• iker –
    ker is a Python tool to analyse the security of the key exchange phase in IPsec based VPNs. Download link is available here.
  • SecUpwN / Android-IMSI-Catcher-Detector –
    This is an android-based project to detect and avoid fake base stations (IMSI-Catchers) in GSM/UMTS Networks. Sounds cool and security is important to you?
  • wifijammer –
    Wifijammer continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card.
  • mass-deauth –
    This is Mass-Deauth script for 802.11 pwnage. Download this script from here.
  • DependencyCheck –
    Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency.


  • Reversing the WRT120N’s Firmware Obfuscation –
    It was recently brought to Craig’s attention that the firmware updates for the Linksys WRT120N were employing some unknown obfuscation. He thought this sounded interesting and decided to take a look.


  • Revisting XXE and abusing protocols –
    The basic premise behind the vulnerability is that when a user authenticates with a site using OpenID, that site does a ‘discovery’ of the user’s identity. To accomplish this the server contacts the identity server specified by the user, downloads information regarding the identity endpoint and proceeds with authentication.

Other News