http://security.up-your.com/feed/? Latest topics Wed, 27 Jan 2010 13:47:12 GMT 10 http://hitskin.com/themes/13/25/34/i_logo.png http://security.up-your.com/feed/? http://security.up-your.com/other-software-f10/avacs-live-chat-t80.htm Ellena Each of us has tried at least once to enter chat rooms through Internet-browser on PC, WAP-browser on mobile phone, used ICQ, MSN or the like programmes. Some people use such services to get acquainted, other are looking for easy communication, the third - to correspond with business partners. Computer chats and programs have a plenty of functions, but they attach people to PCs, and the abilities of WAP-chats are rather limited. In new network product "AVACS Live Chat" for mobile phones ... Other Software Wed, 27 Jan 2010 13:47:12 GMT http://security.up-your.com/other-software-f10/avacs-live-chat-t80.htm#109 http://security.up-your.com/other-software-f10/avacs-live-chat-t80.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/immunity-canvas-t74.htm Administrator Download Now Free !! Immunity CANVAS Professional Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals worldwide. To see CANVAS in action please see our movies. Cost License: Current Price: $1450 - one license allows up to 10 users/installations - includes 3 months of updates and support - unrestricted (no target ... Penetration // Enumeration // Scanning // Exploitation Tools Sun, 13 Jan 2008 00:40:49 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/immunity-canvas-t74.htm#95 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/immunity-canvas-t74.htm http://security.up-your.com/general-hacking-f1/how-i-knew-when-i-was-hacker-t26.htm Administrator @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ @ @ HOW I KNEW WHEN I WAS HACKER @ @ @ @ BY: @ @ @ @ ... General Hacking Tue, 29 May 2007 13:00:46 GMT http://security.up-your.com/general-hacking-f1/how-i-knew-when-i-was-hacker-t26.htm#26 http://security.up-your.com/general-hacking-f1/how-i-knew-when-i-was-hacker-t26.htm http://security.up-your.com/request-f14/core-impact-t79.htm illidan please dont post anything under V4]]> Request Sat, 22 Mar 2008 11:08:03 GMT http://security.up-your.com/request-f14/core-impact-t79.htm#102 http://security.up-your.com/request-f14/core-impact-t79.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-pack-2008-t78.htm Administrator Google Hacking Tools 2008 http://rapidshare.com/files/100944239/Google_Hacking_Tools_2008.rar.html Password: www.security.up-your.com Penetration // Enumeration // Scanning // Exploitation Tools Fri, 21 Mar 2008 11:12:38 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-pack-2008-t78.htm#101 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-pack-2008-t78.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-t77.htm Administrator

PM me For Need Tools.


]]> Penetration // Enumeration // Scanning // Exploitation Tools Thu, 20 Mar 2008 11:43:24 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-t77.htm#100 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/google-hacking-tools-t77.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/http-server-20-t76.htm Administrator HTTP SERVER 2.0 Download: http://rapidshare.com/files/100942190/hfs.rar.html Password: www.security.up-your.com Penetration // Enumeration // Scanning // Exploitation Tools Thu, 20 Mar 2008 11:28:56 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/http-server-20-t76.htm#99 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/http-server-20-t76.htm http://security.up-your.com/wireless-security-f5/essential-wireless-hacking-tools-t15.htm Administrator Anyone interested in gaining a deeper knowledge of wireless security and exploiting vulnerabilities will need a good set of base tools with which to work. Fortunately, there are an abundance of free tools available on the Internet. This list is not meant to be comprehensive in nature but rather to provide some general guidance on recommended tools to build your toolkit. Finding Wireless Networks Locating a wireless network is the first step in trying to exploit it. There are two tools ... Wireless Security Mon, 28 May 2007 15:37:15 GMT http://security.up-your.com/wireless-security-f5/essential-wireless-hacking-tools-t15.htm#15 http://security.up-your.com/wireless-security-f5/essential-wireless-hacking-tools-t15.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/hav-rat-132-full-version-t40.htm Administrator Hav-Rat 1.3.2 Full Version :::::::::::Hav-Rat 1.3.2 Terms of use:::::::::::::::::: Hav-RAT 1.3.2 is a remote administraion tool made by Havalito and before using please agree to these terms or delete the downloaded file and go on with your sweet life. ::::::::::::::::::::TERMS OF USE::::::::::::::::::::::: * Hav-RAT is for administrating your computer/s and you must own the computer/s or where the owner has given you the rights to administrate. * Hav-RAT is not for stealing ... Penetration // Enumeration // Scanning // Exploitation Tools Sat, 08 Sep 2007 21:46:36 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/hav-rat-132-full-version-t40.htm#41 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/hav-rat-132-full-version-t40.htm http://security.up-your.com/video-based-computer-security-education-f11/security-videos-24-videos-310-mins-t2.htm Administrator http://www.security-freak.net/videos.html List of Currently Available Sections:( 24 videos - 310 mins) 1. Basic Socket Programming: (4 videos - 65 mins) 1.1 Presentation on Socket Programming basics (25 mins) 1.2 "Type with Me" exercise - a simple TCP server (19 mins) 1.3 Coding a TCP Echo server (13 mins) 1.4 Coding a TCP Echo client (9 mins) http://www.security-freak.net/sockets/socket-programming.html 2. Packet Sniffing using Raw Sockets: (7 videos ... Video-Based Computer Security Education Mon, 28 May 2007 12:58:27 GMT http://security.up-your.com/video-based-computer-security-education-f11/security-videos-24-videos-310-mins-t2.htm#2 http://security.up-your.com/video-based-computer-security-education-f11/security-videos-24-videos-310-mins-t2.htm http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-3-t73.htm Administrator Remove Trojans v1.7: Open registry Regedit Click directory to: HKEY_LOCAL_MACHINE \\\\\\\\ SOFTWARE \\\\\\\\ Microsoft \\\\\\\\ Windows \\\\\\\\ CurrentVersion \\\\\\\\ RunServices \\\\\\\\ View to the right item: C: \\\\\\\\ windows \\\\\\\\ kernel16.dl and delete Close preservation Regedit and restart Windows Delete the C: \\\\\\\\ windows \\\\\\\\ kernel16.dl OK Remove Trojans v1.8: Open registry Regedit Click directory to: HKEY_LOCAL_MACHINE \\\\\\\\ SOFTWARE ... Trojan&Virus Tue, 08 Jan 2008 18:29:39 GMT http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-3-t73.htm#91 http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-3-t73.htm http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-2-t72.htm Administrator 25. Doly v1.1 - v1.7 (SE) Remove Trojans V1.1-V1.5 version: Several versions of this Trojan Trojan program on three, two more projects are registered, but also to Win.ini project. First of all, access to MS-DOS, deleted three Trojan program, but more than a Trojan version V1.35 document mdm.exe. To delete all of the following: C: \\\\\\\\ WINDOWS \\\\\\\\ SYSTEM \\\\\\\\ tesk.sys C: \\\\\\\\ WINDOWS \\\\\\\\ Start Menu \\\\\\\\ Programs \\\\\\\\ Startup \\\\\\\\ mstesk.exe ... Trojan&Virus Tue, 08 Jan 2008 18:29:10 GMT http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-2-t72.htm#90 http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-2-t72.htm http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-t71.htm Administrator There are many novice on the little understanding of security issues, the computer kind of a Trojan horse does not know how to remove the sample. Although However, there are now a lot of the removal of Trojan horse software can automatically remove Trojans. But you do not know what is in the Trojan Horse Computer run, if you read this article, you will understand the principle of Trojan. Although the Trojans collected a lot of information, but I can guarantee that all correct. ... Trojan&Virus Tue, 08 Jan 2008 18:27:15 GMT http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-t71.htm#89 http://security.up-your.com/trojanvirus-f3/100-trojan-manual-removal-methods-t71.htm http://security.up-your.com/tutorials-f6/arp-for-virus-detection-virus-t70.htm Administrator Virus attack symptoms: computer network connecting normal, the building can PING-PING-machine is not the gateway, not the web, or to deceive as the Trojans ARP (virus) attack sent a large number of data packets, resulting in the operation of the network instability, frequent offline, IE browser frequent errors as well as some commonly used software failure, and other issues. Network outages reasons: When a LAN ARP hosts infected with the virus, to the LAN (referring to a particular ... Tutorials Tue, 08 Jan 2008 18:20:37 GMT http://security.up-your.com/tutorials-f6/arp-for-virus-detection-virus-t70.htm#88 http://security.up-your.com/tutorials-f6/arp-for-virus-detection-virus-t70.htm http://security.up-your.com/trojanvirus-f3/10-trojan-hiding-place-t69.htm Administrator The virus is a virus based on the remote control procedures, the procedures are highly concealed nature and dangers of people do not know it can sneak onto your state control or monitor you. Some people say that, since the Trojans so terrible, I do not back away from it can be! Nevertheless, the Trojan horse is "mischievous", it can regardless of whether you welcome, as long as it pleased, it will Chendao your thoughts to the "home" in the past! Ah, so brilliant ... Trojan&Virus Tue, 08 Jan 2008 18:15:10 GMT http://security.up-your.com/trojanvirus-f3/10-trojan-hiding-place-t69.htm#87 http://security.up-your.com/trojanvirus-f3/10-trojan-hiding-place-t69.htm http://security.up-your.com/general-hacking-f1/how-to-let-you-do-the-u-100-prevention-of-computer-viruses-t68.htm Administrator [b]How to let you do the U-100% prevention of computer viruses [/b] U disk on the spread of the virus to help with autorun.inf file, the virus copies itself to the first-u, and then create a autorun.inf, you double-click u-will, in accordance with the settings in autorun.inf to operate u intraday virus, as long as we can stop autorun.inf file was created, then even if the U disc contains a virus can only sleep well, we may have thought about this, but no matter what settings to autorun.inf ... General Hacking Tue, 08 Jan 2008 17:50:59 GMT http://security.up-your.com/general-hacking-f1/how-to-let-you-do-the-u-100-prevention-of-computer-viruses-t68.htm#86 http://security.up-your.com/general-hacking-f1/how-to-let-you-do-the-u-100-prevention-of-computer-viruses-t68.htm http://security.up-your.com/tutorials-f6/live-to-use-sql-injection-database-infiltration-t67.htm Administrator How to use SQL Injection to the infiltration of a database idea 如今，很多关于mssql数据库的渗透技巧已不能有效地获取有用的数据值。 Now, a lot of penetration skills mssql database has been unable to effectively access to useful data values. 比如在一个怀疑是注入点的地方 ... Tutorials Mon, 07 Jan 2008 18:53:40 GMT http://security.up-your.com/tutorials-f6/live-to-use-sql-injection-database-infiltration-t67.htm#85 http://security.up-your.com/tutorials-f6/live-to-use-sql-injection-database-infiltration-t67.htm http://security.up-your.com/securitylinks-f13/links-t55.htm Administrator milw0rm PacketstormSecurity Social Tagging Germany Sans Reading Room CERT Gyre.org Blackhat Forums Archive.org HackInTheBox VulnWatcher - Vulnerability Management MAC Security Net-Security.org Cryptome.org Electronic Privacy Information Center PHPIDS Honeynet Project Wired.com DShield.org Information Warfare Slashdot Zone-H Window Security Security::Links Tue, 25 Dec 2007 11:22:20 GMT http://security.up-your.com/securitylinks-f13/links-t55.htm#72 http://security.up-your.com/securitylinks-f13/links-t55.htm http://security.up-your.com/public-exploits-f4/sql-injection-in-xss-t66.htm Administrator SQL INJECTION IN XSS 1, the local authority restrictions always people feel reassured, such as background, the net ..... But the official denied that some procedural loopholes in the background risk, such as * vbbs standby to previous data that are shell attitude. Indeed, in the authority, subject to such loopholes it is difficult to be used directly. Xss and above on the case, programmers are often overlooked and not very good defense, if two conditions to match, it means that the ... Public Exploits Wed, 26 Dec 2007 15:51:02 GMT http://security.up-your.com/public-exploits-f4/sql-injection-in-xss-t66.htm#83 http://security.up-your.com/public-exploits-f4/sql-injection-in-xss-t66.htm http://security.up-your.com/tutorials-f6/on-environment-variables-in-the-use-of-hacking-t65.htm Administrator On environment variables in the use of Hacking First, we have to be aware of what is the environment variable! Environment variables in the operating system is generally specified in the operating system used to run a number of environmental parameters, such as the temporary folder location and system folder location, and so on. This period of somewhat similar to the default path for DOS, when you run some way sequential addition in the current folder to find but also to set the default ... Tutorials Wed, 26 Dec 2007 15:31:31 GMT http://security.up-your.com/tutorials-f6/on-environment-variables-in-the-use-of-hacking-t65.htm#82 http://security.up-your.com/tutorials-f6/on-environment-variables-in-the-use-of-hacking-t65.htm http://security.up-your.com/request-f14/request-prorat-20-t64.htm 4cch4 I need a this trojan]]> Request Wed, 26 Dec 2007 11:58:20 GMT http://security.up-your.com/request-f14/request-prorat-20-t64.htm#81 http://security.up-your.com/request-f14/request-prorat-20-t64.htm http://security.up-your.com/video-based-computer-security-education-f11/iphone-sim-free-unlock-t63.htm Administrator This Movie shows you in detail how you can unlock your iPhone without SIM (187 MB)


Download: iPhoneSIMfree-unlock-hd.avi]]> Video-Based Computer Security Education Tue, 25 Dec 2007 11:48:08 GMT http://security.up-your.com/video-based-computer-security-education-f11/iphone-sim-free-unlock-t63.htm#80 http://security.up-your.com/video-based-computer-security-education-f11/iphone-sim-free-unlock-t63.htm http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-video-explains-drive-by-downloads-t62.htm Administrator In this pilot episode, Corey Nachreiner, CISSP and a WatchGuard Network Security Analyst, shows you exactly what happens when a typical Windows XP computer encounters a malicious Web site and suffers a "drive-by download" -- the type of attack that takes over your PC the instant you browse the wrong site. The Web site is real, found in the wild, and booby-trapped with multiple exploits, including the notorious Windows Metafile image vulnerability. You might be surprised ... Video-Based Computer Security Education Tue, 25 Dec 2007 11:46:29 GMT http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-video-explains-drive-by-downloads-t62.htm#79 http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-video-explains-drive-by-downloads-t62.htm http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-rootkits-part-2-t61.htm Administrator You're probably aware that rootkits can hide malware on your computer, but do you know how rootkits do it? Many of them rely on a technique called hooking. In "Malware Analysis: Rootkits (Part 2)," Network Security Analyst Corey Nachreiner and his Magic White Board explain: * The concept behind inline function hooking * What kinds of Windows functions are susceptible to hooking * How a weaponized rootkit, Hacker Defender, leverages hooking to create a devastating backdoor ... Video-Based Computer Security Education Tue, 25 Dec 2007 11:45:17 GMT http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-rootkits-part-2-t61.htm#78 http://security.up-your.com/video-based-computer-security-education-f11/malware-analysis-rootkits-part-2-t61.htm http://security.up-your.com/video-based-computer-security-education-f11/spyware-think-before-you-click-t60.htm Administrator Spyware: Think Before You Click


In this movie it will be explained what spyware is, what it does,
why and how it spreads, telltale symptoms of a spyware infection on
your computer, and how to avoid infection.


Download: sw04spyware.wmv]]> Video-Based Computer Security Education Tue, 25 Dec 2007 11:41:47 GMT http://security.up-your.com/video-based-computer-security-education-f11/spyware-think-before-you-click-t60.htm#77 http://security.up-your.com/video-based-computer-security-education-f11/spyware-think-before-you-click-t60.htm http://security.up-your.com/video-based-computer-security-education-f11/botnet-source-code-for-overachievers-t59.htm Administrator For IT professionals who crave depth. This screen-capture video supplement to "Malware Analysis: Botnets, Part 1" examines bot source code line by line. Download: botnets1_overachievers.wmv Video-Based Computer Security Education Tue, 25 Dec 2007 11:40:23 GMT http://security.up-your.com/video-based-computer-security-education-f11/botnet-source-code-for-overachievers-t59.htm#76 http://security.up-your.com/video-based-computer-security-education-f11/botnet-source-code-for-overachievers-t59.htm http://security.up-your.com/video-based-computer-security-education-f11/part-3-botnets-malware-analysis-movie-t58.htm Administrator PART 3 BOTNETS (MALWARE ANALYSIS Movie)

You've seen bot code and you've seen how bots attack. Now learn the
countermeasures, defenses, and Firebox tricks that render bots "Dead On
Arrival" for your network.

Download: botnets3.wvm
]]> Video-Based Computer Security Education Tue, 25 Dec 2007 11:38:18 GMT http://security.up-your.com/video-based-computer-security-education-f11/part-3-botnets-malware-analysis-movie-t58.htm#75 http://security.up-your.com/video-based-computer-security-education-f11/part-3-botnets-malware-analysis-movie-t58.htm http://security.up-your.com/video-based-computer-security-education-f11/part-2-botnets-malware-analysis-movie-t57.htm Administrator PART 2 BOTNETS (MALWARE ANALYSIS Movie)

Learn how a bot herder uses his bot army for attacks such as
Distributed Denial of Service, getting command line control of victims,
installing spyware, and more.


Download: botnets2.wvm
]]> Video-Based Computer Security Education Tue, 25 Dec 2007 11:36:20 GMT http://security.up-your.com/video-based-computer-security-education-f11/part-2-botnets-malware-analysis-movie-t57.htm#74 http://security.up-your.com/video-based-computer-security-education-f11/part-2-botnets-malware-analysis-movie-t57.htm http://security.up-your.com/video-based-computer-security-education-f11/part-1-botnets-malware-analysis-movie-t56.htm Administrator PART 1 BOTNETS (MALWARE ANALYSIS Movie)


See actual malicious code and understand how it works. Corey Nachreiner
explains botnet architecture for beginners, then builds a bot client.

Download: botnets1.wvm
]]> Video-Based Computer Security Education Tue, 25 Dec 2007 11:34:49 GMT http://security.up-your.com/video-based-computer-security-education-f11/part-1-botnets-malware-analysis-movie-t56.htm#73 http://security.up-your.com/video-based-computer-security-education-f11/part-1-botnets-malware-analysis-movie-t56.htm http://security.up-your.com/remote-exploit-f12/backtrack-3-beta-14-12-2007-t54.htm Administrator http://backtrack.offensive-security.com/index.php/Main_Page Download: Get your copy of BT3 Beta here: AND Watch for bugs! http://www.remote-exploit.org/backtrack_download.html BackTrack 3 Beta ISO version (Stripped Down - 700 mb) http://www.remote-exploit.org/bt3b141207.iso.torrent ftp://bt3.aircrack-ng.org/bt3b141207.iso md5sum : 04ed8742fc8facd1ecc8c9f6f567c116 shasum : 70c33e0aa75a978b8a87a207bf488ecec8d10a87 BackTrack 3 Beta USB version (946 mb) http://www.remote-exploit.org/bt3b141207.rar.torrent ftp://bt3.aircrack-ng.org/bt3b141207.rar md5sum ... Remote-Exploit Tue, 25 Dec 2007 11:03:02 GMT http://security.up-your.com/remote-exploit-f12/backtrack-3-beta-14-12-2007-t54.htm#71 http://security.up-your.com/remote-exploit-f12/backtrack-3-beta-14-12-2007-t54.htm http://security.up-your.com/video-based-computer-security-education-f11/webgoat-1-sql-injection-demonstration-t53.htm Administrator WebGoat 1: SQL Injection Demonstration SQL injection is a common web application attack that focuses on the database backend. WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of installing WebGoat and doing two of its SQL injection lessons. Download: Code:http://rapidshare.com/files/78936605/webgoat-sql-injection.rar Video-Based Computer Security Education Tue, 25 Dec 2007 10:57:08 GMT http://security.up-your.com/video-based-computer-security-education-f11/webgoat-1-sql-injection-demonstration-t53.htm#70 http://security.up-your.com/video-based-computer-security-education-f11/webgoat-1-sql-injection-demonstration-t53.htm http://security.up-your.com/video-based-computer-security-education-f11/80211-wpa-psk-crack-video-tutorial-t52.htm Administrator 802.11 WPA-PSK Crack Video Tutorial This video demostration using AirCrack suite to show us how easy we can send a deauthentication packet to a client so we cause him to connect again and thus giving us his WPA-PSK key. After we get they key the only thing left is to crack the key, either by bruteforcing or dictionary attack (hybrid). It would be a good way to precompute the attack using rainbow tables but you will have to build the rainbow tables based on specific SSIDs. You can see ... Video-Based Computer Security Education Tue, 25 Dec 2007 10:54:32 GMT http://security.up-your.com/video-based-computer-security-education-f11/80211-wpa-psk-crack-video-tutorial-t52.htm#69 http://security.up-your.com/video-based-computer-security-education-f11/80211-wpa-psk-crack-video-tutorial-t52.htm http://security.up-your.com/video-based-computer-security-education-f11/80211_packet_injection_windows-t51.htm Administrator 802.11 Packet Injection Windows This video tutorial demostrates how you can use packet injection in windows. The hardware used was an Atheros Chipset Card and the drivers that of commview. Enjoy the video demostration. Download: Code:http://rapidshare.com/files/78935482/Packet_Injection_Windows.rar Password: Code:www.security.up-your.com Video-Based Computer Security Education Tue, 25 Dec 2007 10:42:20 GMT http://security.up-your.com/video-based-computer-security-education-f11/80211_packet_injection_windows-t51.htm#68 http://security.up-your.com/video-based-computer-security-education-f11/80211_packet_injection_windows-t51.htm http://security.up-your.com/tutorials-f6/thumbscrew-software-usb-write-blocker-t50.htm Administrator Thumbscrew: Software USB Write Blocker Thumbscrew is my attempt at a poor man's USB write blocker. When used it allows you to quickly enable or disable writing to all USB mass storage devices on your Windows system. In other words, you can use it to make a USB flash drive, hard drive or IDE /SATA drive in an enclosure read only. However, I make no guarantees as to its forensic validity. Still, if your poor and you want to play around with making forensic images of thumb drives and other USB ... Tutorials Tue, 11 Dec 2007 11:44:22 GMT http://security.up-your.com/tutorials-f6/thumbscrew-software-usb-write-blocker-t50.htm#67 http://security.up-your.com/tutorials-f6/thumbscrew-software-usb-write-blocker-t50.htm http://security.up-your.com/trojanvirus-f3/gozi-trojan-t6.htm Administrator Gozi Trojan * URL: http://www.secureworks.com/research/threats/gozi * Date: March 20, 2007; UPDATED - March 21, 2007 * Author: Don Jackson Russian malware authors are finding new ways to steal and profit from data which used to be considered safe from thieves because it was encrypted using SSL/TLS. Originally, this analysis intended to provide insight into the mechanisms used to steal that data, but it became an investigation into the growing trend of malware sold not ... Trojan&Virus Mon, 28 May 2007 13:15:50 GMT http://security.up-your.com/trojanvirus-f3/gozi-trojan-t6.htm#6 http://security.up-your.com/trojanvirus-f3/gozi-trojan-t6.htm http://security.up-your.com/trojanvirus-f3/prorat-19-se-t5.htm Administrator http://www.prorat.net/ ProRat v1.9 Fix2 Public Edition : Free ProRat is a Remote Administration Tool made by PRO Group. All PRO Group Members contributed to improve and update this program with all ProRat testers support we fixed up lots of bugs and mistakes to make it the best in its own category. ProRat was written in C++ programming language and its capable to work with all windows operating systems. To make process and connect to a PC with ProRat v2.0 you must create a ... Trojan&Virus Mon, 28 May 2007 13:10:31 GMT http://security.up-your.com/trojanvirus-f3/prorat-19-se-t5.htm#5 http://security.up-your.com/trojanvirus-f3/prorat-19-se-t5.htm http://security.up-your.com/wireless-security-f5/aircrack-ng-t11.htm Administrator Introduction aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact, aircrack is a set of tools for auditing wireless networks. What is Aircrack-ng ? Aircrack-ng is the next generation of aircrack with lots of new features: Better documentation ... Wireless Security Mon, 28 May 2007 14:37:57 GMT http://security.up-your.com/wireless-security-f5/aircrack-ng-t11.htm#11 http://security.up-your.com/wireless-security-f5/aircrack-ng-t11.htm http://security.up-your.com/tutorials-f6/document-by-brian-wilson-t30.htm Administrator Wilson wilsonBrian Wilson aka slimjim100 bwilson@ethicalhacker.net Brian Wilson has over 12 years experience in IT starting with a tour in the United States Army. He has worked in and out of the US Government in many different organizations and technical roles including a stint as a Cisco Certified Instructor. Currently he works for one of the largest US broadband providers (ISP) as a Senior Data/Voice Engineer supporting over 3 million High Speed Internet/ VoIP subscribers. He has ... Tutorials Tue, 29 May 2007 13:44:47 GMT http://security.up-your.com/tutorials-f6/document-by-brian-wilson-t30.htm#30 http://security.up-your.com/tutorials-f6/document-by-brian-wilson-t30.htm http://security.up-your.com/tutorials-f6/free-webcams-on-google-t47.htm Administrator Code:inurl:/view/index.shtml /view/view.shtmls inurl:"axis-cgi/mjpg" /view/view.shtml axis "inurl:view/indexframe.shtml" Tutorials Sun, 09 Sep 2007 12:35:00 GMT http://security.up-your.com/tutorials-f6/free-webcams-on-google-t47.htm#48 http://security.up-your.com/tutorials-f6/free-webcams-on-google-t47.htm http://security.up-your.com/trojanvirus-f3/pinch-2-bulider-trojan-t49.htm Administrator Some time ago, we talked to you about malware prices, HTTP botnets, etc. Today I will show you the level Trojan creators have reached and the way in which some of them launch their creation ‘builders’, authentic centers for designing and creating totally customizable Trojans. And this is where Pinch comes in. It is a tool for creating Trojans which allows: defining the actions for the Trojan to take, packing the executable file to make its detection more difficult, disabling specific ‘annoying’ ... Trojan&Virus Sun, 09 Sep 2007 13:06:02 GMT http://security.up-your.com/trojanvirus-f3/pinch-2-bulider-trojan-t49.htm#50 http://security.up-your.com/trojanvirus-f3/pinch-2-bulider-trojan-t49.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/gmail-brute-force-python-t48.htm Administrator Code:#!usr/bin/python #Gmail Pop3 Brute Forcer #http://darkcode.ath.cx #d3hydr8[at]gmail[dot]com import threading, time, random, sys, poplib from copy import copy if len(sys.argv) !=3: print "\n\t d3hydr8[at]gmail[dot]com GmailPopBruteForcer v1.0" print "\t --------------------------------------------------\n" print "\t Usage: ./gmailpopbrute.py ... Penetration // Enumeration // Scanning // Exploitation Tools Sun, 09 Sep 2007 12:55:09 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/gmail-brute-force-python-t48.htm#49 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/gmail-brute-force-python-t48.htm http://security.up-your.com/tutorials-f6/rfi-exploits-explained-not-my-work-t46.htm Administrator Basic Remote File Inclusion Definition Remote file inclusion, commonly known as RFI is a form of attack where the attacker tries to inject there own php code inside your php app's. If an attacker can successfully achieve this they will be able to execute any code they wish on your webserver. Example Lets say we have a website that is coded in php, the website uses something like page=page.html to work out which page should be displayed. The code for this might look like ... Tutorials Sun, 09 Sep 2007 12:32:30 GMT http://security.up-your.com/tutorials-f6/rfi-exploits-explained-not-my-work-t46.htm#47 http://security.up-your.com/tutorials-f6/rfi-exploits-explained-not-my-work-t46.htm http://security.up-your.com/tutorials-f6/megashares-bypass-100-workin-by-satiore-t45.htm Administrator The following was shown to me by Satiore and permission was gaven to write this. The following is for educational purposes I am not responsible how you use it blah blah blah... Lets say we have a regular Megashares link (replace with a MS link you are having trouble with) Code:http://d01.megashares.com/?d01=000000 Let us examine some source code shall we... Code:[b]This link's filesize is larger than what you have left on your Passport.[/b] You can ... Tutorials Sun, 09 Sep 2007 12:29:32 GMT http://security.up-your.com/tutorials-f6/megashares-bypass-100-workin-by-satiore-t45.htm#46 http://security.up-your.com/tutorials-f6/megashares-bypass-100-workin-by-satiore-t45.htm http://security.up-your.com/tutorials-f6/downloading-youtube-videos-directly-with-download-manager-t44.htm Administrator So, You wanna download YouTube Videos Easy.... First copy The [Video ID] which appears in the URL for example: You were watching video in: hxxp://www.youtube.com/watch?v=nizt2oEtHl8 Copy "nizt2oEtHl8" and replace it with [Video ID] in the following link http://cache.googlevideo.com/get_video?video_id=[Video ID] and this gonna be the download link. copy and paste into any Downlod Manager. and here you go. Nice huh !! Peace. Tutorials Sun, 09 Sep 2007 12:22:57 GMT http://security.up-your.com/tutorials-f6/downloading-youtube-videos-directly-with-download-manager-t44.htm#45 http://security.up-your.com/tutorials-f6/downloading-youtube-videos-directly-with-download-manager-t44.htm http://security.up-your.com/tutorials-f6/stack-overflow-exploitation-explained-t43.htm Administrator Code:As I have already done a video tutorial and an IRC Lecture (which was some what limited), I decided I would write this paper. This paper will go through both the theory and the exploitation of stack-based buffer overflows for the Windows (32bit) platform. I will also be discussing how to find stack overflow vulnerabilities. I hope that this paper is easy enough for beginners to understand, yet at the same time I hope it will give them a decent grasp of ... Tutorials Sun, 09 Sep 2007 12:17:24 GMT http://security.up-your.com/tutorials-f6/stack-overflow-exploitation-explained-t43.htm#44 http://security.up-your.com/tutorials-f6/stack-overflow-exploitation-explained-t43.htm http://security.up-your.com/tutorials-f6/defeating-windows-xp-sp2-heap-protection-t42.htm Administrator
Read it here :

http://blackhat-forums.com/Downloads/pdf/Bypassing.Windows.Heap.Protections.XP.SP2.&.2003.pdf



]]> Tutorials Sun, 09 Sep 2007 12:14:36 GMT http://security.up-your.com/tutorials-f6/defeating-windows-xp-sp2-heap-protection-t42.htm#43 http://security.up-your.com/tutorials-f6/defeating-windows-xp-sp2-heap-protection-t42.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/download-accessdiver-v4401-new-t41.htm Administrator DOWNLOAD AccessDiver v4.401 New! AccessDiver is intented to be used by administrators or privileged users on their own accounts and directories. These persons can legally test the robustness of their own secured accesses. DO NOT use this program to gain entrance into other persons computers, servers or information. THIS ACTION IS NOT LEGAL AND COULD CAUSE YOU PROBLEMS!!! If there is a lack of security on your site, you will have to change your ... Penetration // Enumeration // Scanning // Exploitation Tools Sun, 09 Sep 2007 09:30:26 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/download-accessdiver-v4401-new-t41.htm#42 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/download-accessdiver-v4401-new-t41.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/nuclear-rat-210-new-t39.htm Administrator Nuclear RAT 2.1.0 New Legend: + Addition - Removal * Bug fix > Improvement v. 2.1.0 (September 4th): * Stealth Shell Folder Startup * Active Setup startup * Filemanager file listing were incomplete on some computers * Uninstallation + Multiple DNS Support * IP via URL * Persistent systray icon > Injection methods + Bind plugins > Plugin management - VBS instalation of startup method > Server size * Clipboard manager (was 'eating' the last character') * Remote ... Penetration // Enumeration // Scanning // Exploitation Tools Sat, 08 Sep 2007 21:32:41 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/nuclear-rat-210-new-t39.htm#40 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/nuclear-rat-210-new-t39.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/1337-exe-binder-t38.htm Administrator Code:http://rapidshare.com/files/54313505/1337EXEBinder.rar Penetration // Enumeration // Scanning // Exploitation Tools Sat, 08 Sep 2007 21:22:57 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/1337-exe-binder-t38.htm#39 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/1337-exe-binder-t38.htm http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/icepack-for-the-summer-t37.htm Administrator It's summer, about 29ºC - 84ºF in Bilbao, a sunny and beautiful day. Good time for an ice-cream. But today we'll change the menu and we'll have an IcePack instead. IcePack Platinum is the name of a new "Kit for installing malware through exploits". Regarding the exploits it uses, nothing new can be added, it is very similar to Mpack, which takes advantage of the last exploits that have appeared. This way, they have more chances to infect the users that are not patched with ... Penetration // Enumeration // Scanning // Exploitation Tools Sat, 08 Sep 2007 21:19:50 GMT http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/icepack-for-the-summer-t37.htm#38 http://security.up-your.com/penetration-enumeration-scanning-exploitation-tools-f8/icepack-for-the-summer-t37.htm