The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

AnDOSid the DOS tool for Android A new product released by SCOTT HERBERT  for Android mobile phones,Its  AnDOSid  - the DOS tool for Android Phones. The rise of groups like Anonymous and LuzSec, as well as constant India / Pakistan cyberwar has raised the issue of cyber-security high(er) in the minds of web owners. Pentesting tools exist to simulate such attacks and help website security people defend against them, however for the most part they currently only exist for desktop computers. Mobile phones have, over the last few years, grown from simple devices that send and receive calls to mobile computing platforms which can be purchased for less than $100 a device. AnDOSid fills that gap, allowing security professionals to simulate a DOS attack (An http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.  AnDOSid is actively being developed and I welcome feedback from the security community as to how you would ...

XCode SQLi/LFI/XSS and Webshell Scanning tool XCode Exploit – Vulnurable & webshell Scanner help you to gather the dorks Link from Google. then you may check the results if its Vulnurable to exploit with SQL injection commands, LFI,and XSS. And You may hunt the webshells those uploaded. Download Here [ Source ]

Iranian Man-in-the-Middle Attack Against Google certificate Recently discovered attempts of an SSL man-in-the-middle attack against Google users - spotted by a number of Iranian Internet users - have revealed that Dutch Certificate Authority DigiNotar has issued an SSL certificate for all *.google.com domains. What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months. " This is a wildcard for any of the Google domains ," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday. " [Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials ," said Andrew Storms, director of security operations at nCircle Security. As the problems with the ...

South Korean domain registrar Gabia hacked,100000 domains and 350000 users data exposed ! Gabia a South Korean domain registrar was hacked on Saturday, affecting the online connection with 100,000 registered domains, according to a report Monday by the Korea Herald. This hack exposing over 100,000 domains and 350,000 users data. The information included names, user IDS, passwords and registration numbers.The website of HSBC Korea was also hacked, paralysing it for over an hour leaving customers unable to access their online banking. There have been 6,000 hacking incidents reported to the state-run Korea Internet Security Agency this year, according to the report. The hacker, known as ‘ TG ’ defaced pages with their Twitter account and picture. It is thought in some cases, data may have been stolen and widespread disruption to services caused. South Korea has suffered many hacks as of late with many concerned at the security of one of the world’s most Internet-connected c...

XSS Vulnerability in MSN.com XSS Vulnerability (Cross Site Scripting) in MSN discovered by TeamDX  . Vulnerable Link  is also shown in image.  Last week One of the Security Researcher "Juan Sacco (runlvl)" - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine.

A Security expert at Italian security firm AIR Sicurezza Informatica has claimed that Google's servers vulnerability allows a hacker to exploit the search giant's bandwidth to launch a distributed denial-of-service (DDoS) attack on any targeted server. On the IHTeam Security Blog , the author of the discovery demonstrates users can make Google's servers act as a proxy to fetch content on their behalf.  Quatrini has written a shell script that will repeatedly prompt Google's servers to make requests to a site of the attacker's choice, effectively using Google's bandwidth rather than their own, in an effort to prevent it from functioning. The advantage of using Google and make requests through their servers, is to be even more anonymous when you attack some site ( TOR+This method ) and the funny thing is that apache will log Google IP addresses. But beware: gadgets/proxy? will send your ip in apache log, if you want to attack, you'll need ...

Hacking a Facebook Account using Facebook Many of us know that phishing is also a trick to hack a facebook and session hijicking but hacker can do both at a same time. This vulnerability was happened on Facebook (static FBML) .Example here  . Here you can get that Facebook FBML script :  http://pastebin.com/REmvjkRN What user will do ?? 1. Checks for the URL. 2. Checks for which year the page was create. Is it easy to fool the people? Yes, by creating a new page in facebook in such way that user has to beliveness. How its work?? 1.Once the user clicks the link the session(cookies) where stolen by the hacker using That he can login any users account without a username and password 2. usually the users will check for the URL once it was known 1 they can enterning a userename and password. 3.After hitting the button Test your Password , Page will reflect a Thankyou Msg and it will popup with a paswd Rank 4. Check ur email spam there must a email on this and ...

19 years old iPhone hacker Nicholas Allegra (comex) joins Apple 19 years old iOS hacker Nicholas Allegra, better known online as comex, has taken up an internship position at Apple, the company whose devices he has helped jailbreak for the past several years. Comex is most well known for building the one click iPhone jailbreaking site JailBreakMe.Com . This allows iPhone users to simply visit the site and click “install” to jailBreak and install Cydia . Allegra tweeted the news on Thursday, saying that he’d been pretty bored lately and that he’ll start at Apple in two weeks. Jailbreakers say that they want to have more control over their phones, and programs like those Comex produces help iPhone users circumvent some of the strictures of Apple’s iOS system. The programs also can cause security issues if programmers with more sinister intentions use them. From that angle, it’s a great idea for Apple to take Comex on board. He definitely knows the holes in Apple’s systems a...

Morto Worm spreading via Remote Desktop Protocol Organizations large and small often make use of Remote Desktop or Terminal Services to remotely connect to Windows computers over the Internet and internally. These tools use Microsoft’s RDP protocol to allow the user to operate the remote system almost as if sitting in front of it. Such capabilities are helpful for not only legitimate users, but also for attackers. F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post. The emergence of this worm correlates with the increased volumes of TCP port 3389 traffic, reported by SANS Internet Storm Center a few days prior to the F-Secure report: The propagation approach employed by “ Morto ” is often used by penetration testers and human at...

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active security policies by performing penetration tests across their infrastructure and applications. This is a partial list of the major changes implanted in version 2.7 - Available targets now has a submenu under right-click button - Check update function added in order to verify current version - Threading support for GET request - Module log added and functional - Sniffer support added - 50 Remote exploits added - Project saved on userland - Application Data special folder - Executed module windows added and functionality for it - AgentConnect now use telnetlib DOWNLOAD INSECT Pro 2.7

Orange.fr hacked, Database and site source code leaked Anonymous Hacker Hack Orange.Fr and upload the database and Site source code backup on file sharing site. Data leaked on twitter. Orange is the brand used by France Télécom for its mobile network operator and Internet service provider subsidiaries. It is the fifth largest telecom operator in the world, with 210 million customers as of 2010. The brand was created in 1994 for Hutchison Telecom's UK mobile phone network, which was acquired by France Télécom in August 2000. In 2006, the company's ISP operations, previously Wanadoo, were also rebranded Orange. Orange is now the unique commercial façade of almost all France Telecom services. Orange France was incorporated in 2005 and has its headquarters in Arcueil, France. Today UK Police has Charge another alleged Anonymous member in Hacking Cases. A student has been charged with involvement in cyber attacks by the hacking group Anonymous against companies that wi...

UK Police Charge another alleged Anonymous member in Hacking Cases A student has been charged with involvement in cyber attacks by the hacking group Anonymous against companies that withdrew online payment services from WikiLeaks. Peter David Gibson, from Hartlepool, will appear before magistrates at Westminster magistrates court in London on 7 September, accused of conspiracy to do an unauthorised act in relation to a computer, Scotland Yard said. Mr. Gibson had been arrested this year along with five others by officers investigating denial-of-service attacks against several companies, the police said. Gibson has been charged with conspiracy to "do an unauthorised act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data," said the Metropolitan police. That is contrary to Section 1(1) of the Crimina...

Borlas.net 14800 Users logins, phone number & Emails Leaked by Division Crew  Division Hackers Crew hack the Database of Borlas.net (Free SMS Site) . Hackers leak the usernames, Passwords, emails and phone numbers of 14800 registered users. Leaked database posted on pastenbin : Part 1: http://pastebin.com/FiKMehCj Part 2: http://pastebin.com/fDKi2iJG Part 3: http://pastebin.com/4z6SjB7p

32 Israel websites defaced by SbZ-GHoST TeaM Tunisia Hackers SbZ-GHoST TeaM Tunisia Hackers today hack into 32 Israel websites and deface them with their message. List of hacked sites posted on pastebin .

Killapache: DDOS tool - Half of the Internet is vulnerable now ! The Apache Software Foundation has announced a denial-of-service vulnerability that affects all versions of the ubiquitous Apache web server, leaving up to 65% of all websites vulnerable. A unknown flaw in the code for processing byte range headers allows versions 2.2.x of the Apache Web Server to be crippled from a single PC. A suitable “ Apache Killer ” Perl script that impressively demonstrates the problem. How does killapache DDOS tool work? killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating mul...

Apple Website Hacked by HodLuM One of the Apple Sub-Domain claimed to be Defaced By HodLuM as shown above. The Deface Link is just an IMAGE uploaded to Apple domain. Hacker use " N00BZ " word for all Hacker including Anonymous , Lulzsec, Turkish hackers, Inj3t0rs and Exploit-DB's. AOL Postmaster Website was also got hacked by HODLUM some months before.

MTPuTTY 1.0 Beta - Multi-Tabbed PuTTY Released MTPuTTY (Multi-tabbed PuTTY) helps you to manage different PuTTY connections in one tabbed GUI interface. Every PuTTY connection runs in a separate tab and you can switch between PuTTYs as easy as you switch between opened pages in web browsers. When you need, you can detach PuTTY window from tab and convert it back into normal PuTTY application. MTPuTTY Features All PuTTY features Supports all PuTTY protocols - SSH, Telnet, Rlogin, Raw. Supports PuTTY session. You can control and change PuTTY command line parameters. You can run PuTTY configuration from within the program. Automation :  Can automatically login the remote servers and "type" your passwords. Can run any script after login. Can "type" a script in several PuTTY tabs simultaneously. Easy to use :  Clear tabbed user interface. Servers are grouped in a sidebar. Taskbar to quick access to basic program tasks. Any PuTTY tab can be detached and converte...

Philippine Nuclear Research Institute (PNRI) Hacked by PrivateX PrivateX hackers defaced the website of the Philippine Nuclear Research Institute (PNRI) and left a message accusing another government agency of corruption. The " PrivateX " group redirected visitors to the PNRI website to a custom Pastehtml page featuring its logo. PNRI website was hacked to support President Benigno Aquino III and his State of the Nation Address (SONA). Message By Hackers : Message : LTO REGION 7 & Operations OFFICE MAGNANAKAW KURAKOT (Land Transportation Office Region 7 and Operations Office, thieves)!!!!" it said in its latest cyberattack.Nothing was harmed except your integrity... Corruption, lack of education, and lack of opportunity. [ Source ]

Rankmyhack got hacked by HaxOr Rankmyhack.com got hacked by " HaxOr ". Rankmyhack.com is a website, lets hackers submit and rate each others hacks in order to determine the world's best hacker. According to the New York Times , the site has picked up at least 700 members since it launched at the end of July. The bounty section of this site was created in an attempt to focus the abilities of talented hackers against political and government forces that need to be put back in line. Hax0r hack and upload a text file on server as shown. Message written in page " Greetz to all members of Team INTRA...Secure your shit! ". We ( THN ) check " Upload " folder on FTP of same site, which list all image files uploaded there. One of the Image file with name " jodete.jpg " is supposed to be PHP SHELL uploaded by Hacker for Hacking attempt. UPDATE :  Rankmyhack.com Server also got hacked by T H E N 4 7 7 :  http://pastebin.com/bq8xJPMn

CSLSecurity Hacked by TeaMp0isoN CSL Security hacked by TeaMp0isoN . CSL Security claim to be " New LulzSec " type hacking Group. Their goal is to show that most of the important websites are vulnerable,They claim to show that any system can be compromised, nothing is secure. They Hit Sites, generally hack the Govt sites. Hacked site :  http://www.cslsecurity.com/ Mirror of hack :  http://zone-h.org/mirror/id/14799769

Steve Jobs Resigns as Apple CEO Steve Jobs has resigned as chief executive officer of Apple (AAPL). The company has promoted chief operating officer Tim Cook to the position of CEO and said that Cook will join the company's board of directors. Jobs will become Apple's chairman. Here is a copy of Jobs' resignation letter: To the Apple Board of Directors and the Apple Community: I have always said if there ever came a day when I could no longer meet my duties and expectations as Apple''s CEO, I would be the first to let you know. Unfortunately, that day has come. I hereby resign as CEO of Apple. I would like to serve, if the Board sees fit, as Chairman of the Board, director and Apple employee. As far as my successor goes, I strongly recommend that we execute our succession plan and name Tim Cook as CEO of Apple. I believe Apple''s brightest and most innovative days are ahead of it. And I look forward to watching and contributing to its success in a n...

# Anonymous Leaks Nude Pics of # BART Spokesman A member of Anonymous has set up a blog (NSFW) exposing BART spokesman Linton Johnson's, uh, Johnson. The blog shows a couple photos (CAUTION: photos contain nudity) of Johnson cavorting at an outdoor party, pulling down his pants and revealing his dong. Also the message: " If you are going to be a dick to the public, then I'm sure you dont mind showing your dick to the public… " Linton became an Anonymous target after he revealed that he was the one who came up with the idea to shut down cell service at BART stations to prevent protests earlier this month over the shooting death of a homeless man at the hands of BART Police.

Cyber war against Israel have taken very dangerous turn The Cyber war between Egypt and Israel have taken very dangerous turn by setting normal internet users as target for botnet attacks. Since week ago some Egyptian hackers attacked so many Israeli's gov communities and organizations on the internet. Israeli prime minister Netanyahus for example . But yet it wasn't very scary attacks level , as it was far from the normal computer users. In Sudden escalation for the attack level , an Egyptian group launched computer worm which infected about 50000 personal computer in Israel and united states. Despite of my virtual machine security level , it was also infected by the same worm. I (Reuben Rayner) didn't notice that am infected till the attackers launched an exe file which viewed message in the full screen mode. Quits of the attackers message  they started with the word "Anti-Zionism"  " If u can see this message this mean that u either from israel o...

Egyptian Consulate in United Kingdom Defaced Cocain hackers Cocain Hacker deface the website of  Egyptian Consulate in United Kingdom. Mirror of hacked site is available on Zone-H .

Knock v1.5  - Subdomain Scanner , allows to bypass wildcard Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text. Usage $ python knock.py <option> <url> Rapid Scan Scanning with internal wordlist: $ python knock.py <url> Scanning with external wordlist: $ python knock.py <url> <wordlist> Options -zt Zone Transfer discovery: $ python knock.py -zt <url> -dns Dns resolver: $ python knock.py -dns <url> -wc Wildcard testing: $ python knock.py ...

Thehacker12 Dumps Logins for 20,000 Customers and U.S. Employees ThEhAcKeR12  has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors. Hacker posted an Excel spreadsheet containing login credentials and personal information for 20,000 people obtained from allianceforbiz.com . Allianceforbiz.com is a professional trade show management company that manages conferences, meetings and trade shows for customers, according to the company Website. The list has been made public on Pastebin and Mediafire and a message posted on Twitter: " 20,000 email-passwords had been leaked consisting mostly of US Mill Army, Govern. & corporate giants ." The spreadsheet contains usernames, passwords, e-mail addresses. company name. The file also contained 17,668 company names, of which 14,739 were unique, and most had only one e-mail address associated with ...

German Gema website hacked by Anonymous Hackers The GEMA website was hacked by Anonymous. Here is a screenshot who was circulating now the whole web presence disappeared. Whoever wants to playback or perform music in public in Germany will become, as a rule by doing this, a customer of GEMA. GEMA (Society for musical performing and mechanical reproduction rights) is a performance rights organization from Germany. It is the only institution in Germany. GEMA represents some 60,000 composers, authors and music publishers and the rights of more than a million copyright owners internationally whose works are used in Germany.

XSS vulnerability in Bing.com Maps One of the Security Researcher " Juan Sacco (runlvl) " - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine. BING.COM is prone to a XSS vulnerability because the application failsto properly perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in thevictim's browser. Details : The reflected XSS vulnerability is a variant of a cross-site scriptingflaw: it occurs when the data provided by the attacker is exectued bythe browser, and then displayed on "normal" pages returned to otherusers in the course of regular browsing, without proper HTML escaping. Aclassic example of this is with online message boards where users areallowed to post HTML formatted messages for other users to read. Vulnerable Link

Android Trojan GingerMaster  Uses Gingerbread Root Exploit As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by Android 2.3.3 Gingerbread, giving the hacker the ability to take complete control of the smartphone remotely. According to Assistant Professor Xuxian Jiang from the NCSU Department of Computer Science, the new threat, which his team has dubbed GingerMaster, is the first malware to use the root exploit for Android 2.3. " As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software, " he writes . Once the GingerMaster malware is installed and has root privileges, it then reaches out to a remote command-and-control server and asks for instr...

Automated HTTPS Vulnerability Testing by Qualys SSL Labs One of main problem in HTTP protocol is encrypting traffic and verifying data security, securing the web application against any threat is very important especially that if hackers conduct a Man-in the middle attack he can get all users information while data are transferred in a clear text form. HTTPS is a combination of the HTTP with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions, social network websites and for sensitive transactions in corporate information systems. HTTPS is a huge step forward for website user’s safety, but it can also be a huge challenge for the security teams, here we need to test our server to be sure that our users and customers are secure for this purposes we can use Qualys SSL server test SSL Server Test is a free online service that performs a deep analysis of the configuration of ...

F-Secure : Chinese Government Launching Online Attacks According to F-Secure Chinese military documentary shows footage of gov't systems launching attacks against US target. China is often blamed for launching online attacks, but the evidence is almost always circumstantial. Many of the targeted espionage Trojans seem to come from China, but we can't actually prove it. However, some new evidence has just surfaced. On 17th of July, a military documentary program titled "Military Technology: Internet Storm is Coming" was published on the Government-run TV channel CCTV 7, Millitary and Agriculture (at military.cntv.cn ). The program seems to be a fairly standard 20-minute TV documentary about the potential and risks of cyber warfare. However, while they are speaking about theory, they actually show camera footage of Chinese government systems launching attacks against a U.S. target. This is highly unusual. The most likely explanation is that this footage ended ...

Turkish government website Hacked by kurdish hacker for bombarding Kurdistan Regions Today a kurdish hacker " Mn Peshmargem " deface the website of  Turkish government for protest against the bombarding done by the Turkish Military planes in Kurdistan Regions. Message Posted by Hacker : Fuck racism Turkish, fuck acursed Ataturk, fuck you Turkish the fad ended of the Mongolians wait for your non honored soldiers, that they are embarrassed in front of a Peshmarga like me. If a Kurd die, 100 honorless Turks must go to hell afterwards. You coward Turks are always honorless and lost in front of a Peshmarga like me in the battle fronts. Do you want to hide your honorlessness and cowardice by bombing the mountains in Kurdistan??? Be sure that you must pay back a debt for bombing the mountains in Kurdistan. Fuck the honorless Turks, viva Kurds and Kurdistan, viva Peshmarga.

Kathmandu Metropolitan City website database hacked by  T34mT!g3R Hackers of Team "T34mT!g3R" today expose the SQL injection Vulnerability in Kathmandu Metropolitan City website and extract the database of site. Hacker post the Database info and  Vulnerable  Link   at pastebin .

Uniscan 4.0 vulnerability scanner Released The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 (GPL 3). The Uniscan was developed using the Perl programming language to be easier to work with text, has an easy to use regular expressions and is also multi-threaded. Uniscan Features Identification of system pages through a Web Crawler. Use of threads in the crawler. Control the maximum number of requests the crawler. Control of variation of system pages identified by Web Crawler. Control of file extensions that are ignored. Test of pages found via the GET method. Test the forms found via the POST method. Support for SSL requests (HTTPS). Proxy support. Official Change Log : - Uniscan is now Modularized. - Added directory checks. - Added file checks. - Added PUT method enabled check. - Bug fix in crawler when found ../ directory. - Crawle...

Metropolitan UK Police hacked for #Antisec by  CSL Security  using SQL injection Vulnerability One of the Anonymous Hacker " CSL Security " expose SQL Injection Vulnerability  in Metropolitan UK Police website via Twitter . He posted the stuff on Pastebin .  Vulnerable link is also posted by hacker. Where as no data has been published or leaked by Anonymous hackers yet. Yesterday  Danish Government database of 1,000,000 companies private info leaked by Hackers for Antisec Operation. Last week for OpBart - BART Police database hacked by Anonymous also.

Call for Papers from DefCon Chennai (DC602028) Background: We are the Official DEF-CON Chennai Group [DC602028] The Event is taking place on 11th September 2011 at a resort in ECR Road Chennai,India. We will be having a Private conference room for the meet. Regarding Paper Submission We require uniqueness when it comes to Paper submission for DEF-CON Chennai DC602028. Uniqueness as Follows: -> Papers can be on your own research with proof of concept. -> Paper should be of current subject and not more than 1 year old. -> Topics of interest includes everything related to Security. -> Topics related to mobile security or Anroid Security . -> Any new methods of hacking or any 0day/tool disclosure Some of the Sample Topics = New threats faced by Corporate = Threats faced by Normal user from a Malicious person = Mobile security and Mobile Application = Denial of Service attack = Cyber laws = Forensics = Webapp Vulnerabilities = Online Fraud and Soci...

Nokia website Hacked by pr0tect0r AKA mrNRG NOKIA , One of the biggest Telecommunications Internet Computer software Company Website hacked by Indian Hacker " pr0tect0r AKA mrNRG " . He Deface the developer.nokia.com  sub-domain of NOKIA and also Redirect Another page to Custom Created Page . Hacker wrote " LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!! ". Mirror of Hack is also Available on Zone-h . One week before , Pakistan one of the biggest forum  Defence.pk  was also Hacked by pr0tect0r A.K.A. mrNRG in occasion of Independence Day. Nokia Official Statement : During our ongoing investigation of the incident we have discovered that a database table containing developer forum members’ email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injecti...

OWASP Zed Attack Proxy (ZAP) v.1.3.2 Released The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. Some of ZAP's features: Intercepting Proxy Automated scanner Passive scanner Brute Force scanner Spider Fuzzer Port scanner Dynamic SSL certificates API Beanshell integration Download and Details

Israeli Prime Minister Netanyahu ’s Website Defaced by Egyptian Hacker An Egyptian hacker managed on Sunday to hack into the website of Israeli Prime Minister, Benjamin Netanyahu, and placed a picture of Egyptian soldiers raising the Egyptian flag in Sinai during the October, 6, 1973, on the sites’ homepage. The hacker who managed to penetrate the webpage of Netanyahu wrote “ Anti Zionism ”; the site was then gradually taken offline. The hack is seen as a symbolic message to Netanyahu regarding the ongoing Israeli military escalation, and illegal occupation of Palestine and Arab territory. The hacker also wrote “ Egypt is the greatest civilization, established more than 7000 years ago, but the terrorist state of Israel stole the Palestinian lands, and killed children ”. The hacker said, “ Do you know that Israel was established on paper in 1948! Before Egypt installed its railways, do you know that you, and your state, are nothing, nothing, nothing ”, and added, “ I know...