HackingTheUniverse

You are browsing the archives of penetration testing.

Kali Linux is a penetration testing framework that contains over 600 penetration testing tools. It is a Debian based toolkit built on the foundation created by BackTrack. Some of the better known tools include: Wireshark – packet sniffer and protocol analysis nmap – port scanner john the ripper – password hash cracker metasploit framework – […]

DARPA-Funded Hacker’s Tiny $50 Spy Computer Hides In Offices, Drops From Drones – [forbes.com] At the Shmoocon security conference Friday in Washington D.C., O’Connor plans to present the F-BOMB, or Falling or Ballistically-launched Object that Makes Backdoors. Built from just the hardware in a commercially-available PogoPlug mini-computer, a few tiny antennae, eight gigabytes of flash […]

MiniPwner is a battery powered TP-Link TL-WR703N router running OpenWrt. It has an ethernet port, integrated wifi and some tools installed. It is small and cheap. MiniPwner – [minipwner.com] What is the MiniPwner The MiniPwner is a penetration testing “drop box”. It is designed as a small, simple but powerful device that can be inconspicuously […]

For a long time, p0f has filled a mostly empty space for passive reconnaissance tools. There is now an updated version (a release candidate) with some new features. p0f v3 (release candidate 0) – [coredump.cx] 1. What’s this? P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify […]

ANTi is a smartphone, android based, penetration testing toolkit that can scan a network, find vulnerabilities, run exploits, produce reports and more. There is a free version with limited functions and several paid versions that scale up in functionality. The videos linked at the bottom of this article are interesting. ANTi – Android Network Toolkit […]

This article describes how criminals have begun to integrate bluetooth technology into card reader skimmers to make it more effective for them to collect stolen card information. Josh Wright is an expert on bluetooth and wireless security in general and is a Senior Instructor at the SANS Institute, where he authored (and often teaches) the […]

Fox Sitcom Will Depict Pen Testing Firm – [threatpost.com] Hollywood is taking another crack at hacker culture – this time with a decidedly contemporary twist: a sitcom that will depict the zany doings of a group of security geeks who work as corporate penetration testers. The new show, breaking_in, is scheduled to debut on April […]

All About Plugbot – [theplugbot.com] PlugBot is a hardware bot. It’s a covert penetration testing device designed for use during physical penetration tests. PlugBot is a tiny computer that looks like a power adapter; this small size allows it to go physically undetected all the while powerful enough to scan, collect and deliver test results […]

Robin Sage is not a real person. Fictitious femme fatale fooled cybersecurity – [washingtontimes.com] Call her the Mata Hari of cyberspace. Robin Sage, according to her profiles on Facebook and other social-networking websites, was an attractive, flirtatious 25-year-old woman working as a “cyber threat analyst” at the U.S. Navy’s Network Warfare Command. Within less than […]

Metasploit recently released version 3.4.0 of the Framework with many improvements and new exploits and a new commercial product, Metasploit Express. Today, they followed that up with a VM image that can be used as an exploitable practice target. Introducing Metasploitable – [metasploit.com] Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. […]