Search This Blog

Showing posts with label Penetration Testing. Show all posts

During a Pen-Test University Of Kentucky Unveiled A Data Breach


Cyberspace witness a rapid surge in cyberattacks as hackers continue to steal millions of documents at an alarming rate. A thorough penetration test is important to counter their attempts throughout the year. 

Likewise, The University of Kentucky did an annual cybersecurity assessment revealing a website flaw that enables an unauthorized person to probably purchase a copy of their College of Education database. There were no financial, health, or social security data leaked in the database, which restricted identity fraud potential.

The material stolen mainly contained emails and passwords as per the letter of violation issued by the university. There have been no SSNs or financial details leaked in it. 

Penetration tests are intended to evaluate the safety, the testing tools imitate actual attack scenarios that detect and expose security holes that can result in stolen records, impaired credentials, intellectual property, PII, cardholder data, personal, protected health, data ransom, or other detrimental business results. 

Although in the last five years the UK has enhanced cybersecurity, and the issue has been spotted, the UK will now implement extra security measures. The database for the training and the testing of K-12 schools in Kentucky and other states is part of the free resource scheme known as a Digital Driver's License. \

The information in the breach included the names, e-mail addresses, and addresses of Kentucky teachers and students and more than 355,000 individuals in every 50 states and 22 other nations. UK authorities have alerted and notified the relevant regulatory bodies and the affected school districts. This breach had an impact on the university's Digital Driver’s License platform, an internet portal that was established by the university in the early 2000s in the course of an Open Source Tools for Instructional Support program (OTIS). 

“The University of Kentucky has spent more than $13 million on cybersecurity in last five years alone,” said Brian Nichols, UK’s chief information officer. “We have increased cybersecurity investments and enhanced our mitigation efforts in recent years, which enabled us to discover this incident during our annual inspection process conducted by an outside entity. Although the potential for identity theft is limited, we take this incident seriously and it is unacceptable to us. As a result, we will be taking additional measures to provide even more protection going forward. UK's chief concern is end-user privacy and protection and we are making every effort to secure end-user data.”

HconSTF v0.5 codename 'Prime' Released

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.

Hcon is very delighted to announce this, After around 14 months its released, HconSTF v0.5 codename 'Prime'  is here

Noticeable things for this version :
Now its more enhanced for,
  • Web Penetration Testing
  • Web Exploits Development
  • Web Malware Analysis
  • Osint , Cyber Spying and Doxing !!
  • and moch more with lots of hidden features

so HconSTF v0.5 briefly,
  • based on Firefox 17.0.1
  • Designed in Process based methodology
  • Less in size (40mb packed-80mb extracted), consumes less memory
  • More than 165+ search plugins
  • New IDB 0.1 release integrated
  • underlined Logging for each and every request
  • more NEW scanners for DomXSS, Reflected XSS
  • New reporting features like note taking, url logging for easy report making
  • Smart searchbox - just select and it will copy it and just change search engine to search
  • Integrated Tor, AdvoR, I2p and more proxies
  • New Grease monkey scripts (18 scripts)
More details can be found here.


BackTrack 5 R3 will be released on Aug 13th, 2012 - BT5 R3

The BackTrack Development team has planned to release an R3 revision of Backtrack Penetration Testing distribution in 2 weeks.

According to the official statment, the new release focuses on bugfixes and over 50 new tool additions – making it the most potent revision yet.

"We have released a BT5 R3 preview in BlackHat Vegas for the enjoyment of conference attendees, which can be found in their delegate bags."

" The DVD contains a BT5 R3 Gnome, 32 bit edition – burnt as an ISO (as opposed to an image). We will be taking in our last bug reports and tool suggestions from the BH / Defcon crowds for our upcoming official release, which will be on August 13th, 2012."

Current BT5 users can simply upgrade to the latest release using the regular update commands. More details will be released along with the full listing of new tools on the 13th of August.

Finally Maltego updated version 3.1 and CaseFile 1.0 released

After 2 years, finally Maltego updated version 3.1 is released. Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

Get it from here:


BackBox Linux 2.01 Released ! ~ Penetration Testing Distribution

BackBox released BackBox Linux v2.01 .The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0.

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools

  • System upgrade
  • Performance boost
  • New look
  • Improved start menu
  • Bug corrections
  • New sections such as Forensic Analysis, Documentation & Reporting and Reverse Engineering
  • New Hacking tools and updated tools such as dradis 2.8, ettercap, john 1.7.8, metasploit 4.2, nmap 5.51, set 2.5.2, sleuthkit 3.2.1, w3af 1.0, weevely 0.5, wireshark 1.6.3, etc.

System requirements
  • 32-bit or 64-bit processor
  • 256 MB of system memory (RAM)
  • 4.4 GB of disk space for installation
  • Graphics card capable of 800×600 resolution
  • DVD-ROM drive or USB port
The ISO images (32bit & 64bit) can be downloaded from the following location:

THC(The Hacker's Choice) SSL DOS tool released

Today the German hacker group “The Hacker’s Choice” officially released a new DDoS tool. The tool exploits a weakness in SSL to kick a server off the Internet.

Technical details can be found at

“We decided to make the official release after realizing that this tool leaked to the public a couple of months ago” said a member of THC who wants to remain anonymous.

The tool departs from traditional DDoS tools: It does not require any bandwidth and just a single attack computer (“bot”).

The THC-SSL-DOS attack is en par with other resource exhausting DDoS attacks. Some of those methods played a vital role in demonstrations against oppressive governments (like the DDoS attack against Iran’s leader) and against companies that violate free speech (like the DDoS attack against Mastercard for closing Wikileak’s non-profit donation account because of an alleged typo/misspelling in the application form).

“Here at THC the rights of the citizen and the freedom of speech are at the core of our research”, says a member of THC in a private interview this morning.

“We are hoping that the fishy security in SSL does not go unnoticed. The industry should step in to fix the problem so that citizens are safe and secure again. SSL is using an aging method of protecting private data which is complex, unnecessary and not fit for the 21st century.”, Says a THC member, referring to 3 major vulnerabilities disclosed in SSL over the past 3 years.

To list the 3 major vulnerabilities here THC explains: “In 2009 a vulnerability was disclosed that broke the encryption of SSL. De-facto making all SSL traffic unsafe. In 2011 various Certification Authorities got hacked. De-facto making all SSL traffic unsafe _again_.”

“We warned in 2002 about giving hundreds of commercial companies (so called Certification Authorities) a master key to ALL SSL traffic.”, says Fred Mauer, a senior cryptographer at THC. “Only a real genius can come up with such an idea!”.

“And last but not least the immense complexity of SSL Renegotiation strikes again in 2011 with the release of THC-SSL-DOS.”.

“It’s time for a new security model that adequately protects the citizens.”.

The THC-SSL-DOS tool is a Proof Of Concept tool to disclose fishy security in SSL. It works great if the server supports SSL Renegotiation. It still works if SSL Renegotiation is not supported but requires some modifications and more bots before an effect can be seen.

Our tests reveal that the average server can be taken down from a single IBM laptop through a standard DSL connection.

Taking on larger server farms who make use of SSL Load balancer required 20 average size laptops and about 120kbit/sec of traffic.

All in all superb results.

Interesting here is that a security feature that was supposed to make SSL more secure makes it indeed more vulnerable to this attack:

SSL Renegotiation was invented to renegotiate the key material of an SSL connection. This feature is rarely used. In fact we could not find any software that uses SSL Renegotiation. Yet it’s enabled by default by most servers.

An old saying comes true all over again: Complexity is the enemy of security.

“Renegotiating Key material is a stupid idea from a cryptography standpoint. If you are not happy with the key material negotiated at the start of the session then the session should be re-established and not re-negotiated”, says THC.

Zexplo v1.0 Released - Penetration Testing Toolkit

About Zexplo v1.0:Zexplo is Penetration Testing Toolkit written in Python. They released the first version of Zexplo has 6 enumeration modules for various network scanning operations such as zping, zarpcache, ztcpscan, znmapport etc and 1 exploit (filecopa). In addition to this it also has some exciting modules for man in the middle (MITM) attack and autopwn. You will also see tools such as Injector (inject modules into running process)and Encoder (with triple layer of XOR).

  • Presents 6 enumeration modules and 1 exploit
  • Includes Injector tool for injecting chosen modules into running processes
  • Special encoder featuring triple layer XOR encoder for shellcodes
  • Simple and easy to use interface even for beginners


  • Linux OS
  • Python (version < 3.0 and > 2.4)
  • Scapy - powerful packet manipulation program