Posted in InfoSec, tools on September 24, 2008 | No Comments »
After reading a news at detikinet.com mentioning about a phishing website, I try to access the site mentioned. Instead of getting the fake website, I was getting the following Reported Web Forgery message :
Luckily I am using Mozilla Firefox 3.0.
Oh before I forget, here is the Firefox 3.0 security setting (it’s a default [...]
Posted in tools on March 5, 2008 | No Comments »
On Feb 12, 2008, TrueCrypt version 5.0a has been released. It has several fixes for the previous version, TrueCrypt 5.0. I don’t notice TrueCrypt latest release because I don’t check Internet regularly anymore.
Several features that I found very interesting in TrueCrypt version 5.0 are :
It has GUI for the Linux version
XTS mode of operations
Ability to [...]
Posted in tools on November 29, 2007 | No Comments »
Yesterday, my friend gave me a link to Fortress (http://www.steve.org.uk/Software/Fortress/).
Fortress is A simple script-based security scanner, using the LUA scripting engine for the writing of tests.
I then take a look at it and it’s quite interesting. Before I can play with it I have to install Lua first.
The Lua version provided by my distro is [...]
Posted in hacks, tools on March 26, 2007 | No Comments »
On March 19, 2007, TrueCrypt version 4.3 is released. There are many new features, improvements and bug fixes in this release, so I think it is the time to upgrade my installation.
I downloaded the TrueCrypt package, but they only provide for OpenSUSE 10.2 system. Last time I used the RPM version, it complained about kernel [...]
Posted in tools on March 26, 2007 | No Comments »
Researchers at Oxford have built an x86 emulator that runs purely on Java, making it ideal for security researchers who want to analyze and archive viruses, host honeypots and defend themselves against buggy or malicious software without hosing their machines. The JPC also emulates a host of other environments, giving technophiles the ability to play [...]
Posted in tools on March 6, 2007 | No Comments »
David Maynor from Errata Security has just released a tool called Ferret for data seepage at BlackHat DC 2007.
According to the Ferret’s page, data seepage are bits of benign data that people willingly broadcast to the world (as opposed to “leakage”, which is data people want to hide from the world).
Examples of data seepage is [...]
Posted in tools on March 1, 2007 | No Comments »
If you want to learn security by doing the actual “hacking”, there is a good news for you.
Thorsten Schneider of the International Institute for Training, Assessment, and Certification (IITAC) and Secure Software Engineering (S²e) in cooperation with Kryshaam from the French Reverse Engineering Team has released Damn Vulnerable Linux (DVL).
Here is the description about DVL [...]
Posted in tools on March 1, 2007 | No Comments »
pdp has designed a new tool to steal browser history, it’s called Noscript HScan. The interesting thing about this tool is it doesn’t need Javascript to be turn-on.
Up until now we thought that by disabling Javascript, we’ll be safe. But apparently, that’s no longer sufficient, now we need to disable CSS too.
Posted in tools on February 23, 2007 | No Comments »
Tenable has released Nessus 3.1.2 for Linux, FreeBSD and Solaris which is a beta version of the upcoming Nessus 3.2.
Nessus 3.2 contains the following new features :
- Experimental IPv6 support- Improved bandwidth throttling- Extended nessusd.rules to add support for ports and plugins- New command ‘nessuscmd’ which lets you do a quick command-line scan- Improved [...]
Posted in tools on February 12, 2007 | No Comments »
Feature Overview :
Detects insecure versions of applications installed
Verifies that all Microsoft patches are applied
Assists you in updating your system and applications
Runs through your browser. No installation or download is required.
The Secunia Software Inspector covers the most common/popular end user applications:
Internet browsers
Internet browser plugins
Instant messaging clients
Email clients
Media players
Operating systems
You can find it here.
