GNUCITIZEN
From Wikipedia, the free encyclopedia
 |
This article may require cleanup to meet Wikipedia's quality standards. Please improve this article if you can. (April 2008) |
 |
This article or section includes a list of references or external links, but its sources remain unclear because it lacks in-text citations. You can improve this article by introducing more precise citations. |
 |
This article or section needs to be wikified to meet Wikipedia's quality standards. Please help improve this article with relevant internal links. (April 2008) |
 GNUCITIZEN Ethical Hacker Outfit |
|
| Origin | London |
|---|---|
| Country | United Kingdom |
| Years active | 2005–NOW |
| Category | hacker think tank |
| Founder(s) | pdp |
| Product(s) | various |
| Affiliated Group(s) | Hakiri, Spin Hunters, Hackers for Charity |
| Website(s) | Main Site |
GNUCITIZEN is a recognized ethical hacker outfit based in London, United Kingdom and Cologne, Germany.
Contents |
[edit] About
GNUCITIZEN is a non-profit organization which is based around a Blog network consisting of several popular information security related sites. The GNUCITIZEN group has made some interesting discoveries in the past related to technologies such as CITRIX, GMail, BT Home Hub, UPnP, SNMP, etc. Today, GNUCITIZEN is one of the still existing and active organizations among other groups such as CULT OF THE DEAD COW, L0pht, The Hacker's Choice, and others. Unlike old-school hacker groups, the GNUCITIZEN outfit goal is to create a healthy community of gifted individuals. The outfit is an active supporter of the Hackers for Charity group, OWASP and other none-profit and charity entities, according to their about page.
[edit] History
GNUCITIZEN is founded by Petko D. Petkov, also known as pdp, in 2005. In 2006, the projects grows into a blog using the popular Wordpress blogging platform. The blog quickly gets momentum due to its unique content and writing style. In the course of an year, the GNUCITIZEN blog becomes a major source of cutting-edge information security research primarily based around browser, client-side, Web and Web2.0 technologies. In 2007 GNUCITIZEN.ORG turns into an organization under the name of "GNUCITIZEN | Cutting-edge Think Tank | Ethical Hacker Outfit". At that time the GNUCITIZEN team consists of 5 members in total, representing hundreds of blog posts on various topics, several noteworthy papers, numerous publicly disclosed security vulnerabilities and two printed best-selling books. In 2008, due to popular demand, GNUCITIZEN.ORG grows into GNUCITIZEN.COM, the "Commercial, Unobtrusive Entity", and GNUCITIZEN.NET, the Network, also known as the Group. Today, GNUCITIZEN is recognized as one of the most influential opinion making/forming bodies in the spheres of information security, black public relations (Black PR), public relations security, and hacker culture, style and way of life.[citation needed]
[edit] Members
- Petko D. (pdp) Petkov [1] - founder of GNUCITIZEN and Hakiri, active opinion former, information security researcher, life-hacker, author of numerious printed and online articles and books. pdp has been credited with finding numerous serious vulnerabilities including but not only vulnerabilities in GMail, SecondLife, Firefox, Internet Explorer, CITRIX, DHCP and mDNS implementations, Skype, Adobe PDF and many others.
- Ivana (ink) Kalay [2] - founder of Spin Hunters, the first Public Relations Security and Black PR organization, also recognized as one of the 50 most acknowledged Black Public Relations and Public Relations Security experts in the world.
- Adrian (pagvac) Pastor [3] - information security researcher, white-hat hacker, responsible for the repetitive disclosure of various vulnerabilities in embedded devices and web applications. pagvac is famous for hacking the BT (British Telecom) Home Hub router several times among others.
- Mario (.mario) Heiderich [4] - founder of the PHPIDS project and Web Application Security ninja. .mario is also responsible for discovering the call jacking attack on Snom VoIP phones which allow conversations to be eavesdropped without the victim's allowance.
- David (dk) Kierznowski - founder of BlogSecurity.NET, the world's source for Blog related security issues, founder of "Michael Daw | Operation n | Hacker Anthology" (michaeldaw.org), penetration tester, CHECK Team Leader and creative thinker.
[edit] Organization
The group itself is split among several domains. The GNUCITIZEN organization (.ORG) is one of the most vivid and influential none-profit information security and hacker culture opinion-making/forming bodies in the world. The .COM domain is a commercial side-effect of the .ORG domain which works independently. The commercial entity was spawned due to the high demand of GNUCITIZEN branded services. The Network or the Group (.NET) combines and provides access to other GNUCITIZEN supported domains and projects such as Hakiri, the Hacker Lifestyle initiative, and Spin Hunters, Public Relations Security and Black PR research house.
The current GNUCITIZEN Network includes the following members:
- GNUCITIZEN.org | Cutting-edge Think tank | Ethical Hacker Outfit [5]
- GNUCITIZEN.com | Commercial Unobtrusive Entity [6]
- GNUCITIZEN.net | Network [7]
- Spin Hunters | Social Hacking Research House | Black PR | PR Security [8]
- Hakiri | Hacker Lifestyle [9]
[edit] Books written by Members of the GNUCITIZEN group
- Google Hacking for Penetration Testers Second Edition (sample chapters)
- Cross Site Scripting Attacks: XSS Exploits and Defense (sample chapters)
[edit] Events where GNUCITIZEN members have spoken
GNUCITIZEN members have participated in many others local meetings and events. The outfit is most active in the UK.
[edit] Noteworthy Tools and Projects produced by GNUCITIZEN
Agile Hacking - The projects aims to use crowd-sourcing technique to aggregate the knowledge of the masses in order to produce the best hacking reference online.
Router Hacking Challenge - The results of the router hacking challenge are numerous vulnerabilities effective popular routers and embedded devices around the world.
Renaissance - The best Web2.0 hacking tools online.
For my next trick… hacking Web2.0 - Paper on Web2.0 hacking tricks and techniques.
PHPIDS Whitepaper - A white-paper about the PHPIDS open source software [10]
GHDB - The online Google Hacking Database tools. [11]
Technika - Browser automation, hacker tool for firefox. The unix command line in the browser. [12]
AJAX Worm Database - Collection of various AJAX worms. [13]
Carnaval - Bi-directional communication channel that works over HTTP. [14]
xssDB - The biggest Cross-site Scripting vector database up-to-date. [15]
AttackAPI - Attack composition and construction framework. [16]
Jython Shell, The Python Shell in the Browser - Python shell that runs inside a browser. Suitable for dynamic penetration testing of devices, kiosks and forign networks.
Massive Enumeration Toolset - Python based toolkit for discovering, processing and enumerating targeted networks or individuals.
For more GNUCITIZEN tools and projects visit the project GC's page.
[edit] References
- GNUCITIZEN resources on ZDNet
- BBC | BT want customer help with new mobile wi-fi network
- CrunchGear | PDF Files Can Steal All Your Base
- eWEEK | Using a Browser, Hackers Can Hijack Wi-Fi Routers
- Guardian | Google's Gmail insecure, and other Google security holes
- InformIT | Identity 2.0: How Attackers Break into Identity-centric Services
- InformIT | Information as a Weapon of Mass Destruction
- Mashable | Firefox 2.0.0.7 is Live; Eliminates QuickTime Security Flaw
- PC Magazine | Slipping On SOAP Into Your Router
- PC World | Firefox Exploit can Hack Gmail
- PC World | Gmail's Zero-Day Flaw Allows Attackers to Steal Messages
- SecurityFocus | Hacking group alleges attack via PDF
- Slashdot | Gmail Vulnerability May Expose User Information
- Slashdot | Most Home Routers Vulnerable to Flash UPnP Attack
- Slashdot | Zero-day Exploit in PDF With Adobe Reade
- Symantec | Flashing Home Routers
- Washington Post | With Web 2.0, a new breed of malware evolves
- Wired | Hacker Discovers Serious Vulnerability in PDF Files
- Wired | Sneaky White Hats Pull Surveillance Cam Switcheroo
[edit] External links
- GNUCITIZEN | Cutting-edge Think tank | Ethical Hacker Outfit
- GNUCITIZEN | Commercial, Unobtrusive Entity
- GNUCITIZEN | Network
- Spin Hunters | Social Hacking Research House | Black PR | PR Security
- Hakiri | Hacker Lifestyle
- 0day: PDF pwns Windows
- Google GMail E-mail Hijack Technique
- 0day: QuickTime pwns Firefox
- IE pwns SecondLife
- Hacking The Interwebs
- CITRIX: Owning the Legitimate Backdoor
- Total surveillance made easy with VoIP phones
- Web Mayhem: Firefox’s JAR: Protocol issues
- BT Home Flub: Pwnin the BT Home Hub (4)
- 0day: Hacking secured CITRIX from outside
- GNUCITIZEN Portfolio
- Call Jacking: Phreaking the BT Home Hub
- PHPIDS Project
- For my next trick… hacking Web2.0
- Exegesis of Virtual Hosts Hacking
