Hacked Information and Proof of Concept  @ PlanetCreator.net
Hacked Information and Proof of Concept @ PlanetCreator.net

“Hacking” In this category, We’re going to post Hacker’s proof-of-concept. Unless you know how to hack, you can not defend yourself from hackers. We’ll know how hack hacks and how they got hacked. So, share your hacked info as following and email to theplanetcreator<-at->gmail.com < Your Nick Name > < Proof-of-Concept > Note: No PoC, […]

Continue reading »
Timing Attacks with HTML5
Timing Attacks with HTML5

HTML 5 and related technologies bring a whole slew of new features to web browsers, some of which can be a threat to security and privacy. This paper describes a number of new timing attack techniques that can be used by a malicious web page to steal sensitive data from modern web browsers, breaking cross-origin […]

Continue reading »
Introducing SpearPhisher – A Simple Phishing Email Generation Tool
Introducing SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending quick and easy ad-hoc phishing emails. The tool supports […]

Continue reading »
Fake Login Page with XSS – IFRAME – | C B Bank – Online Electricity Billing Payment System(GBPS)
Fake Login Page with XSS – IFRAME – | C B Bank – Online Electricity Billing Payment System(GBPS)

When XSS vulnerabilities on bank websites are exploited by phishers, is too late to undo the unwanted consequences. The phishers were able to inject a modified login form onto the bank’s login page, specifically an IFRAME which loads the fake login form from a web server. Even if the login page uses SSL, does not […]

Continue reading »
Critical xss vulnerabilities at classified listings site Ads.com.mm
Critical xss vulnerabilities at classified listings site Ads.com.mm

PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any […]

Continue reading »