Computer Press!

WebCookiesSniffer is a packet sniffer tool that captures all Web site cookies sent between the Web browser and the Web server and displays them in a simple cookies table. The upper pane of WebCookiesSniffer displays the cookie string and the Web site/host name that sent or received this cookie. When selecting a cookie string in the upper pane, WebCookiesSniffer parses the cookie string and displays the cookies as name-value format in the lower pane.

Security experts have demonstrated Facebook Pwn, a Java tool which uses social engineering to obtain personal details of Facebook users that are not publicly accessible.

The tool starts out by setting up a fake account which attempts to befriend all of the target’s contacts. The attacker picks out one of the victim’s friends whose identity he can adopt and the tool steals this friend’s name and profile picture for the fake account. The tool then uses the fake account to submit a friend request to the target – the target is confronted with a familiar name, a copy of their friend’s photo and a list of mutual friends.

Remote backdoors is ways that are used by hackers to maintain access on the compromised systems.  Types of remote backdoors generally fall into three categories: Network Socket Listener, Trojan, or covert channels.

Here there is an opensource tool that is called CloseTheDoor that can help you to discover and prevent these three categories of backdoor. it is an easy-to-use application that identifies all the listening ports, TCP / UDP over IPv4 / v6 and all the associated program files. This software will help you detect security holes and close backdoors when you want to prevent remote attacks.

Tool which helps for initials steps of Information Gathering while doing web application security testing. It works with dig, whois and nmap scan results. Tool is not really user-friendly and not documented. Good tool for initial stage.

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injections, Cross site scripting (XSS), brute-force for login forms, identification of firewall-filtered rules etc.

A 10-year-old hacker who goes by the pseudonym CyFi revealed today at DefCon 19 a zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of vulnerability. The girl from California first discovered the flaw around January 2011 because she "started to get bored" with the pace of farm-style games.