Zer0Byte

Geekiest Techno News

Archive for the ‘InfoSec’ Category

MSIE 10 aka Microsoft Internet Explorer 10 has upgraded its security measures and beat out popular browsers such as Google chrome, Mozilla Firefox, Safari, & Opera. Post running several tests on the latest versions of the five top browsers, against 754 malware-infected URLs over a month; IE10 running windows hands down achieve a whopping 99.9% ahead  [ Read More ]

Aircrack-ng Updated After 3 Years

Finally after 3 long Years, Our favorite weapon of choice got an update. A lot of fixes and improvements on all tools and documentation have been made.In addation few new tools and scripts including distributed cracking tool are also included.The Complete change log can be viewed below. Complete Aircrack-ng Changelog Version 1.2 beta 1 Version 1.2-beta1  [ Read More ]

Hello all zer0byte Lee7s ! I’m Robert Kugler a 17 years old German student who’s interested in securing computer systems. I would like to warn you that PayPal.com is vulnerable to a Cross-Site Scripting vulnerability! PayPal Inc. is running a bug bounty program for professional security researchers. https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues XSS vulnerabilities are in scope. So I  [ Read More ]

Sqli Dorking with a Huge list of Google Dorks

This a very nice easy to use Sqli dorking script made in Perl. This can be used to easily extract the results from google or bing in to a text file. I recommend edit the file erasing the word “site:” (Line 147) to get compatibility with the file of Dorks provided by Zer0 Byte (http://zer0byte.com/zeropastebin/?8a67aa4cadbf88a7#we2TTzy/Oto1K8ukCDXAxTfI/jIKs4H2ujjzExCwLng=)  [ Read More ]

KIM Dotcom Daddy of Two Factor Authentication

Really! Didn’t think Kim Dotcom could (cue music) cry me river. Only a few hours after twitter joined the group of TWO-FACTOR AUTHENTICATION users, the founder of Megaupload is proclaiming to have been the genius behind the entire mechanism & he’s got a patent to back that up. View his paten here on Goolge. Facebook, Google,  [ Read More ]

Pwning WIFI Access Points with XSS using SSID

Lee7s at CDW  found a very creative way to  pwn wifi access points that have the “site survey” option. In their white paper they conducted their test on few APs that included WIFI Pineapple aswell. Just Imagine pwning wifi pineapple haX0r with this exploit ;p BTW this exploit was even presented in this years Black hat  [ Read More ]

Leets the new bt is out with loads of tools. Tools categorys are much like BT-R3 but there some new tools as well The first thing you’ll notice is you can install directly from the live boot menu instead of a desktop icon, Which worked well for me because I was having trouble getting it to  [ Read More ]

Capture The Flag : Let-the-game-begin

Leets ARE YOU READY FOR THIS CTF !!!!!!!!!!!!!!!!!!! http://ctf365.com/  Note:-  Zer0byte.com always encourages CTF type of educational hacking competitions. CTF365 is build with passion and love for those who love challenges, want to improve their security skills, love competition and hacking. So if you are into security, ctf365.com is the right place for you. According to the  [ Read More ]

Hakin9 Magazine gets trolled

Established magazine gets remodeled with sexual inuendo :p . I Just can’t believe how a well know magazine can publish articles without even reading it. The published article “NMAP Guide”  had words like “DICKS” , “IPV7” , “7TB USB key”  and etc. It is said on the http://seclists.org that this stunt was preformed by well know  [ Read More ]

SSL BEAST’s CRIME HTTPS Web Hijack Explained

Continuing from our previous story more details have emerged about Juliano Rizzo and Thai Duong bring us CRIME, a new SSL/TLS attack technique.  CRIME [ Compresison Ratio Info-leak Made Easy] allows secure web browsers used by banks & online shopping sites to be hijacked even when they are encrypted thus capturing those CCD #’s and  [ Read More ]