Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database.
This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage. // r0073r

The Foofus.Net team is an assortment of security professionals and wannabes located somewhere in the Midwestern United States. This site exists to support the various tools and ideas that we’ve made public, along with aiding to fill our DefCon beer fund.

This webpage is a free malware analysis service powered by Payload Security that detects and analyzes unknown threats using a unique Hybrid Analysis technology.

How to display an RSS feed with a single PHP function? The URL of the file may be

• local, in the form: rss.xml, or
• distant in the form: http://www.scriptol.com/rss.xml.

There is only one difference, if the filename has the ".php" extension when it is generated by a CMS or such software, locally the file is processed by the server as a text file while remotely it is processed as a script. There is no difference if the extension is ".xml".

The script is compatible with:

• RSS 2.0 (that is compatible with 0.91, 0.92 etc.)
• RSS RDF or RSS 1.0.
  Actually the script extracts the title, link and description tags and ignores the format of structure of the document.
  The benefit of PHP to display an RSS feed is that it will be visible by search engines.

There are many ways to make a presence on the web and a website is just one of them. Other types of web presence include social media channels and sites that allow customers to review your business. Before you start making a website, make sure you understand what’s provided by the different types of web presence and the costs and benefits associated with each type.

Learn about the latest online threats.
Share and collaborate in developing threat intelligence.
Protect yourself and the community against today’s latest threats.

At the heart of Open Threat Exchange is the pulse, an investigation of an online threat. Pulses describe any type of online threat including malware, fraud campaigns, and even state sponsored hacking.

Pulses are comprised of indicators of compromise (or IoCs), which describe the infrastructure of that threat – including IPs, file hashes, e-mail addresses affiliated with the threat, etc.

Having this as hobby project I usually have time to focus on following only single malware threat at a time - now I have main focus on Locky download sites. If I read some interesting whitepaper, I will probably import some links/hashes to tracker database here and there, but in general I do not verirify or follow on those. This site is considered to be mainly research platform and directly using the data for blacklisting is not recommended. At least you should make sure to filter out with some reasonable whitelist. For example if some malware will be connecting to for example 'http://google.com/70.exe?1' (as Teslacrypt did to query connection) or to '//plus.google.com/u/0/115747778649102578052/about' or 'https://twitter.com/linketelin' (as PlugX samples d9af894d51ba61075c7cd329b0be52df, 02a175b81144b8fa22414e9cf281f71c did) then such links can be found in the listings of tracker although I am not saying the sites as such should be blocked.

La communauté FrameIP partage gratuitement ses documentations et codes source concernant le monde des réseaux TCPIP.

Visité par plus de 5000 personnes par jours, FrameIP.com nécessite un hébergement performant, une richesse des documentations et un entretient permanent.

Pour continuer à encore mieux partager, votre participation à la communauté sera la bienvenue.

Nice apps, projects and dev stuff

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

Welcome to PunkSPIDER: a global web application vulnerability search engine.
Deeper, faster, harder scans

ThreatMiner is designed to be an analyst's first portal to visit when doing threat research and here's why.

Threat intelligence and intrusion analysts who regularly perform research into malware and network infrastructure often find the need to rely on mutliple websites that individually holds a small piece of the larger puzzle.

Furthermore, it is often the case where pivoting directly from an open source research report is unavailable and that it is sometimes difficult to remember if an indicator has alredy been reported and/or attributed. All these small but frustrating obstacles distract an analyst from what they do best: analyse.