poisoning via port exhaustion. Environment: Windows 2008. http://www.youtube.com/watch?v=m2GkLL9d68E We would like to thank Oracle and Microsoft for their cooperation. -Roee Hay and Yair Amit Sursa: IBM Rational Application Security Insider: DNS poisoning via Port Exhaustion

JSON-based XSS exploitation October 24, 2011 JSON rendering in Internet Explorer In the world of Web2.0 and mash web applications, security researchers come across more and more XSS vulnerabilities that are reflected in non HTML responses. For example, JSON responses are becoming more and more common, but exploiting XSS vectors in those pages is considered theoretical because browsers pop up the file download dialog instead of rendering the response when the returned content-type is application/json or application/javascript. There are a few known methods to indirectly exploit these issues: 1. Attacking the JSON parsing mechanism: Some applications use JS evaluation functions in order to create an object from the returned JSON content. If the attacker is able to inject, for example, a quote sign, he can break out of the JS string surrounding the value and exploit the XSS through the eval function. For example: "name":"Foo "+alert(/XSS/.source)+"Bar" 2. Waiting for document.write: Some applications will write parts of the data returned in the JSON response to the DOM. An attacker can inject HTML content into the JSON response that will be rendered once the application writes it to the page. For example: "name":"Foo <img src=x onerror=alert(/XSS/.source)>Bar" Although the previous methods will work, they have a few limitations: Not all applications have the logical flow needed in order to exploit these attacks. Some applications use client side filtering that will prevent them from running. After thorough research on alternative ways to exploit these types of vulnerabilities, we have discovered a way to render JSON responses in IE by direct browsing. The way IE decides what content-type will be used for a specific response is as follows: (As discovered by Black-Box research) The suggested (server supplied) content-type is searched for in the windows registry for the corresponding CLSID, in order to find the correct handler for that response. If the suggested content-type is found, IE will consider that to be the final content-type. If the suggested content-type however is not found, IE will attempt to figure out the content-type based on the file extension and other vectors. JSON responses generally use the content-type application/json, the problem is that the default mime type list of Internet Explorer does not include that mime-type, in fact it does not include any JSON mime type whatsoever. Example scenario while browsing to a link which returns JSON content: User browses to http://attacker.com/json.php Internet Explorer searches the windows registry (HKCR\MIME\Database\Content Type\) for the returned content-type (application/json). – Not found. Internet Explorer searches the windows registry (HKCU\Software\Classes\) for the file extension (.php) – Not found. Internet Explorer prompts the file download dialog. From this scenario we can conclude that in cases where the server returns content-types that are unknown to Internet Explorer, the file extension (in addition to other factors not covered here) dictates the final content-type that will be used. In order to force IE to render JSON responses, the file extension in the URL must be set to something that IE consider as text/html (.htm or .html). The way most web servers parse the path from a request is this: The user requests the page http://site.com/html/pages/page.php?id=1 The server starts to search for the requested resource at the pre-defined path of the web server (for example /var/www/) The server searches for the path requested by the user one entity at a time (starting from left). The server finds that /html/pages/page.php is an executable file and stops the search (executable means that the server has some handler that correlates to that file type; in this case the PHP engine). The rest of the path (id=1) is then passed as a parameter (GET) to PHP. Most server side languages (.Net, PHP, Python, Perl…) accept another type of parameter to be passed from the URL: Path-Info. Unlike the GET parameter, in which the delimiter value is the question mark sign (?), path-info uses the slash sign (/) as its delimiter. For example the previous path for page.php can be expanded into having a path-info: http://site.com/html/pages/page.php/user=2?id=1 [scheme]://[domain][path]/[path-info]?[get-query] Once an attacker combines path-info with IE's way of considering content-type values, a wide method of exploiting JSON responses for XSS is achievable. Consider the following scenario: The attacker found a reflected XSS in a web application. When browsing to "http://site.com/page.php?user=bla<img onerror=alert(1) src=x>bla" Internet Explorer pops up the file download dialog (explained in the beginning of this document). The attacker now adds the value ".html" as a path-info to the URL The attacker now browses to: http://site.com/page.php/.html?user=blah<img onerror=alert(1) src=x>blah The server returns the same page (containing XSS) with same content-type (application/json) Internet Explorer searches the windows registry for the application/json content-type and cannot find it. This is the point where Internet Explorer uses the file extension of the URL to determine the content-type of the response, only this time the extension IE sees is .html! Internet Explorer finds the matching content-type for .html files to be text/html, renders the response and fires up the XSS. Impact: Client side, tested successfully on: • Internet Explorer 6 • Internet Explorer 7 • Internet Explorer 8 • Internet Explorer 9 Server side, tested successfully on: • IIS 5.1 (ASPX , PHP) • IIS 6 (ASPX , PHP) • IIS 7.5 (ASPX , PHP) • Apache/2.2.14 (PHP) Remediation: Client side: • The following registry key will add the content-type application/json and a corresponding CLSID [HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/json] "CLSID"="{3050f4d8-98B5-11CF-BB82-00AA00BDCE0B}" Server side: • In order to remediate this issue in the server side, beyond the normally recommended sanitization of user supplied inputs, we recommend turning off support of Path-Info. Sursa: http://blog.watchfire.com/wfblog/2011/10/json-based-xss-exploitation.html

De la serverele la care au obtinut acces. De obicei au un motiv pentru fiecare actiune si de obicei obtin acces total: root.

ASLR Added to Android 4.0 by Dennis Fisher October 24, 2011, 8:36AM The newest version of the Android mobile operating system includes a major security upgrade, the presence of address space layout randomization (ASLR), which gives users some better protection against memory-corruption exploits. The inclusion of ASLR in Android 4.0, also known as "Ice Cream Sandwich", brings the security model of the operating system up a notch in relation to previous versions. Security researchers have criticized Android for its security shortcomings and have said that the security model offered by Apple's iOS is more beneficial for users. The iPhone operating system has included ASLR and data execution protection (DEP) for some time now, and iOS also includes a sandbox to help prevent attackers from moving among various applications once they've compromised a device. ASLR is designed to help prevent certain kinds of attacks by making it more difficult for attackers to know which components will be in which memory locations. The technology randomly arranges the positions of various components of a process, which makes it harder to attacks such as buffer overflows and other memory-corruption techniques to succeed. Both ASLR and DEP have been key technologies in desktop operating systems such as Windows Vista and Windows 7 to help prevent common attack techniques. In addition to the inclusion of ASLR, Android 4.0 also has improved management of user credentials. "Android 4.0 makes it easier for applications to manage authentication and secure sessions. A new keychain API and underlying encrypted storage let applications store and retrieve private keys and their corresponding certificate chains. Any application can use the keychain API to install and store user certificates and CAs securely," the Android 4.0 developer notes say. The new mobile OS also includes an enhanced API for VPNs. "Developers can now build or extend their own VPN solutions on the platform using a new VPN API and underlying secure credential storage. With user permission, applications can configure addresses and routing rules, process outgoing and incoming packets, and establish secure tunnels to a remote server. Enterprises can also take advantage of a standard VPN client built into the platform that provides access to L2TP and IPSec protocols," the notes say. Sursa: ASLR Added to Android 4.0 | threatpost

Da, sunt comunist cand vine vorba de astfel de rahaturi. Nu am comentat nimic la topicuri tehnice, nu am inchis niciunul, nu am dat niciun ban acolo. Dau ban aici, celor ca tine, care nu au ce cauta aici, care spera sa vanda bilete la pariuri si nu sa lucreze in IT.

M-am saturat de discutii despre pariuri, Serban Huidu, recesamant sau alte porcarii. RST nu e locul potrivit pentru asa ceva, nici chiar la offtopic. Desigur, daca e sa ma uit la posturile tale ai doar un post "interesant" la Tutoriale romana: te caci pe el tutorial. inca sunt socat ca ai pus virus scan la un fisier html ))) unul la Prezentari si restul sunt aici, la Offtopic. Practic, conform legilor lui Nytro, esti in plus aici (deocamdata). PS: Se vor limita acest gen de discutii. Daca nu va convine, exista OTV.

Assembly Language Megaprimer for Linux Description In this video series, we will learn the basics of Assembly Language programming on Linux. This will help us in doing reverse engineering and writing exploits in later videos. I will be start from the absolute scratch, so no pre-requisites required. - Assembly Primer For Hackers (Part 1) System Organization - Assembly Primer For Hackers (Part 2) Virtual Memory Organization - Assembly Primer For Hackers (Part 3) Gdb Usage Primer - Assembly Primer For Hackers (Part 4) Hello World - Assembly Primer For Hackers (Part 5) Data Types - Assembly Primer For Hackers (Part 6) Moving Data - Assembly Primer For Hackers (Part 7) Working With Strings - Assembly Primer For Hackers (Part 8) Unconditional Branching - Assembly Primer For Hackers (Part 9) Conditional Branching - Assembly Primer For Hackers (Part 10) Functions - Assembly Primer For Hackers (Part 11) Functions Stack Videos: http://www.securitytube.net/groups?operation=view&groupId=5

Windows Assembly Language Megaprimer Description In this video series, we will learn how to write assembly code for Windows. We will be using the knowledge we gained in the Assembly Language Megaprimer for Linux. - Windows Assembly Language Primer Part 1 (Processor Modes) - Windows Assembly Language Primer For Hackers Part 2 (Protected Mode Assembly) - Windows Assembly Language Primer For Hackers Part 3 (Win32 Asm Using Masm32) - Windows Assembly Language Primer For Hackers Part 4 (Masm Data Types) - Windows Assembly Language Primer For Hackers Part 5 (Procedures) - Windows Assembly Language Primer For Hackers Part 6 (Macros) - Windows Assembly Language Primer For Hackers Part 7 (Program Control Using Jmp) - Windows Assembly Language Primer For Hackers Part 8 (Decision Directives) - Windows Assembly Language Primer For Hackers Part 9 (Loops) Videos: http://www.securitytube.net/groups?operation=view&groupId=6

Exploit Research Megaprimer Description In this video series, we will learn how to program exploits for various vulnerabilities published online. We will also look at how to use various tools and techniques to find Zero Day vulnerabilities in both open and closed source software. - Exploit Research Megaprimer Part 1 Topic Introduction By Vivek - Exploit Research Megaprimer Part 2 Memcpy Buffer Overflow - Exploit Research Megaprimer Part 3 Strcpy Buffer Overflow - Exploit Research Megaprimer Part 4 Minishare Buffer Overflow - Exploit Research Megaprimer Part 5 Freesshd Buffer Overflow - Exploit Research Megaprimer Part 6 Seh Basics - Exploit Research Megaprimer Part 7 Overwrite Seh - Exploit Research Megaprimer Part 8 Exploiting Seh - Exploit Research Megaprimer Part 9 Guest Lecture By Andrew King - Binary Diffing Microsoft Patches Videos: http://www.securitytube.net/groups?operation=view&groupId=7

Inchidem topicul, locul acesta se vrea sa fie pentru cei pasionati de securitatea IT, discutati altundeva despre pariuri. Edit: daca ai facut soft pentru asa ceva, e alta treaba.

Secure Your Wordpress | Tool Explained Wpscan Description: Wordpress is one of the most popular CMS among its entire open source competitor. WordPress has very simple and open framework. It is the most desirable choice of any hacker to start learning hacking with it. Today we will look at tool called wpscan. This tool is vulnerability scanner for any WordPress installation. It will let you know following things 1. Version of the WordPress 2. Known list of information disclosure files (ex. Readme.html) 3. WordPress usernames 4. WordPress Plugin names 5. Bruteforce for password (Password list needs to be generated) Video: http://www.securitytube.net/video/2367

Vezi cum arata link-ul, are nevoie de mici modificari... Ex: Download Security_and_Hacking_Anti_Hacker_Tool_Kit_Second_Edition.chm for free on Filesonic.com

xSQLScanner 1.2 and Mono Version From: Rodrigo Matuck <rodrigomatuck () globo com> Date: Sun, 23 Oct 2011 21:47:25 -0200 Hi everyone I published at my blog a new tool called xSQLScanner. This program allow the user audit MS-SQL and My-SQL servers. Some features: 1 - 6 Vulnerability Audit options; 1.2 - Test for weak password fast; 1.3 - Test for wear/user passwords; 1.4 - Wordlist option; 1.5 5 - Userlist option; 2 - Portscanner 7 - Range IP Address audit and more. Now the good news, i made 2 versions. Windows & Linux. The linux version use the Mono Project, so i compiled mono version to run under Linux (BackTrack 5 - GNOME). Here the instructions to install under linux: 1 - get xsqlscan-mono.tgz - 4shared.com - online file sharing and storage - download 2 - tar -xzvf xsqlscan.tar.gz 3 - cd xsqlscan 4 - ./xsqlscanw 5 - The program will verify if you have Mono Core files. If already have, the application will launcher. 5.1 - Answer 'yes' to download the libs and mono core files 6 - Restart the application typing: ./xsqlscanw 7 - Enjoy. The link for Windows version: xsqlscanner-1.2.zip - 4shared.com - online file sharing and storage - download Remember: any bugs, suggestions please contact me. Regards Sursa: Penetration Testing: xSQLScanner 1.2 and Mono Version

Owned and exposed - Nr. 3 |\___/| -=[ISSUE - NO 3]=- =) ^Y^ (= -=[OF]=- \ ^ / )=*=( ______________________________ __ ____________ _ / \ |.-----.--.--.--.-----.-----.--| | ___ ___ _| || | | || _ | | | | | -__| _ | | . | | . || /| | | |\ ||_____|________|__|__|_____|_____| |__,|_|_|___|| \| | |_|/\ | | | ______ |__//_// ___/ __ | | | .-----.--.--.-----.| |.-----.--\_).--| || | | | | -__|_ _| _ || || ||__ --| -__| _ || | | | |_____|__.__| __|| || ||_____|_____|_____|| |_/ \__________________________|__|___| || |___________________| |______| Featuring... .---. /\ Brought to you by .---. / . \ / \ your Happy Ninjas / . \ |\_/| | | | |\_/| | | | /| | b | | | /| .-----------------------' | | a | .---------------------------' | / .-. | | c | / .-. | | / \ Intro | | k | | / \ The Happy Ninja Faker | | |\_. | St0re.cc | | | | |\_. | Swissfaking.net | |\| | /| El-Basar.biz | | | |\| | /| Vpn24.org | | `---' | | | o | | `---' | | | |------------------' | n | | |----------------------' \ | .---. | c | \ | .---. \ / / . \ | e | \ / / . \ `---' |\_/| | | | `---' |\_/| | | | /| | | | | /| .-----------------------' | | a | .---------------------------' | / .-. | | g | / .-. | | / \ Undercover.su | | a | | / \ Secure-Host.in | | |\_. | k!LLu's Botnet | | i | | |\_. | Unique-Crew.net | |\| | /| | | n | |\| | /| | | `---' | | | | | `---' | | | |------------------' | | | |----------------------' \ | .---. | h | \ | .---. \ / / . \ | e | \ / / . \ `---' |\_/| | | r | `---' |\_/| | | | /| | e | | | /| .-----------------------' | | | .---------------------------' | / .-. | | | / .-. | | / \ Zion-Network.net | | t | | / \ Some leftovers | | |\_. | Hackbase.cc | | o | | |\_. | Outro | |\| | /| | | | |\| | /| | | `---' | | | | | `---' | | | |------------------' | r | | |----------------------' \ | | m | \ | \ / | | \ / `---' | /\ | `---' :\______|/ \|______/: \__0day______0day__/ | /\ | || || || || || || || || | \/ | \____/ (____) First of all, here is the verification of the sha1 hash we published when hba-crew got owned: 49bd4433fff1b04530dcaff1f52fa971ff895871 = sha1(HAPPY_NINJAS_ARE_STAYING_HAPPY_exp03) ,;~;, /\_ ( / (() //) | \\ ,,;;'\ __ _( )m=((((((((((((((========={ Intro }=========------- /' ' '()/~' '.(, | ,;( )|| | ~ Tonight's the night. And it's going to happen, ,;' \ /-(.;, ) again and again. It has to happen. ) / ) / // || We all want to welcome you to a brand new issue )_\ )_\ of Owned and exp0sed! Before we get to the fun part, we'd just like to clarify some things since there has been a lot going on on the internet since our last issue. Movements, as they put it, like Anonymous or the short-lived phenomenon of Lulzsec have gotten an increasingly important topic to media and the public. We want to line out our motivation in contrast to theirs. Anonymous has tried to gain as much media attention as possible by inflicting the most damage possible on big companies and service providers. Similarily, Lulzsec have attacked various websites and published an enormous amount of information. However, while it's their goal to put up pressure on governments and big organizations, it's ours to protect the public from the abysses of the internet. Fraud is our main concern and we intent to contain it as much as possible. While Anon and Lulzsec toss out their stuff within weeks, we take our time to gain access, collect data and aggregate it nicely for you, our readers. This is why there is a substantial time span between our releases. We of course also monitor the German and international fraud scene as it recovers from our attacks; it's hard to stop something that is driven by selfishness, greed and money. We also find it worrying that Anonymous and especially Lulzsec act in what they call "Operation Antisec". The original Antisec Movement was brought to life by actual hackers and targeted full disclosure and the corporate security industry. Publishing gigantic amounts of (corporate) data on the internet does exactly the opposite: It provides the security industry with the attention they need and hence new customers. But let's now look at why we are here today. "Money is the root of all evil" as the proverb has it; and it's why fraud communities do come back after we have owned and exposed them; but as long as they carry on, we do, too. Fraudsters ought to know that they're not safe because we are going to hunt down every single site that is left. We experience the fraud scene scattering wider and wider after every issue we have published; new boards, and with them new admins, emerge out of nowhere. That just shows well again how stubborn fraudsters are as most of them still refuse to accept that they lost their right to exist on the internet. It's particularly frustrating that they don't seem to draw lessons from getting owned again and again. That being said we can just strongly advise you to spend your time on something worthwhile. It's not too late ... Download: http://blog.yakuza112.org/wp-content/uploads/2011/10/exp03.txt

Agnitio Security Code Review Tool v2.1 released OCTOBER 24, 2011 | WRITTEN BY SECURITY NINJA Hi everyone, I wanted to write a blog post today to let you all know that I've released Agnitio v2.1 today. I did plan to release this version a few weeks ago but a combination of life and bugs/last minute feature changes delayed the release, better late than never though! I’ve made a lot of changes for this release so I wanted to make extra sure that everything worked before I released it. Interestingly Agnitio passed all of its QA tests in the first test run but the Data Migration Tool was a different story! The DMT is used to migrate users existing data into the new Agnitio checklist database. It’s probably not the best way to perform an upgrade and it certainly needs some work but for now it works! Agnitio currently puts the new checklist database into the program files directory alongside the other Agnitio files which can cause a bit of problem because of the default file permissions on the Program Files directory. The program files directory in Windows 7 has better (the definition of better requires me look at it as a security professional and not as someone writing code!) default permissions/restrictions than previous versions of Windows I believe which causes a problem when using Agnitio or the DMT as a standard user. The user obviously needs to be able to read data from the checklist database and of course write reviews or changes to the database. I tried a few different approaches to rectifying this and I’ve settled on a solution which probably isn’t ideal but it does mean standard users can use Agnitio on Windows 7. The DMT will need to be run as an administrator to migrate the data but after that administrator privileges aren’t needed anymore. You will need to make a few permission changes regardless of the operating system you are using so please make sure you read the Agnitio v2.1 User Guide (included as part of the installation) before you attempt to use the new version or migrate your data. I’m currently working on a better solution to this with a new contributor so I’d expect to have a nicer solution to this problem when the next version of Agnitio is released! So what’s new in v2.1? I have listed all of the changes in this release below: Windows x64 support (thanks to Steven van der Baan). Decompile Android .apk files so you can analyse the source code and AndroidManifest.xml file. This uses tools like JAD so you will need to have Java installed on your machine to decompile the Android .apk files. C# and Java rules from the OWASP Code Crawler tool imported into the Agnitio database and linked to the relevant checklist questions. New checklist items for mobile application security code reviews. These checklist items were created to address items in the OWASP top 10 mobile risks project that weren’t covered by existing checklist items. Application profiles can now be configured as either “Web” or “Mobile”. This will determine which checklist items from the database are used to create the checklist for the application being reviewed. Create new checklist items. You will be able configure the relevant principle of secure development for the new checklist item as well as deciding whether this is a question for “Web”, “Mobile” or “Both” types of applications. Modify existing checklist items. This was supposed to be included in v2.0 but a last minute change I made at 7am in a Las Vegas hotel room broke this functionality. You can now modify the text, the principle and type columns for questions in the checklist database. I made a lot of small changes in addition to the ones above; I’ve listed some of the more obvious ones below: Only one answer allowed per checklist item (thanks to Steven van der Baan). Fixed a bug on the security code review tab where checklist items with no answers are highlighted in red and never “un-highlighted” (thanks to Steven van der Baan). Added a language checkbox for Objective-C on the profile creation and view profile tabs. Checklists are now sorted by principle and not by the question number. I did have two issues which I couldn’t get fixed but I decided to release v2.1 now because it has already taken longer than I’d planned! The two issues will only affect x64 users and I will make sure they are fixed as part of v2.2: Android .apk decompile functionality will fail to decompile .apk files on Windows x64. Data Migration Tool (for upgrades from v2.0) is not supported on x64 at the moment. You can use the Data Migration Tool on x86 versions of Windows to migrate your v2.0 data. I think I’ve included all of the new features and changes in this blog post so all that’s left for me to do now is give you link to download v2.1: Agnitio v2.1 I have started to plan what will be included in v2.2 but I’ve not started working on it yet. I have a few cool ideas in mind for v2.2 which I think you will all like. I’ve released 5 versions of Agnitio over the past 11 months which has eaten up a lot of my spare time and I don’t really enjoy working on one thing for a long time. I will be taking a couple of weeks away from the project before I start work on v2.2 to rest my poor overworked brain I don’t expect to release v2.2 until sometime after Christmas partly because of the break I’m taking from the project but mainly because of the amount of work that I will need to do to implement the cool changes I want to make! As always I’d love to hear what you think of the latest version of Agnitio so get in touch via Twitter, email or leave a comment on this blog post. SN Download: https://sourceforge.net/projects/agnitiotool/files/v2.1/ Sursa: https://www.securityninja.co.uk/application-security/agnitio-security-code-review-tool-v2-1-released/

Aidsql: Sql Injection Penetration Testing Tool Description: This is a video showing you how to effecitvely audit your website with aidsql. Download aidSQL: aidSQL: A Tools to Find Vulnerable Spots in Website - Insecure Stuff Video: http://www.securitytube.net/video/2370

https://www.google.com/search?hl=en&q=yo%2C+what%27s+my+ip%3F%21