Hash Detector Tool

Since 2009 when I wrote: “The string Decoding Process” (published by hakin9 magazine) I use crafted tools to automatically decode strings (some of them have been published on this blog). Decoding strings results pretty hard especially nowadays where many encoding algorithms are commonly used over planty “daily life tools”. Understanding what encoding we are facing […]

Read more "Hash Detector Tool"

ZeuS Evolution: it’s time for P2P and RSA.

Today another “Hack Note” on my blog to point you out to a great analysis of ZeuS evolutions. I definitely suggest the reading titled “ZeuS-P2P” by Cert Polska because, in my personal opinion, it describes one of the most important evolutions of a “bot kit” happened so far: the distribution of the Command aNd Control […]

Read more "ZeuS Evolution: it’s time for P2P and RSA."

Internet Explorer CSS 0Day. Exploit released.

Hi folks, yes even on my notes the new Internet Explorer (on windows 7) 0Day. It’s a nice piece of work. Internet Explorer CSS 0day on Windows 7 What let me astonished is the exploit release which came before the Microsoft patch. Here the exploit is: #!/usr/bin/env ruby # Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/# Author: Nephi Johnson (d0c_s4vage) […]

Read more "Internet Explorer CSS 0Day. Exploit released."

HttpBee. An interesting project.

HTTPBee is a swiss-army-knife tool for web application hacking testing. Multi-threaded high-performance tool with a scripting engine and agent-like behavior support. The way httpbee’s scripting engine is implemented is relevant to httpbee architecture itself. Httpbee maintains a pool of threads that it uses for parallel task execution. Therefore execution of httpbee scripts is not linear. […]

Read more "HttpBee. An interesting project."