PUBLIC MARKS with tags info-sec & hacking

F-Script is a lightweight open-source scripting layer specifically designed for the Mac OS X object system (i.e. Cocoa). F-Script provides scripting and interactive access to Cocoa frameworks and custom Objective-C objects. It aims to be a useful and fun tool for both beginners and experts, allowing interactively exploring, testing and using Cocoa-based objects and frameworks.

General | Hacking | Networking | Security

Internet Security Portal: by Zinho

XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The documents, tools and other content on this site assume you have a basic understanding of XSS issues and existing exploitation methods. If you are not famliar with XSS, then I recommend you check out the primer links/docs below to get a better of idea of what XSS is and how to detect it, fix it, and exploit it.

Several named pipe security flaws have been discovered in recent years. However the technicalities involved in their discovery are widely unknown and undocumented. In fact, there isn't even a common terminology to define these security flaws. This paper will present a common terminology and define the intricacies of discovering and exploiting these security flaws. Past named pipe related vulnerabilities will be explored as well as areas in which vulnerabilities could be discovered in the future.

A freeware tool to trace TCP/UDP/... sessions and fetch application data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMTP emails, ... from the captured data inside network traffic logs.

DARKIRCOP

=refused by heaven and feared by hell.

Stripe Snoop is a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripe cards. The data is captured through different hardware interfaces (or stdin), the contents decoded into the correct character set, and then a CDDB-like database attempts to figure out what the contents mean.

: Google Your Site For Security Vulnerabilities

Security, Penetration Testing and Hacking Tips for network Administrators

Informative information for the uninformed

This is the Metasploit Project. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.

Google Hacking Data Base

Tools

An Open Source Root War Engine

The Attack Tool Kit (ATK) is an open-source security scanner and exploiting framework

PHLAK is a modular live security Linux distribution. PHLAK comes with two light gui's (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf.

PLAC is a business card sized bootable cdrom running linux. It has network auditing, disk recovery, and forensic analysis tools. ISO will be avialable and scripts to roll you own cd.

Hakin9 Magazine: Since the second issue onwards our magazine contains hakin9.live - a bootable distribution (based on Aurox Live) containing all the tools and materials needed for practising methods and techniques described in our articles.

Macintosh Security, Hacking, Tools