I just read about the tool Malheur designed for malware analysis. It looks interesting, I don’t know what other tools like this one are out there (if you know some of them, please leave a comment) but it is worth some minutes to read through their page. After thinking some minutes about their approach using [...]

read full post »

      Tool name : TrueCrypt   Description : TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted drive. On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without [...]

read full post »

      Tool name : Hping   Description : This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. [...]

read full post »

      Name Win32/Blaster/Worm (Lovsan, Lovesan)   Type Spreader, Worm     Author Unknown     Written in C     Description This worm was very active in 2003. It spreaded via an RPC vulnerability and executed a DoS attack on a specific date. It’s a well structured code, easy to read and understand. [...]

read full post »

      Name Win32/ogw0rm   Type Spreader, Worm     Author Unknown     Written in C     Description Ogw0rm is a good example how malware propagates itself via Instant Messaging apps. It checks the process list for running IM applications and propagates itself by sending messages to new victims. It shows how [...]

read full post »

      Tool name : Metasploit Framework     Description : The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework [...]

read full post »

At BlackHat DC 2009 Moxie Marlinspike demonstrated how to subvert HTTPS with SSLStrip. SSLStrip intercepts HTTP traffic, watches for HTTPS links inside the data stream and maps these HTTPS links to HTTP. Whenever a victim clicks on such a mapped HTTPS link SSLStrip will notice it and act as a HTTP2HTTPS proxy server. All the [...]

read full post »

      Tool name : Tor     Description : Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP [...]

read full post »

      Tool name : Ettercap     Description : In case you still thought switched LANs provide much extra security Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering [...]

read full post »

      Tool name : Tcpdump     Description : Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application [...]

read full post »