February 4th, 2012 
Mourad Ben Lakhoua New update has been released for Inssider a free wardriving application that help penetration tester to check different wireless network available. The program is very useful as it provides information about the encryption used, vendor of the access point, SSID and the performance of the Wifi network coverage. Update release note include the following: ” [...]
Posted in Open-Source, Pentesting 
Tags: InSSIDer, penetration testing, Pentesting, wifi, Wireless Security 
No Comments » January 21st, 2012 Mourad Ben Lakhoua Today we hear a lot about new generation of IT Security certifications, you go to Linkedin and you find all people adding their certifications on their profiles and this can be a good way to promote their appearance on different search engines. If you decide to pass some new certifications than this article interests you, [...]
Posted in Security Training Tags: CEHv7, Certified Ethical Hacker, denial of service, enumeration, Ethical Hacking, footprinting and reconnaissance, hacking webserver SQL injection, Introduction to ethical hacking, Online Training Course, Penetration Tester, Pentesting, Posted in Best Practices, scanning network, Security Training, session hijacking, sniffers, social engineering, system hacking, Trojans and backdoors, Viruses And Worms No Comments » January 5th, 2012 Mourad Ben Lakhoua Wireless network access points are everywhere so if you travel a lot you will find more than one AP at airports coffee shop or at the beach, I often try to scan different wireless network to check what type of encryption used by the AP owner (you can use InSSider) and as a result I [...]
Posted in Open-Source, Pentesting, Tools Tags: penetration, Pentest, Pentesting, Wireless Security 3 Comments » September 25th, 2011 Mourad Ben Lakhoua Over several years compromising web application is the first target for hackers, after attacking any website hacker under a certain name promotes the attack by adding it to www.zone-h.org.Zone-H.org is a website archive of versions of defaced websites.The sources of the hacked website URLs submit their information anonymously, and often include an image of the hacked site. Sometimes [...]
July 28th, 2011 Mourad Ben Lakhoua New version of Metasploit professional edition has been released by Rapid7, Metasploit is a complete solution for penetration testing that gives pentester a complete visibility on different threat with over 10 vulnerability scanners. Metasploit Pro 4.0 helps you improve your enterprise vulnerability management program and test how well your perimeter holds up against real world [...]
July 24th, 2011 Mourad Ben Lakhoua WebSurgery is another suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injections, Cross [...]
June 19th, 2011 Mourad Ben Lakhoua theHarvester is a Computer-based social engineering tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key servers. This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources supported are: Google – [...]
