Blogs / GNUCITIZEN | Cutting-edge Think tank | Ethical Hacker Outfit

Latest posts

1. Ghost Busters

   http://www.gnucitizen.org/blog/ghost-busters/

   A special guest blogger for this month is Eduardo Vela, also known as sirdarckcat, a security researcher from Mexico. Eduardo has been on the field for a couple of years, mainly focusing on web-app based vulnerabilities, privilege escalation, and IDS/filter evasion. …

   21 hours ago

2. Agile Hacking: a homegrown telnet-based portscanner

   http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/

   So here is the scenario: the attacker has limited access to a box and he/she needs to perform a portscan from it. However, he/she does not want to download any tools to the target system. There might be various reasons for not wanting to upload a portscanner to the box. Perhaps, the attacker wants to minimize the footprint. …

   4 days ago

3. Browser, mount that folder, thank You!

   http://www.gnucitizen.org/blog/browser-mount-that-folder-thank-you/

   These are the stuff every guy, who has pocked the browser or the client-side lately, would like to hear about. Behold the File I/O the W3C spec for local file access. Here is a description of what it does. The interesting part from the text bellow is outlined in bold: Traditionally, web applications have had little to no access to resources residing on the local filesystem. …

   1 day ago

2,650 blog reactions

1. 

   Interesting Information Security Bits for May 16th, 2008

   http://infosecramblings.wordpress.com/2008/05/16/interesting...

   Howdy, here are some things to take a look at for today. Dave Aitel writes about automatic exploit generation from patches. According to Dave, it isn’t as easy as it sounds. I agree with him. Go give it a read. GNUCITIZEN has another good post up that takes a look at resident scripts and cross-domain issues using javascript. Kees, as usual, has a thought provoking post up which points out that Perception IS Reality (emphasis added). Go read it.

   6 hours ago in Infosec Ramblings · Authority: 12
2. 

   Security Briefing: May 16th

   http://www.liquidmatrix.org/blog/2008/05/16/security-briefin...

   Security hole in Internet Explorer allows attackers to execute arbitrary programs Of PRNGs and annoying alerts - Debian OpenSSL vulnerability (thx CJ) Taking your laptop into the US? Be sure to hide all your data first Ghost Busters SQL injection attack in ‘third wave,’ says IBM Click here to subscribe to Liquidmatrix Security Digest! Tags: News, Daily Links, Security Blog, Information Security, Security News

   11 hours ago in Liquidmatrix Security Digest by gattaca000 · Authority: 73
3. 

   Oh yea, I have a blog…

   http://www.hiredhacker.com/2008/05/16/oh-yea-i-have-a-blog/

   For those who still doubt the seriousness of bugs like XSS and CSRF, check out: uTorrent Pwn3d. With out rehashing Rob’s post, he used CSRF to gain control of a machine. The Bluehat talk A Resident in My Domain has sparked quite a few posts about the details of the attack, and it looks very interesting/serious. There is of course always OpenRCE.org and sla.ckers.org, and if your in the Boston area or are just fans of Dropkick they will be playing at all the Red Sox minor league parks with the

   11 hours ago in hiredhacker.com - relevant ramblings of an ethical hacker · Authority: 55
4. 

   Bezpieczeństwo IT | Bezpieczeństwo IT od 1998 roku

   http://ipsec.pl

   Faktura elektroniczna - wykorzystywane formaty Got Your XPShield up and Running? DIY Phishing Kits Introducing New Features Ghost Busters Phishing Site in Email Botnet Asprox poluje na nowe ofiary Poważny błąd w pakiecie OpenSSL DOBRY PRACOWNIK WANTED! - link sponsorowany Podpisywanie dokumentów multimedialnych na przykładzie HTML

   18 hours ago in Bezpieczeństwo IT | Bezpieczeństwo IT od 1998 roku · Authority: 7
5. 

   [dot]EXE - Biro Studi Teknologi Informasi & Rekayasa Elektro

   http://dotexe.wordpress.com

   peroleh, salah satunya adalah unutk usaha mengetest suatu situs (baca :penetrasi). Sekarang GNUCITIZEN telah menggembangkan suatu alat unutk penetrasi online dengan menggunakan database dari “kata pencari rahasia gologle”. Tool Online itu adalah GHDB. inilah screen shoot nya: mudah sekali pengunaan dari tool ini, (asal menggunakan Firefox versi terbaru lah..). Disebelah kiri dapat kita jumpai box kategori celah2 kemanan yang dapat kita test. selamat ber

   19 hours ago in [dot]EXE - Biro Studi Teknologi Informasi & Rekayasa Elektro by dotexenator · Authority: 10
6. 

   GHDB (Google Hacking Database Tool) “di mulai dari google…”

   http://dotexe.wordpress.com/2008/05/16/ghdb-google-hacking-d...

   peroleh, salah satunya adalah unutk usaha mengetest suatu situs (baca :penetrasi). Sekarang GNUCITIZEN telah menggembangkan suatu alat unutk penetrasi online dengan menggunakan database dari “kata pencari rahasia gologle”. Tool Online itu adalah GHDB. inilah screen shoot nya: mudah sekali pengunaan dari tool ini, (asal menggunakan Firefox versi terbaru lah..). Disebelah kiri dapat kita jumpai box kategori celah2 kemanan yang dapat kita test. selamat ber

   20 hours ago in [dot]EXE - Biro Studi Teknologi Informasi & Rekayasa Elektro by dotexenator · Authority: 10
7. 

   Hakiri | Hacker Lifestyle

   http://www.hakiri.com

   latest group entries Ghost Busters HoH Incubator Proprietary Software Bashing HoH and the GNUCITIZEN Network Make the Numbers count Cross-site Madness in 2008 Pimp your Posts Military Botnet BTHomeHub owned again...6.2.6.E Bloggers

   1 day ago in Hakiri | Hacker Lifestyle · Authority: 10
8. 

   Burad’s Blog

   http://aburad.com/blog

   Cross-site Scripting. Potential targets for this attack include applications such as web mail clients, collaboration systems, document sharing systems, almost everything that smells like Web2.0, etc, etc, etc. Similar security concerns also arise in data: protocol in firefox. So one need to be careful to filter files you want to allow for upload. Actually, once I had similar situation with a website which allowed you to host image files, but the problem was they were not checking for

   1 day ago in Burad’s Blog by aburad · Authority: 3
9. 

   Spin Hunters | Social Hacking Research House | Black PR | PR Security

   http://www.spinhunters.org

   of Hackers - 2020 members. Are you member yet?[...] Adrian 'pagvac' Pastor: I suspect HoH can reach 5K users before expected. Whenever that happens, I'll write a post to celebrate! We could also go out for a pint if you guys want, it's on me![...] pdp: 1021 members - House of Hackers[...] pdp: 761 members - House of Hackers[...] pdp: 275 members - House of Hackers[...] pdp: 20 hours ago it was a community of a one person. Now we have 238 members on board. House of Hackers - social network for hackers[...]

   1 day ago in Spin Hunters | Social Hacking Research House | Black PR | PR Security · Authority: 15
10. 

    Début mai : les nouveautés du monde

    http://olivier.pons.free.fr/index.php/2008/05/14/debut-mai-l...

    pas celui auquel on pense en premier lieu, qui signifie “admiration pour le travail de la personne la plus talentueuse, créative, unique, provoquante, intense, intriguante et intéréssante au travers de la societé.” Hackers House est géré par GnuCitizen, un groupe connu dans le domaine des recherches très pointues sur la sécurité.

    2 days ago in Olivier Pons — Ma vie, mon univers et mes restes (…) · Authority: 2

Top Tags

What this blog is about

1. 0day
2. blog
3. browser
4. conference
5. dns
6. flash
7. google
8. hacker
9. hacking
10. java
11. javascript
12. pdp
13. projects
14. secure
15. security
16. upnp
17. vulnerability
18. web
19. wifi
20. xss
21. browsers
22. csrf
23. exploit
24. hack
25. hijacking
26. house of hackers
27. project
28. python
29. router
30. web2.0

6 fans

Members who favorited this blog

• 

  AleksS

• 

  pagvac

• 

  pdpgnucitizen

• 

  TechnoFaves

• 

  fatmatt