GNUCITIZEN
Encyclopedia
GNUCITIZEN is a recognized ethical hacker
outfit based in London
, United Kingdom
and Cologne
, Germany
.
network consisting of several popular information security related sites. The GNUCITIZEN group has made some discoveries in the past related to technologies such as CITRIX, GMail , BT Home Hub
, UPnP, SNMP
, PDF , etc. Today, GNUCITIZEN is one of the still existing and active organizations among other groups such as CULT OF THE DEAD COW
, L0pht
, The Hackers Choice, and others. Unlike old-school hacker groups, the GNUCITIZEN outfit goal is to create a healthy community of gifted individuals. The outfit is an active supporter of the Hackers for Charity group, OWASP
and other none-profit and charity entities, according to their about page.
blogging platform. The blog quickly gets momentum due to its unique content and writing style. In the course of a year, the GNUCITIZEN blog becomes a major source of cutting-edge information security research primarily based around browser, client-side, Web
and Web2.0 technologies. In 2007 GNUCITIZEN.ORG turns into an organization under the name of "GNUCITIZEN | Cutting-edge Think Tank | Ethical Hacker Outfit". At that time the GNUCITIZEN team consists of 5 members in total, representing hundreds of blog posts on various topics, several noteworthy papers, numerous publicly disclosed security vulnerabilities and two printed best-selling books. In 2008, due to popular demand, GNUCITIZEN.ORG grows into GNUCITIZEN.COM, the "Commercial, Unobtrusive Entity", and GNUCITIZEN.NET, the Network, also known as the Group. Today, GNUCITIZEN is recognized as one of the most influential opinion making/forming bodies in the spheres of information security, black public relations
(Black PR), public relations security, and hacker culture, style and way of life.
The current GNUCITIZEN Network includes the following members:
GNUCITIZEN members have participated in many others local meetings and events. The outfit is most active in the UK.
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
outfit based in London
London
London is the capital city of :England and the :United Kingdom, the largest metropolitan area in the United Kingdom, and the largest urban zone in the European Union by most measures. Located on the River Thames, London has been a major settlement for two millennia, its history going back to its...
, United Kingdom
United Kingdom
The United Kingdom of Great Britain and Northern IrelandIn the United Kingdom and Dependencies, other languages have been officially recognised as legitimate autochthonous languages under the European Charter for Regional or Minority Languages...
and Cologne
Cologne
Cologne is Germany's fourth-largest city , and is the largest city both in the Germany Federal State of North Rhine-Westphalia and within the Rhine-Ruhr Metropolitan Area, one of the major European metropolitan areas with more than ten million inhabitants.Cologne is located on both sides of the...
, Germany
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...
.
About
GNUCITIZEN is a non-profit organization which is based around a BlogBlog
A blog is a type of website or part of a website supposed to be updated with new content from time to time. Blogs are usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video. Entries are commonly displayed in...
network consisting of several popular information security related sites. The GNUCITIZEN group has made some discoveries in the past related to technologies such as CITRIX, GMail , BT Home Hub
BT Home Hub
The BT Home Hub is a wireless residential gateway router distributed by BT. It is based on the Wi-Fi 802.11n standard, and is also backwards compatible with 802.11g and 802.11b. All Models of the Home Hub prior to the Home Hub 3.0 support VoIP Internet calls via BT's Broadband Talk service and are...
, UPnP, SNMP
Simple Network Management Protocol
Simple Network Management Protocol is an "Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more." It is used mostly in network management systems to monitor...
, PDF , etc. Today, GNUCITIZEN is one of the still existing and active organizations among other groups such as CULT OF THE DEAD COW
Cult of the Dead Cow
Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas. The group maintains a weblog on its site, also titled "Cult of the Dead Cow"...
, L0pht
L0pht
L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area.-Name:The second character in its name was originally a slashed zero, a symbol used by old teletypewriters and some character mode operating systems to mean zero...
, The Hackers Choice, and others. Unlike old-school hacker groups, the GNUCITIZEN outfit goal is to create a healthy community of gifted individuals. The outfit is an active supporter of the Hackers for Charity group, OWASP
OWASP
The Open Web Application Security Project is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and...
and other none-profit and charity entities, according to their about page.
History
GNUCITIZEN is founded by Petko D. Petkov, also known as pdp, in 2005. In 2006, the projects grows into a blog using the popular WordpressWordPress
WordPress is a free and open source blogging tool and publishing platform powered by PHP and MySQL. It is often customized into a content management system . It has many features including a plug-in architecture and a template system. WordPress is used by over 14.7% of Alexa Internet's "top 1...
blogging platform. The blog quickly gets momentum due to its unique content and writing style. In the course of a year, the GNUCITIZEN blog becomes a major source of cutting-edge information security research primarily based around browser, client-side, Web
World Wide Web
The World Wide Web is a system of interlinked hypertext documents accessed via the Internet...
and Web2.0 technologies. In 2007 GNUCITIZEN.ORG turns into an organization under the name of "GNUCITIZEN | Cutting-edge Think Tank | Ethical Hacker Outfit". At that time the GNUCITIZEN team consists of 5 members in total, representing hundreds of blog posts on various topics, several noteworthy papers, numerous publicly disclosed security vulnerabilities and two printed best-selling books. In 2008, due to popular demand, GNUCITIZEN.ORG grows into GNUCITIZEN.COM, the "Commercial, Unobtrusive Entity", and GNUCITIZEN.NET, the Network, also known as the Group. Today, GNUCITIZEN is recognized as one of the most influential opinion making/forming bodies in the spheres of information security, black public relations
Public relations
Public relations is the actions of a corporation, store, government, individual, etc., in promoting goodwill between itself and the public, the community, employees, customers, etc....
(Black PR), public relations security, and hacker culture, style and way of life.
Organization
The group itself is split among several domains. The GNUCITIZEN organization (.ORG) is one of the most vivid and influentialnone-profit information security and hacker culture opinion-making/forming bodies in the world. The .COM domain is a commercial side-effect of the .ORG domain which works independently. The commercial entity was spawned due to the high demand of GNUCITIZEN branded services. The Network or the Group (.NET) combines and provides access to other GNUCITIZEN supported domains and projects such as Hakiri, the Hacker Lifestyle initiative, and Spin Hunters, Public Relations Security and Black PR research house.The current GNUCITIZEN Network includes the following members:
- GNUCITIZEN.org | Cutting-edge Think tank | Ethical Hacker Outfit http://gnucitizen.org
- GNUCITIZEN.com | Commercial Unobtrusive Entity http://gnucitizen.com
- GNUCITIZEN.net | Network http://gnucitizen.net
- Spin Hunters | Social Hacking Research House | Black PR | PR Security http://www.spinhunters.org/
- Hakiri | Hacker Lifestyle http://hakiri.org
Books written by Members of the GNUCITIZEN group
- Google Hacking for Penetration Testers Second Edition (sample chapters)
- Cross Site Scripting Attacks: XSS Exploits and Defense (sample chapters)
Events where GNUCITIZEN members have spoken
- OWASPOWASPThe Open Web Application Security Project is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and...
- Black HatBlack Hat BriefingsThe Black Hat Conference is a computer security conference that brings together a variety of people interested in information security. Representatives of federal agencies and corporations attend along with hackers. The Briefings take place regularly in Las Vegas, Barcelona and Tokyo...
- DEF CON
- Hack in the Box
- CONFidenceConfidenceConfidence is generally described as a state of being certain either that a hypothesis or prediction is correct or that a chosen course of action is the best or most effective. Self-confidence is having confidence in oneself. Arrogance or hubris in this comparison, is having unmerited...
- ph-neutral
GNUCITIZEN members have participated in many others local meetings and events. The outfit is most active in the UK.
Noteworthy Tools and Projects produced by GNUCITIZEN
- Agile Hacking - The projects aims to use crowd-sourcing technique to aggregate the knowledge of the masses in order to produce the best hacking reference online.
- Router Hacking Challenge - The results of the router hacking challenge are numerous vulnerabilities effective popular routers and embedded devices around the world.
- Renaissance - The best Web2.0 hacking tools online.
- For my next trick… hacking Web2.0 - Paper on Web2.0 hacking tricks and techniques.
- PHPIDS - Monitoring attack surface activity - A white-paper about the PHPIDSPHPIDSPHPIDS is an open source PHP Web Application Intrusion Detection System. It was written by Mario Heiderich, Christian Matthies, Lars H. Strojny and several others in March 2007...
open source software
- GHDB - The online Google HackingGoogle HackingGoogle hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.- Basics :...
Database tools. http://www.gnucitizen.org/ghdb/application.htm
- Technika - Browser automation, hacker tool for Firefox. The unix command line in the browser. http://www.gnucitizen.org/projects/technika/
- AJAX Worm Database - Collection of various AJAX worms. http://www.gnucitizen.org/projects/wormx/
- Carnaval - Bi-directional communication channel that works over HTTP. http://www.gnucitizen.org/projects/carnaval/
- xssDB - The biggest Cross-site Scripting vector database up-to-date. http://www.gnucitizen.org/xssdb/application.htm
- AttackAPI - Attack composition and construction framework. http://www.gnucitizen.org/projects/attackapi/
- Jython Shell, The Python Shell in the Browser - Python shell that runs inside a browser. Suitable for dynamic penetration testing of devices, kiosks and foreign networks.
- Massive Enumeration Toolset - Python based toolkit for discovering, processing and enumerating targeted networks or individuals.
- PHP Code Analysis: Real World Examples - Project exploring practical PHP exploitation techniques.
- phpMyAdminRCE - Remote command execution exploit for phpMyAdmin.
Media Mentions
- GNUCITIZEN resources on ZDNet
- BBC | BT want customer help with new mobile wi-fi network
- CrunchGear | PDF Files Can Steal All Your Base
- eWEEK | Using a Browser, Hackers Can Hijack Wi-Fi Routers
- Guardian | Google's Gmail insecure, and other Google security holes
- InformIT | Identity 2.0: How Attackers Break into Identity-centric Services
- InformIT | Information as a Weapon of Mass Destruction
- Mashable | Firefox 2.0.0.7 is Live; Eliminates QuickTime Security Flaw
- PC Magazine | Slipping On SOAP Into Your Router
- PC World | Firefox Exploit can Hack Gmail
- PC World | Gmail's Zero-Day Flaw Allows Attackers to Steal Messages
- SecurityFocus | Hacking group alleges attack via PDF
- Slashdot | Gmail Vulnerability May Expose User Information
- Slashdot | Most Home Routers Vulnerable to Flash UPnP Attack
- Slashdot | Zero-day Exploit in PDF With Adobe Reade
- Symantec | Flashing Home Routers
- Washington Post | With Web 2.0, a new breed of malware evolves
- Wired | Hacker Discovers Serious Vulnerability in PDF Files
- Wired | Sneaky White Hats Pull Surveillance Cam Switcheroo
External links
- GNUCITIZEN | Cutting-edge Think tank | Ethical Hacker Outfit
- GNUCITIZEN | Commercial, Unobtrusive Entity
- GNUCITIZEN | Network
- Spin Hunters | Social Hacking Research House | Black PR | PR Security
- Hakiri | Hacker Lifestyle
- 0day: PDF pwns Windows
- Google GMail E-mail Hijack Technique
- 0day: QuickTime pwns Firefox
- IE pwns SecondLife
- Hacking The Interwebs
- CITRIX: Owning the Legitimate Backdoor
- Total surveillance made easy with VoIP phones
- Web Mayhem: Firefox’s JAR: Protocol issues
- BT Home Flub: Pwnin the BT Home Hub (4)
- 0day: Hacking secured CITRIX from outside
- GNUCITIZEN Portfolio
- Call Jacking: Phreaking the BT Home Hub
- PHPIDS Project
- For my next trick… hacking Web2.0
- Exegesis of Virtual Hosts Hacking