The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook ( Security Ninja ) at BruCON 2011 in Belgium. You can Download Slide from here . Required for the Agnitio hands on demos: A 32bit Windows Operating System (XP or 7 preferably – VM will be fine) .NET framework 3.5 installed Agnitio v2.0 installed Download the Pandemobium Android and iOS source code Download the selected vulnerable open source application Optional In addition to the list above the following things are optional depending on how hands on you want to be: Internet connection to download an application from the Android market place Eclipse IDE installed Android SDK installed Android Debug Bridge (adb) installed, this should be installed as part of the SDK install An AVD configured with the Android market place app installed (instructions here) I think you can also use a rooted Android device if you don't want to use the emulator Workshop format A quick look at stati...

Let's Play a Game of Cyber Security at  CSAW CTF 2011   Ready for a little game of capture the flag? What if you weren't running around a field like a crazy person trying to grab a flag out of someone's belt, but instead were navigating around a network overcoming technical challenges to find markers that you are awarded points for once submitted? Then CSAW CTF 2011 is where it's at. CSAW CTF 2011 is hosting the qualifying round from Friday September 23, 2011 to Sunday September 25, 2011. The competition will begin at 8PM that Friday night, and is used to determine who will proceed on to the finals taking place in New York November 10-11 at NYU-Poly.   The event is centered on assessing application security abilities. For the qualification round there is no limit to the number of team members you can have, but if you move on to the final round your team will be limited to four players. If you attend the event you'll have the chance to rub elbows with anyon...

Lilith: Perl script to audit web applications Lilith tool analyses webpages and looks for htmltags , which often refer to dynamic pages that might be subject to SQL injection or other flaws.Lilith basic function is to spider and analyses pages, following hyperlinks, injecting special characters that have a special meaning to any underlying platform. As most of us know web applications scanner can never perform a full 100% correct audit. A manual re-check eliminates most of the false positve. Features and changes made in lilith got rid of many many false positives (that's good) when SQL error is found, it now goes onto next var improved (i hope) scanning engine (anti) coldfusion support better cookie handling and cookie tampering omitted perl HTML::Form limitation better verbose output extensive logging detects directory indexing recursive URL dissection cleaned up this pasta code Download Lilith

Win Free Copies of BackTrack 5 Wireless Penetration Testing Guide with The Hacker News Fellow hackers would be very pleased to know that to celebrate the release of their new book- BackTrack 5 Wireless Penetration Testing Beginner's Guide , Packt Publishing is giving away 2 copies of the book to The Hacker News readers. Keep reading to find out how you can be one of the Lucky Winner. Here is a quick overview of BackTrack 5 Wireless Penetration Testing Beginner's Guide · Learn Wireless Penetration Testing with the most recent version of Backtrack · The first and only book that covers wireless testing with BackTrack · Concepts explained with step-by-step practical sessions and rich illustrations · Written by Vivek Ramachandran ¬ world renowned security research and evangelist, and discoverer of the wireless "Caffe Latte Attack" Read More How To Win Sound like something you might be interested in? All you need to do is head on over to the bo...

50000 WordPress Sites infected with spam The attack consists of contacting the domain wplinksforwork.com to get a list of links to be displayed on the compromised sites. However, that domain has been down for the last few days and all the sites compromised. These sites supposed to be compromised. Most of the hacked sites had outdated versions of WordPress installed. Infected sites have following message at Footer : Warning: file_get_contents(https://wplinksforwork.com/56132.. 47509328/p.php?host=… failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in ..