Clickjacking technique called “content extraction”

Cookiejacking is a UI redressing attack that allows an attacker to hijack his victim’s cookies without any XSS. Clickjacking attacks have been widely adopted by attackers worldwide on popular websites (eg Facebook) in order to perform some drive to download attacks,click forging, message sending and so on. In previous works on the same matter, new […]

fimap v.0.9 released

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s currently under heavy development but it’s usable. The goal of fimap is to improve the […]

Non-persistent XSS vulnerabilities Sam’s Whois

Sam’s Whois is a free php class with supporting scripts which make adding a domain name whois lookup to your website incredibly simple. Main Features * All major tlds supported (including com, net, org, info, biz, us,,, etc). * Optionally automatically redirect a query to the authoritative whois server for a tld     where […]

SpoofTooph 0.4 Release

Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode […]

Anonymous Myanmar Hacker Attacks Blink Hacker Group

This is a bit MM Hackers Complication. 🙂 Today, we got a new email from Anonymous Myanmar Hacker who is (are) attacking to Blink Hacker Group. You can check complete info from the following link. “{Update News}: ????????????? ?????????????? ????????????????? ????????? ???????????????? ???????? ??????????? ?????? ?????????? ????????????????? ???????? ???????????????????????????????? ??????????????? ?????????????? ————————————————————————– You should know […]