GNUCITIZEN
 |
This article may require cleanup to meet Wikipedia's quality standards. (Consider using more specific cleanup instructions.) Please help improve this article if you can. The talk page may contain suggestions. (April 2008) |
 GNUCITIZEN Ethical Hacker Outfit |
|
| Origin | London |
|---|---|
| Country | United Kingdom |
| Years active | 2005–NOW |
| Category | hacker think tank |
| Founder(s) | pdp |
| Product(s) | various |
| Affiliated Group(s) | Hakiri, Spin Hunters, Hackers for Charity |
| Website(s) | Main Site |
GNUCITIZEN is a recognized [1] ethical hacker outfit based in London, United Kingdom and Cologne, Germany.
Contents |
[edit] About
GNUCITIZEN is a non-profit organization which is based around a Blog network consisting of several popular [2] information security related sites. The GNUCITIZEN group has made some discoveries in the past related to technologies such as CITRIX, GMail[3] , BT Home Hub, UPnP, SNMP, PDF [4], etc. Today, GNUCITIZEN is one of the still existing and active organizations among other groups such as CULT OF THE DEAD COW, L0pht, The Hackers Choice, and others. Unlike[citation needed] old-school hacker groups, the GNUCITIZEN outfit goal is to create a healthy community of gifted individuals. The outfit is an active supporter of the Hackers for Charity group, OWASP and other none-profit and charity entities, according to their about page.
[edit] History
GNUCITIZEN is founded by Petko D. Petkov, also known as pdp, in 2005. In 2006, the projects grows into a blog using the popular Wordpress blogging platform. The blog quickly gets momentum due to its unique[citation needed] content and writing style. In the course of a year, the GNUCITIZEN blog becomes a major[citation needed] source of cutting-edge[citation needed] information security research primarily based around browser, client-side, Web and Web2.0 technologies. In 2007 GNUCITIZEN.ORG turns into an organization under the name of "GNUCITIZEN | Cutting-edge Think Tank | Ethical Hacker Outfit". At that time the GNUCITIZEN team consists of 5 members in total, representing hundreds of blog posts on various topics, several noteworthy papers, numerous publicly disclosed security vulnerabilities and two printed best-selling books. In 2008, due to popular demand[citation needed], GNUCITIZEN.ORG grows into GNUCITIZEN.COM, the "Commercial, Unobtrusive Entity", and GNUCITIZEN.NET, the Network, also known as the Group. Today, GNUCITIZEN is recognized as one of the most influential opinion making/forming bodies in the spheres of information security, black public relations (Black PR), public relations security, and hacker culture, style and way of life.[citation needed]
[edit] Organization
The group itself is split among several domains. The GNUCITIZEN organization (.ORG) is one of the most vivid[citation needed] and influential[5]none-profit information security and hacker culture opinion-making/forming bodies in the world. The .COM domain is a commercial side-effect of the .ORG domain which works independently. The commercial entity was spawned due to the high demand[citation needed] of GNUCITIZEN branded services. The Network or the Group (.NET) combines and provides access to other GNUCITIZEN supported domains and projects such as Hakiri, the Hacker Lifestyle initiative, and Spin Hunters, Public Relations Security and Black PR research house.
The current GNUCITIZEN Network includes the following members:
- GNUCITIZEN.org | Cutting-edge Think tank | Ethical Hacker Outfit [8]
- GNUCITIZEN.com | Commercial Unobtrusive Entity [9]
- GNUCITIZEN.net | Network [10]
- Spin Hunters | Social Hacking Research House | Black PR | PR Security [11]
- Hakiri | Hacker Lifestyle [12]
[edit] Books written by Members of the GNUCITIZEN group
- Google Hacking for Penetration Testers Second Edition (sample chapters)
- Cross Site Scripting Attacks: XSS Exploits and Defense (sample chapters)
[edit] Events where GNUCITIZEN members have spoken
GNUCITIZEN members have participated in many others local meetings and events. The outfit is most active in the UK.
[edit] Noteworthy Tools and Projects produced by GNUCITIZEN
- Agile Hacking - The projects aims to use crowd-sourcing technique to aggregate the knowledge of the masses in order to produce the best hacking reference online.
- Router Hacking Challenge - The results of the router hacking challenge are numerous vulnerabilities effective popular routers and embedded devices around the world.
- Renaissance - The best Web2.0 hacking tools online.
- For my next trick… hacking Web2.0 - Paper on Web2.0 hacking tricks and techniques.
- PHPIDS - Monitoring attack surface activity [6] - A white-paper about the PHPIDS open source software
- GHDB - The online Google Hacking Database tools. [13]
- Technika - Browser automation, hacker tool for Firefox. The unix command line in the browser. [14]
- AJAX Worm Database - Collection of various AJAX worms. [15]
- Carnaval - Bi-directional communication channel that works over HTTP. [16]
- xssDB - The biggest Cross-site Scripting vector database up-to-date. [17]
- AttackAPI - Attack composition and construction framework. [18]
- Jython Shell, The Python Shell in the Browser - Python shell that runs inside a browser. Suitable for dynamic penetration testing of devices, kiosks and foreign networks.
- Massive Enumeration Toolset - Python based toolkit for discovering, processing and enumerating targeted networks or individuals.
- PHP Code Analysis: Real World Examples [7] - Project exploring practical PHP exploitation techniques.
- phpMyAdminRCE - Remote command execution exploit for phpMyAdmin.
[edit] References
- ^ [1] - BT want customer help with new mobile wi-fi network
- ^ [2] - Worm Fears Shut down Skype Video Feature
- ^ [3] - Google GMail E-mail Hijack Technique
- ^ [4] - 0day: PDF Pwns Windows
- ^ [5] - GNUCITIZEN voted "best IT Security Blog in English" at CONFidence IT security conference
- ^ [6] - PHPIDS - Monitoring attack surface activity paper, co-authored by Mario Heiderich (GNUCITIZEN member)
- ^ [7] - PHP Code Analysis: Real World Examples, by David Kierznowski (GNUCITIZEN member)
[edit] Media Mentions
- GNUCITIZEN resources on ZDNet
- BBC | BT want customer help with new mobile wi-fi network
- CrunchGear | PDF Files Can Steal All Your Base
- eWEEK | Using a Browser, Hackers Can Hijack Wi-Fi Routers
- Guardian | Google's Gmail insecure, and other Google security holes
- InformIT | Identity 2.0: How Attackers Break into Identity-centric Services
- InformIT | Information as a Weapon of Mass Destruction
- Mashable | Firefox 2.0.0.7 is Live; Eliminates QuickTime Security Flaw
- PC Magazine | Slipping On SOAP Into Your Router
- PC World | Firefox Exploit can Hack Gmail
- PC World | Gmail's Zero-Day Flaw Allows Attackers to Steal Messages
- SecurityFocus | Hacking group alleges attack via PDF
- Slashdot | Gmail Vulnerability May Expose User Information
- Slashdot | Most Home Routers Vulnerable to Flash UPnP Attack
- Slashdot | Zero-day Exploit in PDF With Adobe Reade
- Symantec | Flashing Home Routers
- Washington Post | With Web 2.0, a new breed of malware evolves
- Wired | Hacker Discovers Serious Vulnerability in PDF Files
- Wired | Sneaky White Hats Pull Surveillance Cam Switcheroo
[edit] External links
- GNUCITIZEN | Cutting-edge Think tank | Ethical Hacker Outfit
- GNUCITIZEN | Commercial, Unobtrusive Entity
- GNUCITIZEN | Network
- Spin Hunters | Social Hacking Research House | Black PR | PR Security
- Hakiri | Hacker Lifestyle
- 0day: PDF pwns Windows
- Google GMail E-mail Hijack Technique
- 0day: QuickTime pwns Firefox
- IE pwns SecondLife
- Hacking The Interwebs
- CITRIX: Owning the Legitimate Backdoor
- Total surveillance made easy with VoIP phones
- Web Mayhem: Firefox’s JAR: Protocol issues
- BT Home Flub: Pwnin the BT Home Hub (4)
- 0day: Hacking secured CITRIX from outside
- GNUCITIZEN Portfolio
- Call Jacking: Phreaking the BT Home Hub
- PHPIDS Project
- For my next trick… hacking Web2.0
- Exegesis of Virtual Hosts Hacking
