• Subscribe to the low volume list for updates.

Blog

Tools

Testing WordPress Password Security with Metasploit

How easy is it to hack wordpress admin accounts? Poor WordPress password security is an ongoing issue, the purpose of this post is to highlight how easy it is to break into wordpress admin accounts that have weak passwords. Metasploit Framework is an open source penetration testing application that has modules for the explicit purpose […]
Read More
12 years ago
Tools

w3af web application security testing framework stable released

sudo apt-get install python-nltk python-soappy python-lxml python-svn python-scapy graphviz tar jxvf w3af-1.0-stable.tar.bz2 ./w3af_gui The first thing to notice is the shiny new splash screen highlighting the new owner of the project that being Rapid7. A notice that I don't have the latest update appears, so auto update is performed after confirmation. Following some local testing […]
Read More
12 years ago
Security News

Google Dorking WordPress

Statistics for 2023 show around 450 million sites use WordPress, with that number continuing to grow. This makes WordPress an attractive target for those wanting to collect compromised hosting accounts for serving malicious content, spamming, phishing sites, proxies and web shells. Plugins One of the reasons for WordPress's popularity is WordPress Plugins. Adding many functions […]
Read More
12 years ago
Site Updates

Secure WordPress

Operating a secure WordPress installation requires work to stay on top of things, after all with WordPress being so popular the security is constantly being tested. WordPress Security Scan is a Hacker Target tool. It can be used to test the security of your wordpress installation from an external perspective. No plugin installation is required, […]
Read More
12 years ago
Tools

Brute Forcing Passwords with ncrack, hydra and medusa

Ready to test a number of password brute-forcing tools? Passwords are often the weakest link in any system and ultimately brute-force. Testing for weak passwords is an important part of security vulnerability assessments. This article will focus on tools that allow remote service brute-forcing. These are typically Internet facing services that are accessible from anywhere […]
Read More
12 years ago
Site Updates

sqlmap 0.9 added to online security scans

Latest update to the site tools is the addition of the new SqlMap 0.9 release to the Online SQL Injection scanner. This is a tool that takes SQL Injection to the next level and beyond. While our online scan tests for Sql Injection in HTTP GET requests, this is only the beginning. This tool can […]
Read More
12 years ago
Site Updates

Web Tech 2011 – Part 2

Now available is Part 2 of our Web Tech Report 2011 data mining project. We have compared the results of the most popular web technologies of the Top 1 Million Web Sites with the most popular Technologies in use by the Forbes Fortune 1000 US Corporations. There is a clear preference by the largest corporations […]
Read More
13 years ago
Site Updates

Web Tech 2011 Report

The HackerTarget.com Web Tech 2011 Report has just been released. This is the first edition of the report and aims to provide insight into the web technologies in use by the worlds most popular websites. Based on the Alexa top 1 million sites; content management system popularity, web servers, server side scripting, web development frameworks, […]
Read More
13 years ago
Tools

PSAD Tutorial – Port Scan Detection in Ubuntu Linux

Using PSAD to Detect Port Scans in Ubuntu Linux can reveal who is hitting your servers and where they are coming from. In this short tutorial I will show you how to quickly get a port scan monitoring system in place. PSAD has been around since 2001. As is often the case a simple open […]
Read More
13 years ago
Site Updates

dnsdumpster.com launched for osint recon

DNSDumpster.com is a new project and network reconnaissance platform from HackerTarget.com. We have built an open source intelligence gathering tool that will profile a domain name and produce an easy to read report about related systems and publicly available information about that domain. Head over and give it a spin! Alternatively if you like to […]
Read More
13 years ago