The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

India's Railway Email System hacked by Pakistan Cyber Army ! The Indian Railway Email System is Hacked by Pakistan Cyber Army (pca), They have taken complete backup of all important mails and user-pass of all email id's . Have a look to the images below as HACK PROOF and thier statement on this Hack attack. Statement By Pakistan Cyber Army : Dear All, Answer to Indian hackers for hacking the server of Pakistan Air Force We are Pakistan Cyber Army (Real PCA is Reality). Many times we told Indian hackers out there from various groups that don’t mess with any Pakistani site or server especially systems from government organizations. We observe another attack on 22nd April 2011 at Pakistan Air Force Server backup server and other 8 machines on the same network. We would like to tell you that Pakistan Cyber Army is looking at each and every move you do on the cyber front of Pakistan. Indian hackers were unable to do anything accept taking screenshot of the serv...

Pangolin v3.2.3 Released, Download Now ! “Pangolin is a penetration testing, SQL Injection test tool on database security. It finds SQL Injection vulnerabitlities.Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user”s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.” This is the updated change log: Speed up in fast mode when MySQL database later than 4.x. Speed up when dump Microsoft SQL Server 2005/2008 database. Enhance the injection ability of Informix database. Add feature to manual keywords selection. Fix the bug dump data incomplete in byte-by-byte mode. Enhance the ability in...

Albanian Ministry of Justice Exploited by ATH-Cr3w ATH-Cr3w Hack into Albanian Ministry of Justice's Website and Extract Database + Do Admin access. They Upload data here :  http://pastebin.com/y4nDWBVt

The Social-Engineer Toolkit v1.3.5 Released ! “The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.” This is the official change log: Fixed a bug where create payload and listener wouldn’t work for the new SET interactive shell or RATTE Updated the SET User Manual for version 1.3.5 Fixed the core.log(error) core library to properly log potential errors within SET Updated the SET interactive listener to hold over nearly unlimited connections versus the 30 it was initially limited to Turned the Java Repeater off by default, still a bit buggy, feel free to turn on if you want it Added an automatic selection for the Sun Java Applet2ClassLoader Remote Code Execution to select java meterpreter since it is specific to the java meterpret...

Infondlinux - Security tools install script for Ubuntu ! infondlinux is a post configuration script for Ubuntu Linux. It installs useful security tools and firefox addons. Tools installed by script are listed at the beginning of source code. # download: $ wget http://infondlinux.googlecode.com/svn/trunk/infondlinux.sh # install: $ sudo infondlinux.sh Pakages : # debian packages # - imagemagick # - vim # - less # - gimp # - build-essential # - wipe # - xchat # - pidgin # - vlc # - nautilus-open-terminal # - nmap # - zenmap # - sun-java6-plugin et jre et jdk # - bluefish # - flash-plugin-nonfree # - aircrack-ng # - wireshark # - ruby # - ascii # - webhttrack # - socat # - nasm # - w3af # - subversion # - wireshark # - mercurial # - libopenssl-ruby # - ruby-gnome2 # - traceroute # - filezilla # - gnupg # - rubygems # - php5 # - libapache2-mod-php5 # - mysql-server # - php5-mysql # - phpmyadmin # - extract # - p0f # - spikeproxy # - ettercap # - dsniff : # * arpsp...