background preloader

SecLists.Org Security Mailing List Archive

SecLists.Org Security Mailing List Archive

SSL MITM Proxy Description mitm-proxy is an Java-based SSL proxy that acts as a "man in the middle". In other words, proxied HTTPS requests are terminated by the proxy and resent to the remote webserver. The server certificates presented to the client (i.e. a web browser) are dynamically generated/signed by the proxy and contain most of the same fields as the original webserver certificate. Documents Download NOTE: this tool can NOT be used for any commercial purposes, as is, because it makes use of an educational/research version of the IAIK JCE library. Version 1.0 (April 12th, 2007) Usage The mitm-proxy requires a Java runtime (1.5 or later) and has been tested on various windows and linux platforms. The proxy server is started from the command line in the following way: java mitm.MITMProxyServer [options] Where options can include: [-localHost <host name/ip>] Default is localhost [-localPort <port>] Default is 8001 [-keyStore <file>] Key store details for [-keyStorePassword <pass>] certificates. Credits

Tutorial: Facebook RSS feed Every Facebook page has an RSS feed. You can subscribe to that feed with your RSS reader. You can also embed it or build applications that use it and everything else you can do with an RSS feed. The only thing is, finding the URL of the feed can be difficult, so i decided to help a little and write this guide. Example use case

Remote Exploit How to use Google for Hacking Google serves almost 80 percent of all the search queries on the Internet, proving itself as the most popular search engine. However, Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post, you will find the information on how to use Google for exploiting security vulnerabilities that exists within many websites. The following are some of the ways to use Google for hacking: 1. There exists many security cameras that are used for monitoring places like parking lots, college campus, road traffic etc. inurl:”viewerframe? Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. intitle:”Live View / – AXIS” 2. intitle:”curriculum vitae” “phone * * *” “address *” “e-mail” 3. “?

How ‘Social Intelligence’ Can Guide Decisions By offering decision makers rich real-time data, social media is giving some companies fresh strategic insight. In many companies, marketers have been first movers in social media, tapping into it for insights on how consumers think and behave. As social technologies mature and organizations become convinced of their power, we believe they will take on a broader role: informing competitive strategy. In particular, social media should help companies overcome some limits of old-school intelligence gathering, which typically involves collecting information from a range of public and propriety sources, distilling insights using time-tested analytic methods, and creating reports for internal company “clients” often “siloed” by function or business unit. Today, many people who have expert knowledge and shape perceptions about markets are freely exchanging data and viewpoints through social platforms. Exhibit 1: From identifying data to mapping people and conversations Exhibit 2: Notes 1. 2.

CEH | Certified Ethical Hacker | Etik Hacker Halalbook, le réseau social des musulmans SecurityStandard.pl 31.12.2012, godz. 11:00 Firma Imperva przeprowadziła badanie, w którym przetestowała skuteczność ponad 40 różnych rozwiązań antywirusowych, zarówno płatnych jak i bezpłatnych, pod kątem wykrywalności nowo utworzonych wirusów. Z raportu, który powstał po badaniu wynika, że jedynie niecałe 5% rozwiązań antywirusowych jest w stanie wykryć od razu wcześniej nieskatalogowane wirusy, a wielu antywirusom zaktualizowanie bazy sygnatur zajęło nawet miesiąc lub więcej. 8 703 31.12.2012, godz. 08:46 Coraz więcej firm korzysta z dużych zbiorów danych, rzadko myśląc o ich bezpieczeństwie. 13.11.2012 Platforma Google Android znajduje się pod ostrzałem twórców złośliwego oprogramowania. 13.11.2012 Aplikacja współpracująca z systemem ERP powinna być połączona z firmową siecią. 06.11.2012 W wielu przypadkach ryzyko ataków na urządzenia mobilne można łatwo zminimalizować. 30.10.2012 Odejście administratora systemów informatycznych to wyzwanie dla każdej firmy.

Related: