The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

PenTBox 1.4 – Penetration Testing Security Suite Download PenTBox, a security framework written in Ruby and multiplatform (actually working even on iOS and Android!). Tools & Features (Updated) Technical features - GNU/GPLv3 License. Free in freedom and in price. - Multi-platform (Ruby: GNU/Linux, Windows, Mac OS, *BSD, iOS, Android, …). - Compatible with Ruby and JRuby. - Multithreading (native threads in Ruby >= 1.9 and JRuby). - Doesn't require additional libraries (non standard are included). - Modular (easy to expand and customize). Tools (SVN Version) - Cryptography tools Base64 Encoder & Decoder Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160) Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160) Secure Password Generator - Network tools Net DoS Tester TCP port scanner Honeypot Fuzzer DNS and host gathering - Web HTTP directory bruteforce HTTP common files bruteforce A moderate number of people are using it...

Pakistan Air Force Vulnerable to SQLi By Lionaneesh Vulnerable Link :  https://www.joinpaf.gov.pk/ page.php?pageid='149 Hacked Database :  https://pastebin.com/yNZ4UrNH

70 Indian Websites Hacked By Shadow008 (PakCyberArmy) Hacked Sites :  https://pastebin.com/8weEL5Bx

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

The Underground Cyber Hacking Challenge ! ~~~ Menu of the day ~~~  0x00 - 0p3nH4x #1 2011 - Ezine #1  0x01 - The structure of 0p3nH4x #1 2011  0x02 - About the targets  0x03 - Goals  0x04 - Points system  0x05 - Reporting and Documentation  0x06 - Prizes, biatchez  0x07 - Rules  0x08 - Registrations and information  0x09 - About the idea and final words [ 0x00 - 0p3nH4x #1 2011 - Ezine #1 ] 0p3nH4x is the first of its kind "underground cyber hacking challenge". A challenge by hackers for hackers to test real skills in the field.  We are challenging all hackers no matter if you are black or white "hatted". It's time to prove that your preferred community is not so skid. Through 0p3nH4x we are trying to wake up the scene(or what's left of it) and get it to a new improved "skin" but with the same original concept in the background. Through these ezines we will be "reporting" main events and progress around 0p3nH4...

Gta-SanAndreas & 1342 New WebSites HAckeD By The 077 ( Hamdi HAcker )  Hacked Sites List : https://www.gta-sanandreas.com/downloads/pafiledb.php & https://www.zone-h.org/archive/notifier=The%20077

We are happy to announce that Offensive Security will be sponsoring DerbyCon. DerbyCon is a new hacker conference located in Louisville Kentucky. Our goal is to bring back an old style, community driven hacker con chocked full of amazing talks, live events and all around fun. The idea for DerbyCon was created by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). The goal came from a desire to see more of the old style talks and events of the cons of the past. We spoke to some in the community and our speaker list is already stacked with some of the industry's leading minds and this is even before the call for papers has been issued. We are also happy to announce that DerbyCon's call for papers is going live today, be sure to submit your talk if you have something cutting edge and high-speed. For information on how to submit go to https://www.DerbyCon.com/call-for-papers In addition to some amazing talks there are a number of events scheduled including a ver...

Indian Revolution : Lets know about Anna Hazare ! " The dream of India as a strong nation will not be realised without self-reliant, self-sufficient villages, this can be achieved only through social commitment & involvement of the common man. " - Anna Hazare 1. Who is Anna Hazare? Started his career as a driver in the Army and turned into a social activist. 2. What's so special about him? He built a village Ralegaon Siddhi in Ahamad Nagar district, Maharashtra 3. So what? This village is a self-sustained model village. Energy is produced in the village itself from solar power, biofuel and wind mills. In 1975, it used to be a poverty clad village. Now it is one of the richest village in India. It has become a model for self-sustained, eco-friendly & harmonic village. 4. Ok,...? This guy, Anna Hazare was awarded Padma Bhushan and is a known figure for his social activities. 5. Really, what is he fighting for? He is supporting a cause, the amend...

116 Websites Hacked Hacked Site List :  https://pastebin.com/k7RUYJen

Amul's site is vulnerable to sql injection ! Angel 4k4 4d0r4b13  Found vulnerability on Amul's Websites, whole database is hackable ! Server Info: Host IP:             59.163.170.113 Web Server:       Apache/2.2.11 (Fedora) Powered-by:       PHP/5.2.13 DB Server:          MySQL >=5 Tables of vidya_new: Dummy_maharani Dummy_school School_mst School_mst_0506 School_mst_0708 bldgrp_mst depot_address depot_dist_map depot_mst depot_mst_14072010 depot_mst_29072010 depot_mst_new hoard_image parlour_mst phplist_admin phplist_admin_attribute phplist_admin_task phplist_adminattribute phplist_attachment phplist_attribute phplist_bounce phplist_bounceregex phplist_bounceregex_bounce Hacked Site :  https://www.amul.com/

DRIL : Domain Reverse IP Lookup Tool Download DRIL ( Domain Reverse IP Lookup ) Tool is a Reverse Domain Tool that will really useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which use the Bing API key.DRIL has a simple user friendly which will be helpfull for penetration tester to do there work fast without a mess .this is only tested on linux still , been java it should work on windows to. There are online tools available, But many times due to slow internet connectivity we intend to get frustrated while audits. this tool is small and handy will not consume harddisk space So, its simply an good and fast altenative. How to run DRIL java -jar example java -jar "/home/treasure/DomainReverseIPLookup.jar" and it should open the application Download DRIL

The Social-Engineer Toolkit v1.3.2 , New version Download ! The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. This is the change log: Added a new feature to the SET interactive shell, grabsystem. Will allow you to elevate permissions on victi machine. Does not work on XP SP2 and below. Fixed a bug where if grabsystem was called on with UAC bypass, the UAC-Safe shell would hang Added better error handling of sockets and addresses in the socket handlers in the interactive shell Updated the code base in the shell.binary to add the new grabsystem and add better error handling Added default handling if listener port was nothing, defaults to port 443 now Fixed a bug in how third party handlers responded to certain character sets Slo...

Cain & Abel 4.9.40 released , Download now ! Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Changes in this version: Added Proxy support for Cain's Certificate Collector. Added the ability to specify custom proxy authentication credentials for Certificate Collector. Added ProxyHTTPS Man-in-the-Middle Sniffer (TCP port 8080). HTTP, APR-HTTPS and APR-ProxyHTTPS sniffer filters are now separated. Added progress bar indicator in the off-line capture file function. Bug fixed in ProxyHTTPS Man-in-the-Middle Sniffer parsing "Connection Established" string. Bug fixed in VoIP Sniffer creating MP3 Mono files. Bug fixed in RTP Sniffer processing off-line capture files. Wi...