LifeDork

If you’re a fan of metasploit , you might be shocked to read this news ! Metasploit.com was Hacked ! well , I was kinda shocked too when I read the news about this. But What actually happened is Metasploit.com ’s not actually hacked , it was just someone was using an attack on the local area network of Metasploit’s hosting provider , called ARP spoofing . And the attacker had succesfully intercepted visitors to metasploit.com , and served them up with a page saying the site had been hacked !

Here’s the full story :
Read the rest

Just as usual , I started this day by reading hackers webzine (http://www.0×000000.com/) . And What I read today is kinda shocking . Since I’ve been using PhpMyAdmin for years , I have never noticed such big vulnerabilities ever existed on PhpMyAdmin itself . Here’s the full-excerpt that taken from http://www.0×000000.com/?i=587 :
Read the rest

If you’re already familiar with the ExploitMe FireFox add-ons series which are developed by SecurityCompas , you might be interested in this newest add-on which is also the follow-up of the ExploitMe add-ons series , called Access-Me 0.1 ! Here’s the short excerpt that I got from webappsec mailing list :

Security Compass is proud to announce the release of AccessMe, the latest addition to our ExploitMe series of free penetration testing add-ons for Mozilla Firefox.

This preliminary release of AccessMe expands the series with powerful functionality for testing the access control and session management mechanisms of web applications, including:

- Invalid HTTP method attacks
- Bypassing access control using HTTP HEAD
- Session dropping

We’re releasing this tool as open-source under the GPLv3, and hope it will assist penetration testers, QA staff, and developers detect and eliminate common security vulnerabilities in today’s web applications.

Read the rest

If you’re big fans of the biggest hackers database ever , leetupload.com , then you must continue reading this post . As a security enthusiast , you must have known leetupload.com for a long time , just like me. On their website , you will be able to lookup for almost all hacking/security tools ever been developed ! Leetupload.com rocks!

Now Leetupload.com has a ‘bigger’ thing to fulfill your thirsty mind of Security Tutorials , yes , Leetupload.com proudly presents the publication of a new book , which is written by Leetupload.com’s founder , entitled “No Root For You : A Series of Tutorials , Rants and Raves , and Other Random Nuances Therein” !

Read the rest

Computers are an essential part of everyday life.
Weather it is used for school, business or just fun, almost everyone
today has or knows how to use a computer. The majority of people use
Windows based operating systems and the newest operating system to come
from Windows is Windows Vista.

Keeping your computer clean and
running smooth is the best way to increase productivity and decrease
the frustration of having a slow computer when you are working on an
important task. One of the best ways to keep your computer running
great is by cleaning the registry with a Windows Vista Registry cleaner.

Vista certified?
Read the rest

As there are many fake zero days exploits being sold on many underground hacking forum , a lot of buyers get scammed everday.That’s why I want to share this information with you. A valuable information that helps you to find the real ZERO DAYS exploits , hacking tutorials , latest hacking tools , and still many more. Interested ?
Read the rest

I’ve been collecting some list of security source code assessment tools which are built to analyze your codes (C/C++,Java,.NET,PHP,and others) . Hope this list below will help you to choose the best security source code assessment tool for you :

Pmd
URL: http://sourceforge.net/projects/pmd
Java-based static analysis tool
Intended to find correctness and complexity issues, also finds some security issues

Read the rest

When I was reading d0ubl3_h3lix’s security paper about Web Browser Plugins Vulnerabilities , I found out that there’s a Mozilla Firefox extension to prevent the execution of XSS threats that I’ve never tried before (because I only used FireKeeper before ) the extension itself ’s called ‘XSS Warning’ .

The further informations about this Mozilla Firefox Security extension :
Read the rest