Latest Movie :
Recent Posts

Blogger news

Spongebob Blog Clock in Flash

            Spongebob Blog Clock in Flash

Animation Flash Clock Blog Widget. This clock display analog and digital interface with 
date and day. Nice for your blog, web or any platform using flash (flv) in HTML script.

Tag: cartoon, yellow, sponge, bikini bottom, squarepants


<!---StartCopyHtmlScript|softwarecentre--->
<div style="text-align: center;">
<embed height="320" pluginspage="http://www.macromedia.com/go/getflashplayer" 
quality="high" src="http://files.myfrogbag.com/6vlzye/clock_spongebob.swf" type=
"application/x-shockwave-flash" width="240" wmode="transparent"></embed></div>
<!---EndCopyHtmlScript--->



Customize Note :

This widget width and height (240x320 default). Find the tag height="320" and width="240".
You can change the size according to your desire or by using medium (192x256) or small 
(120x160) in pixels.

If your blog have a lot of flash object, find the tag quality="high". Change high into medium 
or low for faster load.
- See more at: http://freewidget4u.blogspot.com/#sthash.ICgdltjp.dpuf

Cleantouch Urdu Dictionary

              Cleantouch Urdu Dictionary

cleantouch urdu dictionary free downloadDownload an Urdu to English and English to Urdu dictionary for free, This is very interesting and easy to use dictionary you can use this dictionary for building English and Urdu vocabularies. Just write a word > enter and view the meaning of that word of English of Urdu language. You can use this dictionary at your PC and you will do not need to find the meaning on the google. This dicionary is in Rar format and you should download the 7-zip to extract the rar format files, after extracting the rar file, then click on the set up to Install this dictionary on your computer. Don't miss to download this dictionary for free.
                                   Brief Information of the Dictionary.
Dictionary Name:Cleantouch Urdu Dictionary
Format:Rar
Size:14.89 MB

  Screenshot of the "Cleantouch Urdu Dictionary"  

cleantouch urdu dictionary free download


Download or read on-line the complete Dictionary from below


But before downloading this book, please share this book and like us on face book so that you will be informed about our new book through your facebook account.

                              
                                                     


Donwnload Link 2


Security and Hacking Books Pack

Security and Hacking Books Pack
Security and Hacking Books Pack
Security and Hacking Books Pack
Huge Security and Hacking books Megapack (1.96 GB)
Most are in English but many are in French.
Most are .PDF but many are either ZIPped or RARed with the .pdf (or whatever) in them. There may be just a few duplicates.

Books List:
Low Tech Hacking -Street Smarts for Security Professionals [NepsterJay].pdf
Low.Tech.Hacking.epub
Low.Tech.Hacking.pdf
Syngress - Aggressive Network Self-Defense.pdf
Syngress - Best Damn Windows Server 2003 Book Period.pdf
Syngress - Botnets - The Killer Web App.pdf
Syngress - Buffer Overflow Attacks.pdf
Syngress - Building a VoIP Network with Multimedia Communication Server 5100.pdf
Syngress - Building DMZs for Enterprise Networks.pdf
Syngress - Building SANs with Brocade Fabric Switches.pdf
Syngress - C#.NET Web Developer's Guide.pdf
Syngress - Check Point NG VPN-1 FireWall-1 Advanced Configuration and Troubleshooting.pdf
Syngress - Cisco Security - Professional's Guide to Secure Intrusion Detection Systems.pdf
Syngress - Cisco Security - Specialist's Guide to PIX Firewalls.pdf
Syngress - Combating Spyware in the Enterprise.pdf
Syngress - Creating Security Policies and Implementing Identity Management with Active Directory.pdf
Syngress - Cyber Adversary Characterization - Auditing the Hacker Mind.pdf
Syngress - Cyber Crime Investigations.pdf
Syngress - Cyber Spying - Tracking your Family's Secret Online Lives.pdf
Syngress - Developer's Guide to Web Application Security.pdf
Syngress - Email Virus Protection Handbook.pdf
Syngress - Enemy at the Water Cooler.pdf
Syngress - Essential Computer Security.pdf
Syngress - Google Hacking for Penetration Tester - Vol.1.pdf
Syngress - Google Hacking for Penetration Tester - Vol.2.pdf
Syngress - Google Talking.pdf
Syngress - Hack Proofing Linux.pdf
Syngress - Hack Proofing Sun Solaris.pdf
Syngress - Hack Proofing Windows 2000 Server.pdf
Syngress - Hack Proofing XML.pdf
Syngress - Hack Proofing your Identity in the Information Age.pdf
Syngress - Hack Proofing your Network - 2nd Edition.pdf
Syngress - Hack Proofing your network.pdf
Syngress - Hack Proofing your Web Applications.pdf
Syngress - Hack Proofing your Wireless Network.pdf
Syngress - Hack the Stack.pdf
Syngress - How to Cheat at Securing a Wireless Network.pdf
Syngress - InfoSec Career Hacking - Sell your Skillz not your Soul.pdf
Syngress - Intrusion, Prevention and Active Response.pdf
Syngress - LEGO Software Power Tools.pdf
Syngress - Linksys WRT54G Ultimate Hacking.pdf
Syngress - Metasploit Toolkit for Penetration Testing, Exploit Development and Vulnerability Research.pdf
Syngress - Microsoft Vista for IT Security Professionals.pdf
Syngress - Nessus Network Auditing.pdf
Syngress - Ninja Hacking - Unconventional Penetration Testing Tactics and Techniques.pdf
Syngress - Nmap in the Enterprise - Your Guide to Network Scanning.pdf
Syngress - OS X for Hackers at Heart.pdf
Syngress - Penetration Tester's Open Source Toolkit - Vol.1.pdf
Syngress - Penetration Tester's Open Source Toolkit - Vol.2.pdf
Syngress - Phishing Exposed.pdf
Syngress - Practical VoIP Security.pdf
Syngress - Programmer's Ultimate Security Deskref.pdf
Syngress - RFID Security.pdf
Syngress - Scene of the Cybercrime - Computer Forensics Handbook.pdf
Syngress - Scripting VMware Power Tools.pdf
Syngress - Secure Your Network for Free.pdf
Syngress - Securing the Cloud - Cloud Computer Security Techniques and Tactics.pdf
Syngress - Security Assessment Case Studies for Implementing the NSA IAM.pdf
Syngress - Security Log Management - Identifying Patterns in the Chaos.pdf
Syngress - Security Sage's Guide to Hardening the Network.pdf
Syngress - Security+ Study Guide.pdf
Syngress - Snort 2.0 Intrusion Detection.pdf
Syngress - Snort 2.1 Intrusion Detection - 2nd Edition.pdf
Syngress - Snort IDS and IPS Toolkit.pdf
Syngress - Sockets, Shellcode, Porting and Coding - Reverse Engineering Exploits.pdf
Syngress - Special Ops - Host and Network Security for Microsoft, UNIX, and Oracle.pdf
Syngress - SQL Injection Attacks and Defense.pdf
Syngress - Stealing the Network - How to Own a Shadow.pdf
Syngress - Stealing the Network - How to Own the Box.pdf
Syngress - Systems Security Certification Practitioner Study Guide.pdf
Syngress - Techno Security’s Guide to Managing Risks.pdf
Syngress - The Mezonic Agenda - Hacking the Presidency.pdf
Syngress - VB.NET Developer's Guide.pdf
Syngress - WarDriving and Wireless Penetration Testing.pdf
Syngress - Wireless Hacking - Projects for Wi-Fi Enthusiasts.pdf
Syngress - Wireshark and Ethereal - Network Protocol Analyzer Toolkit.pdf
Syngress - Writing Security Tools and Exploits.pdf
Syngress - XSS Attacks.pdf
Syngress - Zen and the Art of Information Security.pdf
Syngress - Zero Day Exploit - Countdown to Darkness.pdf
The Hackademy - Hors Serie 1.pdf
The Hackademy - Hors Serie 2.pdf
The Hackademy - Hors Serie 3.pdf
The Hackademy Prog - Apprendre à Programmer en C.pdf
The Hackademy Prog - Apprendre à Programmer en PHP.pdf
The Hackademy School - Hack Newbie.pdf
The Hackademy School - Hack Security Pro.pdf
The Hackademy School - Linux.pdf
The Hackademy School - Mini Guide Anonymat.pdf
The Hackademy School - Newbie - part 1.pdf
The Hackademy School - Newbie - part 2.pdf
The Hackademy School - Newbie - part 3.pdf
The Hackademy School - Newbie - part 4.pdf
The Hackademy School - Securite wifi.pdf
ZI Hackademy - Newbie 1.pdf
ZI Hackademy - Newbie 2.pdf
ZI Hackademy - Newbie 3.pdf
[0 - List].txt
A Closer Look At Ethical Hacking And Hackers.pdf.7z
Analyse Apres L'attaque.pdf.7z
Analyse De Code Malveillant.pdf.7z
ARP Cache Poisonning.pdf
ARP Poisonning.pdf
Attacking The DNS Protocol.pdf
Avantages Et Faiblesses Du Protocole SSH.pdf.7z
Buffer Overflow.pdf
CERTA - Les Mots De Passe.pdf.7z
Certified Ethical Hacker (CEH) v3.0 Official Course.pdf
Cle De Registre Suspecte.pdf.7z
Codage De Huffman.pdf.7z
Cognitive Hacking.pdf.7z
Commande DOS.rtf
Cracker Les SSHA Sous LDAP.pdf.7z
Credit Card Hacking.pdf
Cross Site Request Forgery II.pdf
Cross Site Request Forgery.pdf
CSTA Ethical Hacking Hands On.pdf.7z
Culture Du Don Dans Le Logiciel Libre.pdf.7z
Dangerous Google Searching for Secrets.pdf.7z
Dangerous Google.pdf
Data Breach Hacking Category Summary 2007.pdf.7z
Data Breach Hacking Category Summary 2008.pdf.7z
Database Security Using White-Hat Google Hacking.pdf.7z
Debugging Session - Anti-Anti-ptrace Or Fooling The Debugger Fooler.pdf.7z
Decimalisation Table Attacks For PIN Cracking.pdf.7z
Ebay Hacks 100 Industrial-Strength Tips And Tools.pdf.7z
eBook Fr - 2020 Hackers - 214 Pages Pour Apprendre Le Hacking En Francais - Cours De Hacking-Shared By KoraS.rar
Ethical Hacking And Countermeasures.pdf.7z
Ethical Hacking.pdf.7z
Extensions Personnalisees Pour IPTables.pdf.7z
Faille XSS.txt
Forensics Analysis Of Hacking Cases.pdf.7z
Game Hacking.pdf.7z
Google Hack.pdf
Guide De Securite.pdf.7z
Hack I.T.pdf
Hack It Security Through Penetration Testing.pdf.7z
Hack Proofing Your Network .pdf
Hack Proofing Your Network Internet Tradecraft.pdf.7z
Hackademy - Cours 3.pdf
Hackademy.hs2.rar
Hackademy.Magazine.Hors Serie.N1.rar
Hackademy_cours_anonymat.PDF
Hacker's Handbook.pdf
Hacker.news.magazine.N21.French.Ebook.rar
HackernewsmagazineN18.rar
Hacker_Mag_N_20_MtBlog.rar
Hacking - The Art Of Exploitation.chm.7z
Hacking For Profit.pdf.7z
Hacking GMail.pdf
Hacking Into Computer Systems.pdf.7z
Hacking Intranet Website From The Outside.pdf.7z
Hacking jBoss.pdf.7z
Hacking Leopard.pdf.7z
Hacking Mashing Gluing.pdf.7z
Hacking Matter.pdf.7z
Hacking Offences.pdf.7z
Hacking Practices And Software Development.pdf.7z
Hacking Primes.pdf.7z
Hacking Secrets Revealed.pdf.7z
Hacking Securite Hand-Book.pdf.7z
Hacking The Frozen WASTE For Cool Objects.pdf.7z
Hacking The Genome.pdf.7z
Hacking The Windows Regisrty.pdf
Hacking The Windows Registry.pdf.7z
How Hackers Do It.pdf.7z
How To Make Key Generators.pdf.7z
How To Steal An Election By Hacking The Vote.pdf.7z
Injection SQL Part II.html
Injection SQL.html
Kevin_Mitnick_-_The_Art_of_Intrusion.rar
L'ethique Hacker De Pekka Himanen.pdf.7z
Le Vrai Visage De La Matrice.pdf.7z
Les .htaccess.txt
Les Dumps Memoires.pdf.7z
Les Systemes De Detection D'intrusion Vus De L'interieur.pdf.7z
Menace 650.pdf
Microsoft SQL Server Passwords.pdf.7z
More Than 40 Million Credit And Debit Card Numbers Stolen.pdf.7z
O'Reilly - Network Security with OpenSSL Ebook - Fly.rar
O'Reilly.-.Network.Security.Hacks.rar
offensive-security-labs-os-2402.pdf
Offensive-Security.pdf
Preventing Web App Hacking.pdf.7z
Righttoleft Override.pdf.7z
Rootkits Sous Oracle.pdf.7z
Secrets of a Hacker.pdf
Securing IIS By Breaking.pdf.7z
Securing-Optimizing-Linux-RH-Edition-v1.3.pdf
Securiser Ses Serveurs Avec Les Tests De Vulnerabilites.pdf.7z
Securite Informatique Principes Et Methode.pdf.7z
Security IIS.pdf
Security_Plus_Fast_Pass_-_Sybex.pdf
Steganographie - Techniques.pdf.7z
Tests d'Intrusion Des Acces Internet.pdf.7z
Tests De Penetration Internes.pdf.7z
The Hackademy Prog n1 Ebook Fr-Library.pdf
The Hackers Handbook 2.pdf.7z
The Hackers Handbook.pdf.7z
The Performance Of Technology.pdf.7z
The Web Hacking Incidents Database Annual Report 2007.pdf.7z
They are Hacking Our Clients.pdf.7z
Thinking Like A Hacker.pdf.7z
Zi Hackademy - Cours 1.pdf
Zi Hackademy - Cours 2.pdf
[0 - List].txt
[CLUSIF] Les Virus Informatiques.pdf
[EDIGO] Le piratage de A a Z.pdf
[HACKADEMY] Cours deuxieme niveau partie .pdf
[HACKADEMY] Cours deuxieme niveau partie 1.pdf
[HACKADEMY] Cours Newbie+.pdf
[HACKADEMY] Cours Newbie.pdf
[SPRINGER] Les virus informatiques - theorie, practique et applications.pdf
Advanced Exploitation Of Buffer Overflow.pdf.7z
ASLR Smack.pdf.7z
ASLR.pdf.7z
Attacking The DNS Protocol.pdf.7z
Attaque Man In The Middle Sur La Connexion Chiffree De Jabber.pdf.7z
Attaque Par Factorisation Contre RSA.pdf.7z
CERTA - Securite Des Reseaux Sans Fil.pdf.7z
CERTA - Sécurité Des Applications Web Et Vulnérabilité De Type Injection De Données.pdf.7z
Comment Contourner La Protection Aleatoire De La Pile Sur Le Noyau 2.6.pdf.7z
Cracking SQL Passwords.pdf
Creation De Portes Derobees Sophistiquees Sous Linux - Reniflage De Paquets.pdf.7z
Creation Des Shellcodes Sous Architecture Linux x86.pdf.7z
Creer Un Shellcode Polymorphique.pdf.7z
Cross-Site Tracing (XST).pdf.7z
Cryptographie Classique - Exercice 1.pdf.7z
En Memoire Aux Timing Attacks.pdf.7z
Exploitation Avancee Buffer Overflow.pdf.7z
Exploitation Et Defense Des Applications Flash.pdf.7z
Feed Injection In Web 2.0.pdf.7z
Google Dangereux - A La Recherche Des Informations Confidentielles.pdf.7z
Google Hacking Of Oracle Technologies V1.02.pdf.7z
Google Hacking.pdf.7z
Google Hacks.pdf.7z
GSM - Qui Peut Ecouter Mon Portable.pdf.7z
Guide De Securite PHP 1.0.pdf.7z
Hacking Bluetooth Enabled Mobile Phones And Beyond.pdf.7z
Hacking Du Noyau Et Anti-Forensics.pdf.7z
Hacking Gmail.pdf.7z
Hacking The Invisible Network.pdf.7z
Hacking VoIP Exposed.pdf.7z
Hacking Web Applications Using Cookie Poisoning.pdf.7z
How To Make Keygens.pdf
Image Anti-bot Et Fichier Wav .pdf.7z
Ingenierie Inverse Du Code Executable ELF Dans L'analyse Apres Intrusion.pdf.7z
Injection HTML Hackin9.pdf.7z
Injections SQL Les bases.pdf.7z
Introduction Aux Audits De Sécurités Dans Des Applications.pdf.7z
Introduction Aux Vulnérabilités Web.pdf.7z
Invisibilite Des Rootkits.pdf.7z
Le Phishing.pdf.7z
Le Scannage De Ports Vu Par L'administrateur.pdf.7z
Linux Security Modules - General Security Hooks For Linux.pdf.7z
NC commands.pdf
Netcat tuto.txt
Netcat.txt
Securite Wi-Fi - WEP WPA et WPA2.pdf.7z
Securites Des Comptes Sous Unix.pdf.7z
Shell Netcat.txt
Shells Restreints - Comment Les Detourner.pdf.7z
Systemes Includes Secure.pdf.7z
Sécurisation Script PHP et Mysql.pdf.7z
Type-Assisted Dynamic Buffer Overflow Detection.pdf.7z
Unixgarden - Techniques Obfuscation De Code - Chiffrer Du Clair Avec Du Clair.pdf.7z
Unixgarden - Timing Attack Et Hyperthreading.pdf.7z
Vulnerabilités De Type Format String.pdf.7z
Yahoo Hacking Of Oracle Technologies.pdf.7z
[0 - List].txt
1. addison wesley - advanced programming languages design.pdf
2. compiler construction manual.pdf
3. compilers and compiler generators in C++.pdf
4. morgan kaufmann - engineering a compiler (Draft).pdf
5. Algorithms For Compiler Design.pdf
Art of Intel x86 Assembly.pdf
DEFCON-18-Ahmad-WPA-Too.pdf
O'Reilly - Practical C Programming, 3Rd Edition.pdf
Prentice Hall - Expert C Programming - Deep C Secretes.pdf
Prentice Hall - The ANSI C Programming Language 2nd ed. by Brian W. Kernighan and Dennis M. Ritchie.pdf
The Art Of Assembly Language Programming.pdf
www.softwarecentre.co.vu

 Download :

RapidShare

 
Or

FileFactory

HACK HOTMAIL ACCOUNTS : HOTMAIL HACKER

HACK HOTMAIL ACCOUNTS : HOTMAIL HACKER
I had previously discussed about Gmail Hacker to hack Gmail accounts. Likewise, this software can hack Hotmail accounts. Just follow the steps below:

1. Extract the RAR archive in a separate folder.
2. Run Hotmail Hacker Builder.exe file on your computer.
3. Enter your email address, password and subject of email you wanna receive. I suggest you to create a new email ID for this. You can use Gmail or Yahoo but avoid using Hotmail account. This email will contain the password you wanna hack. Also select appropriate smtp server address. The default smtp server address 587 is of gmail. You can google for smtp server addresses or can find it here. Also, write a fake error message to display on the screen or leave it default.
4. Click on "Build". This will create your own Hotmail hacker in Hotmail hacker folder.
5. Now, send this Hotmail Hacker.exe file to victim of which you wanna hack Hotmail password and convince him that this program can hack anyone's Hotmail password (lil bit of Social Engineering).
6. Ask him to run Hotmail Hacker.exe and enter all information including his Hotmail ID and password and Hotmail ID of victim he wanna hack. As he enters this information and hits "Login and Start", he will receive a error message.
7. You will receive an email in your account containing his password. Hooray!!! you will now be able to hack hotmail password. Enjoy!!!

Download by cliking the logo
 
http://www.mediafire.com/download.php?zjogjlw0ndm

 

HACK THE HACKER : BIN TEXT

HACK THE HACKER : BIN TEXT
Bin Text is basically a text extractor software used to extract text from application or any file. It can extract email ID and password from applications like Hotmail Hacker and Gmail Hacker. Step by Step usage and tutorial is below:

1. Refer my article Hack Gmail Accounts : Gmail Hacker to create Gmail Hacker.exe file.
2. Unzip the downloaded Bin Text software in a separate folder.
3. Open Bin Text and browse for the location where you have kept the Gmail Hacker.exe file that you have created. Now Hit Go.
4. Bin Text will scan the whole file and display all the extracted text from Gmail Hacker.exe file.
5. Now scroll down till you find email address and password as I have shown in the screen shot above.

This means that if your friend or someone else has given you this Gmail hacker software and told you that this software can hack email accounts and if you feel suspicious of him, you can easily hack his email account password. Enjoy hacking the hacker!!!

Download by clicking the logo
 
http://www.mediafire.com/download.php?yoeiinztzyy
 

BOMB MOBILPHONE WITH SMS :BEAVER'S SMS BOMBER PRO

BOMB MOBILPHONE WITH SMS :BEAVER'S SMS BOMBER PRO
This program will bomb the victim's mobile phone with tons of SMS. It supports all major networks around the world. But if your network is not in the list, then don't worry, you can also add the carrier network with the help of "custom" option. You can also load list of multiple victims and bomb them simultaneously. The improvement that Beaver has made in this version over his previous SMS Bomber is that you can spoof the email address from which you are bombing the victim's mobile phone. For Example, If there was an error sending the message, it will ask you if you wanna change the E-mail/Password you are using. All credits to Beaver for this nice program.

                                                          Download by clicking the logo
Download

IMVU Credits Hack • Best Hacking Tools

IMVU Credits Hack • Best Hacking Tools



If you’ve found this video you’re most likely looking for a way to effortlessly generate IMVU credits without spending a single cent.
There’s a maximum of 999,999, but you can always reset your balance later.
If you create a new account IMVUtrix has a tool to automatically unlock everything for you and will set your email status as verified.
Once you’ve done this go ahead and press the big “3,000 Credits” button. The program will take a minute to hook into the game and adjust your credits variable. It can take up to 25 minutes for the server to register the change, but you should see it much sooner.
In the menu you can automatically check for updates to make sure you’re running the most recent version of the program.
Due to the nature of credit hacking programs only a limited number of downloads will be available! Limiting the number of users helps to maintain and strengthen the longevity of this tool, while minimizing the need for sometimes lengthy updates.
Act now and download your copy while it’s still available!

Download “ROM Multi-Hack” Rom-Multi-Hack

Download “ROM Multi-Hack” Rom-Multi-Hack

-Features-
See stealthed rogues
God Sight
Swim hack
Duel Hack
Wall Climb
No Fall
Speed Hack
Teleport Hack
Sprint
Grow / Shrink Target
Suicide (No XP Debt)
Download “ROM Multi-Hack” Rom-Multi-Hack.zip – Downloaded 1466 times – 934 B

Club Penguin Membership Generator Video Transcript

Club Penguin Membership Generator Video Transcript

Club Penguin Membership Generator Penguinator
Hey guys, I just wanted to make a quick video to show you this cool tool I found called Penguinator.
It’s a Club Penguin membership generator for club penguin and it makes one week membership codes.
I’ve already flipped through a few of them, I guess the first few of you guys to get to the video can go ahead and use those. I’m just going to take this one here, make sure to take out the dashes because that’s how club penguin wants it. To show you that I’m not already a member I’m just going to go ahead and log in real quick. I’ll show you my account and that it’s not upgraded or anything. Flip some pizza in the meantime, apparently. Anyway, we’ll go into Below Zero since it’s not full. Flip some more pizza.
And as soon as it loads here, I’ll show you that I am in fact in the real club penguin not some private server.
If we go into the player information you’ll notice that it’s just a normal basic account, I just made it. If you don’t know what to look for it’s the star on the top left. When you’re a member it will change and say so. We’re just going to go ahead to the membership tab on the webpage and click code redemption. Wait for this to load up and we will throw in the code we generated a minute ago. Next we’ll do all the verification stuff by putting in out email. I’ll blur out my email so you guys don’t send me stuff.
Put the code in, click redeem, and it was successful. It’s as easy as that.
If we click log in it will take us back into the game and I can show you for sure that I’ve been upgraded to a member capable of wearing member items and puffles and whatever else it is you do with a membership. As soon as we flip some more pizza here.
So if I go back into my membership button we can see even the icon on the bottom has changed and the star now say’s I’m a member. So we’ve been upgraded successfully and are now capable of doing all the membership stuff. So the Club Penguin Membership Generator was a success!
Enjoy guys, have fun with this!
Download “Penguinator V1.0.3” Penguinator-V1.0.3.zip – Downloaded 28467 times – 74 kB

[WinAppDbg 1.5] Python Debugger

[WinAppDbg 1.5] Python Debugger


The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.

It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach your script as a debugger, trace execution, hook API calls, handle events in your debugee and set breakpoints of different kinds (code, hardware and memory). Additionally it has no native code at all, making it easier to maintain or modify than other debuggers on Windows.

The intended audience are QA engineers and software security auditors wishing to test / fuzz Windows applications with quickly coded Python scripts. Several ready to use utilities are shipped and can be used for this purposes.

Current features also include disassembling x86/x64 native code, debugging multiple processes simultaneously and produce a detailed log of application crashes, useful for fuzzing and automated testing.

What’s new in this version?

In a nutshell…
  • full 64-bit support (including function hooks!)
  • added support for Windows Vista and above.
  • database code migrated to SQLAlchemy, tested on:
    • MySQL
    • SQLite 3
    • Microsoft SQL Server
    should work on other servers too (let me know if it doesn’t!)
  • added integration with more disassemblers:
  • added support for postmortem (just-in-time) debugging
  • added support for deferred breakpoints
  • now fully supports manipulating and debugging system services
  • the interactive command-line debugger is now launchable from your scripts (thanks Zen One for the idea!)
  • more UAC-friendly, only requests the privileges it needs before any action
  • added functions to work with UAC and different privilege levels, so it’s now possible to run debugees with lower privileges than the debugger
  • added memory search and registry search support
  • added string extraction functionality
  • added functions to work with DEP settings
  • added a new event handler, EventSift, that can greatly simplify coding a debugger script to run multiple targets at the same time
  • added new utility functions to work with colored console output
  • several improvements to the Crash Logger tool
  • integration with already open debugging sessions from other libraries is now possible
  • improvements to the Process and GUI instrumentation functionality
  • implemented more anti-antidebug tricks
  • more tools and code examples, and improvements to the existing ones
  • more Win32 API wrappers
  • lots of miscellaneous improvements, more documentation and bugfixes as usual!

[XSS Cheat Sheet] Bypassing Modern Web Application Firewall XSS Filters

[XSS Cheat Sheet] Bypassing Modern Web Application Firewall XSS Filters

While we doing web application penetration testing for our clients, we may some time have to face the Web application Firewall that blocks every malicious request/payload.

There are some Cheat sheets available on internet that helped to bypass WAF in the past. However, those cheats won't work with the modern WAFs and latest browsers.  
So, here is need for creating new Cheat sheet.

One of the top security researcher Rafay Baloch has done an excellent job by organizing his own techniques to bypass modern WAFs and published a white paper on that.

The paper titled "Modern Web Application Firewalls Fingerprinting and Bypassing XSS Filters" covers only the techniques needed for bypassing XSS filters.

Rafay promised to write other vulnerabilities' bypassing techniques in his next paper.



[Hook Analyser 3.0] A Freeware Malware Analysis and Cyber Threat Intelligence Software

[Hook Analyser 3.0] A Freeware Malware Analysis and Cyber Threat Intelligence Software


In terms of improvements, a new module has been added - Cyber Threat Intelligence. Threat Intel module is being created to gather and analyse information related to Cyber Threats and vulnerabilities.

The module can be run using HookAnalyser.exe (via Option 6 ), or can be run directly.

The module present information on a web browser (with dashboard alike representation) with the following sections -
  1. Threat Vectors - by (%) Country
  2. Threat Vectors - by Geography 
  3. Vulnerability / Threat Feed.
Project documentation - Click Here

Here is the screenshot of the Cyber Threat Intelligence dashboard -




Cloud Computing Adoption by Federal Agencies Increases 400%

Cloud Computing Adoption by Federal Agencies Increases 400%

 

Tripwire has announced the results of the second annual survey on cloud security technology trends in the federal government which found that despite the security concerns often cited as roadblocks to cloud adoption, U.S. federal agencies are rapidly expanding their adoption of cloud infrastructure.
In fact, according to a recent report from Deltek, the federal cloud computing market is projected to grow at a compound annual growth rate of 32 percent over the next three years.
Key 2013 findings from the Tripwire survey include:
  • 58 percent say federal initiatives designed to encourage cloud adoption have improved security.
  • Four times more respondents say they are outsourcing at least one third of their IT infrastructure to cloud vendors than in 2012.
  • 50 percent are moving moderate-impact data to the cloud, compared with just 31 percent in 2012.
  • Only 28 percent say FedRAMP’s baseline security controls accelerated their agency’s migration to the cloud, compared with 11 percent in 2012.
“A few years ago, the federal government made bold claims with its ‘cloud first policy,’ said Dwayne Melancon, chief technology officer for Tripwire. “The data indicates that this move is working – not only do stakeholders perceive improved security from this initiative, they are showing confidence by moving more important data and workloads into the cloud.
“We’re also seeing a slow but steady increase in the adoption of baseline security controls,” Melancon continued. “This is an area where effort should be applied to accelerate progress, otherwise we run the risk of cloud adoption being impacted by a major security event.  Broader adoption of FedRAMP’s baseline security controls can help mitigate that risk.”
Tripwire’s federal survey was conducted by Dimensional Research from September 26 through October 4, 2013. The results of the survey were compared to nCircle’s Federal Information Security Trends Study conducted in 2012. Tripwire acquired nCircle in April 2013.
The survey evaluated the attitudes of more than 100 federal information technology professionals from military, intelligence and civilian agencies.

Hackers Hit Federal Election Commission Hard During Shutdown

Hackers Hit Federal Election Commission Hard During Shutdown


Almost immediately after the government shutdown this fall sent critical systems support personnel home, Federal Election Commission systems were hit in what is being described as “the worst act of sabotage in its 38-year history.”
A report from the Center for Public Integrity (CPI) revealed that the agency had furloughed all 339 agency employees, and that not a single staffer had been deemed “necessary to the prevention of imminent threats,” the threshold that would have allowed key personnel to remain on the job.
“They waylaid the Federal Election Commission’s networks. They crashed computer systems that publicly disclose how billions of dollars are raised and spent each election cycle by candidates, parties and political action committees,” according to the CPI report.
“And it happened just months after an independent auditor commissioned by the government warned that the FEC’s information systems were at ‘high risk’ to infiltration — a charge the FEC roundly disputed, saying its ‘systems are secure.’”
In addition to the attack, the CPI’s investigation found that:
  • The commission over the past year has reached a paralyzing all-time low in its ability to reach consensus, stalling action on dozens of rulemaking, audit and enforcement matters, some of which are years old.
  • Despite an explosion in political spending hastened by key Supreme Court decisions, the agency’s funding has remained flat for five years and staffing levels have fallen to a 15-year low.
  • Analysts charged with scouring disclosure reports to ensure candidates and political committees are complying with laws have a nearly quarter-million-page backlog. Commissioners themselves are grappling with nearly 270 unresolved enforcement cases.
  • Staff morale has plummeted as key employees have fled and others question whether their work remains relevant. Among top FEC jobs currently unfilled or filled on an “acting” basis: general counsel, associate general counsel for policy, associate general counsel for litigation, chief financial officer and accounting director. The staff director doubles as IT director.
“As the nation heads into what will undoubtedly be the most expensive midterm election in history and a 2016 presidential election that, in no small way, has already begun, the FEC is rotting from the inside out,” the SPI report concluded.
Powered by Blogger.

Blogroll

 
Support : Creating Website | faizanTemplate | Mas Template
Copyright © 2011. Free Center! - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by softwarecentre