Comment La CIA A Falsifié Des Certificats Électroniques

Wikileaks, le site fondé par Julian Assange, a une nouvelle fois frappé contre la CIA et ses techniques d’espionnage informatique. Après le Vault 7 qui a dévoilé diverses techniques et malwares utilisés par les agences du gouvernement américain, les premières révélations du Vault 8 expliquent comment la CIA a pu falsifier des certificats de sécurité pour faire…

Point Technique Radware Sur L’opération OpCatalonia Par Les Anonymous

Les Anonymous s’engagent pour l’indépendance catalane. OpCatalonia est une nouvelle opération ayant un impact sur les entreprises en Espagne, avec des implications potentiellement plus larges dans toute l’Europe.   Radware partage aujourd’hui un point technique sur le développement de cette nouvelle menace : Le climat politique qui anime cette nouvelle campagne Les organismes gouvernementaux et les…

unCAPTCHA Breaks 450 ReCAPTCHAs in Under 6 Seconds

unCAPTCHA is the name of a new automated system designed by a team of four computer science experts from the University of Maryland (UM) that can break Google’s reCAPTCHA challenges with an accuracy of 85%. The system doesn’t target reCAPTCHA’s image-based challenges, but the audio version that Google added so people with disabilities can solve…

LOWER THE INTERNET WITH MILLION-DEVICE MIRAI BOTNET

Hackers have compromised the security of more than a million internet-connected devices and transformed them into a massive botnet that could take down the internet, researchers have warned. Botnets make use of security vulnerabilities in web-connected devices such as smart fridges, thermostats and webcams in order to perform distributed denial of service (DDoS) attacks (overloading…

BruteX

Automatically brute force all services Including: Open ports DNS domains Web files Web directories Usernames Passwords   Dependencies: NMap Hydra Wfuzz SNMPWalk DNSDict       Download: git clone https://github.com/1N3/BruteX.git Usage: ./brutex target To brute force multiple hosts, use brutex-massscan and include the IP’s/hostnames to scan in the targets.txt file.  

PenBox – A Penetration Testing Framework

A Penetration Testing Framework , The Hacker’s Repo our hope is in the last version we will have evry script that a hacker needs Information Gathering : nmap Setoolkit Port Scanning Host To IP wordpress user enumeration CMS scanner XSStracer – checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection…

Python-based CLI Password Analyser

The ‘pwdlyser’ tool is a Python-based CLI script that automates the arduous process of manually reviewing cracked passwords during password audits following security assessments or penetration tests. There are likely some false positives/negatives, so please use at your own discretion.

ssh_scan

Key Benefits Minimal Dependancies – Uses native Ruby and BinData to do its work, no heavy dependancies. Not Just a Script – Implementation is portable for use in another project or for automation of tasks. Simple – Just point ssh_scan at an SSH service and get a JSON report of what it supports and its…