MySQL Remote Root Authentication Bypass (CVE-2012-2122)
Follow @FantaGhost A new vulnerability discovered in MySQL Server allow an attacker to gain remote root privileges. According to the original article posted on SC Magazine “Security experts have...
View ArticleUpdate your Linux distro using wget, yum or apt-get behind a proxy.
Follow @FantaGhost As you probably know, patching process is a very important aspect of security strategy and lifecycle: both Windows and *nix systems must be patched against vulnerabilities and...
View ArticleHow to scan a remote host anonymously using Nmap, Tor and Proxychain
Follow @FantaGhost In this post I will try to explain how to scan a remote host anonymously using Nmap, tor and proxychains tools. This tutorial is based on Debian-like distributions. I don’t explain...
View ArticleHow to crack MD5 hashes using free online resources
Follow @FantaGhost What is a MD5 hash ? I asked Wikipedia and it told me that is a “widely used cryptographic hash function that produces a 128-bit (16-byte) hash value“. To be more specific,Â...
View ArticleHow to install Netsniff-ng, an high performance open source network sniffer.
Follow @FantaGhost “Netsniff-ng is a free, high performance Linux networking toolkit. The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel...
View ArticleRasperry PI : install PWNPI 3.0, a pentest-oriented Raspberry distribution
Follow @FantaGhost Finally my Raspberry PI Model B Rev.2 is arrived !! I choose to buy an used one just to start some testing I choose PWNPI 3.0 as operating system because it contains lots of useful...
View ArticleVareseNews published my article about Home Computer Security
Follow @FantaGhost My article about Home Computer Security has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleThe hidden side of Internet: access it anonymously using FreeNet
Follow @FantaGhost Every time we access an Internet resource (web, mail, IRC, etc…) our ADSL modem or router is connected “directly”: all packets transmitted by our computer are addressed via routers...
View ArticleCheck systems security with Lynis
Follow @FantaGhost How many times have you wondered about your systems security ? Using Linux or Mac is not enough! You must check and configure your systems to be as secure as possible. To do this we...
View ArticleVareseNews published part two of my article about Computer Security
Follow @FantaGhost My article about Home Computer Security Part 2 has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleVareseNews published part three of my article about Computer Security
Follow @FantaGhost My article about Home Computer Security Part 3 has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleFGscanner is available for Download
Follow @FantaGhost Hi All! I finally completed FGscanner :) FGscanner is a perl script useful for finding directories that are not indexed, hidden pages, development or test folders on a webserver....
View ArticleFGscanner has been published by PacketStorm Security
Follow @FantaGhost PacketStorm Security has published FGscanner under it’s Tools section. You can find it here
View ArticleSANS Holiday Challenge 2013 Report
Follow @FantaGhost The SANS Holiday Challenge is an high-skilled Ethical Hacking technical exercise sponsored by SANS Cybercon and organized by Counterhack team. The 2013 edition is the tenth annual...
View ArticleIn-depth analysis of mmpifmxnth..vbs malware
Follow @FantaGhost Last week I was asked to check a Windows 7 x64 laptop due an extremely poor performances, so as first step I run a complete scan with AntiMalwareBytes free and Avira Antivirus. This...
View ArticleHeartbleed Testing and Detecting
A critical vulnerability has been identified in OpenSSL versions 1.0.1 – 1.0.1f (CVE-2014-0160) and it is well explained on HeartBleed website. Exploiting the HeartBleed vulnerability. Basically, an...
View ArticleCyber threats landscape and defense workshop
The Cyber threats landscape and defense workshop was held April 14th at ISIS “C. Facchinetti” Institute. The two-hours workshop was intended to illustrate and explain the evolution of cyber threats in...
View ArticleMalware related archives decryption using strings command
Cyber attacks landscape is evolving rapidly, reaching high levels of sophistication and complexity in order to exploit and breach enterprises, government entities, universities, financial institutions,...
View ArticleFgScanner included in BlackArch Linux
FgScanner has been included in BlackArch Linux. What is BlackArch Linux ? “BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository...
View ArticleMalvertising: una minaccia in espansione
Today the speech “Malvertising: una minaccia in espansione” has been hosted by “Festival ICT 2014″ in room 9 at 2:25 PM. Giacomo Milani and I have talked about Malvertising threats, infections trend,...
View Article
More Pages to Explore .....