ToolWar | Information Security (InfoSec) Tools: Attack

FireEye Commando VM : Distribution

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s1600/CVM+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="commando vm fireeye" border="0" data-original-height="750" data-original-width="974" height="246" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s320/CVM+logo.png" title="commando vm fireeye" width="320" /></a></div>
<div style="text-align: justify;">
CommandoVM - a fully customized, Windows-based security <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">distribution</a> for penetration testing and red teaming. </div>
<div style="text-align: justify;">
Penetration testers commonly use their own variants of Windows 
machines when assessing Active Directory environments. Commando VM was 
designed specifically to be the go-to platform for performing these 
internal penetration tests. The benefits of using a Windows machine 
include native support for Windows and Active Directory, using your VM 
as a staging area for C2 frameworks, browsing shares more easily (and 
interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.</div>
<div style="text-align: justify;">
Commando VM uses Boxstarter, Chocolatey, and MyGet packages
 to install all of the software, and delivers many tools and utilities 
to support penetration testing. This list includes more than 140 tools, 
including:</div>
<ul style="list-style-position: inside; text-align: justify;">
<li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li>
<li><a href="http://www.toolwar.com/2013/09/wireshark-tools.html" target="_blank">Wireshark</a></li>
<li>Covenant</li>
<li>Python</li>
<li>Go</li>
<li>Remote Server Administration Tools</li>
<li><a href="http://www.toolwar.com/2013/09/sysinternals.html" target="_blank">Sysinternals</a></li>
<li>Mimikatz</li>
<li><a href="http://www.toolwar.com/2013/09/burp-suite-tools.html" target="_blank">Burp-Suite</a></li>
<li>x64dbg</li>
<li>Hashcat</li>
</ul>
<div style="text-align: justify;">
With such versatility, Commando VM aims to be the de facto <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a>machine for every penetration tester and red teamer. For the blue 
teamers reading this, don’t worry, we’ve got full blue team support as 
well! The versatile tool sets included in Commando VM provide blue teams
 with the tools necessary to audit their networks and improve their 
detection capabilities. With a library of offensive tools, it makes it 
easy for blue teams to keep up with offensive tooling and attack trends.</div>
<div style="text-align: justify;">
<br /></div>
<h4>
Requirements</h4>
<ul>
<li>Windows 7 Service Pack 1 or Windows 10</li>
<li>60 GB Hard Drive</li>
<li>2 GB RAM</li>
</ul>
<h3 style="text-align: justify;">
Installation Instruction: </h3>
<ol>
<li>Create and configure a new Windows Virtual Machine</li>
</ol>
<ul>
<li>Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain</li>
<li>Take a snapshot of your machine!</li>
<li>Download and copy <code>install.ps1</code> on your newly configured machine.</li>
<li>Open PowerShell as an Administrator</li>
<li>Enable script execution by running the following command:
<ul>
<li><code>Set-ExecutionPolicy Unrestricted</code></li>
</ul>
</li>
<li>Finally, execute the installer script as follows:
<ul>
<li><code>.\install.ps1</code></li>
<li>You can also pass your password as an argument: <code>.\install.ps1 -password <password></code></li>
</ul>
</li>
</ul>
<div style="text-align: justify;">
<b>Detailed Installation Instruction: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Click Here</a><b> </b></div>
<div style="text-align: justify;">
<b>Download: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Commando VM</a></div>
<div style="text-align: justify;">
<b>Official Website: </b><a href="https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html" rel="nofollow" target="_blank">FireEye</a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>

FireEye Commando VM : Distribution

CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers comm...

Mobile Security Framework (MobSF) : Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="Mobile Security Framework : ToolWar" border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg92QuRFrhtVqI-D5Nzc-bu8_p0vvCirYl6qqK45JFNtlLSChwXklrMauZ_BLYvAZfq7H7ml0YTzaijl0GfbktnY_-sHW34h8B1tteqowCXjg_ELksZixDcb5Ff1B0JPxCVUTK9mYO9iNhL/s400/MobSF.png" title="Mobile Security Framework : ToolWar" width="400" /></div>
<div style="text-align: justify;">
<b>Mobile Security Framework (MobSF)</b> is an intelligent, all-in-one open 
source mobile application (Android/iOS) automated pen-testing framework 
capable of performing static and dynamic analysis. It can be used for 
effective and fast security analysis of Android and iOS Applications and
 supports both binaries (APK & IPA) and zipped source code.<b> MobSF</b> 
can also perform Web API Security testing with it's API Fuzzer that can 
do Information Gathering, analyze Security Headers, identify Mobile API 
specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other
 logical issues related to Session and API Rate Limiting.</div>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorial: </h3>
<ul>
<li><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation">https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation</a></li>
</ul>
<h3>
Video Tutorial: </h3>
<h3>
Download: <strong> </strong></h3>
<strong>Windows</strong>: Extract the <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to C:\MobSF<strong> </strong><br />
<strong>Mac</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /Users/[username]/MobSF<strong> </strong><br />
<strong>Linux</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /home/[username]/MobSF<br />
<br />
<div style="text-align: justify;">
<br /></div>

Mobile Security Framework (MobSF) : Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing fram...

Distributed Network Attack (DNA) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Distributed Network Attack (DNA)" border="0" height="356" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgN1ZMHUWsjTC9Dt1gSGHwIb7uX_fVP2wEVefcDrl4xAEhFWtrS40MMQJeHNbsyJpHPAyBuMo5re53V-mtj7tDVo_foJL2k5V5G6MGzC34betwn72UCVNwMKUzShO9IwPYFmaiSd_gp0vu3/s1600/Distributed+Network+Attack+(DNA).jpg" title="Distributed Network Attack (DNA)" width="640" /></div>
<b>Distributed Network Attack (DNA)</b> is a new approach to <i>recovering password protected files</i>. 
     In the past, recoveries have been limited to the processing 
     power of one machine. <b>Distributed Network Attack (DNA)</b> uses the power of machines across 
     the <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> or across the world to decrypt <a href="http://www.toolwar.com/search/label/Password" target="_blank">passwords</a>. The DNA 
     Server is installed in a central location where machines running 
     the <b>Distributed Network Attack (DNA)</b> Client can access it over the network. DNA Manager coordinates 
     the attack, assigning small portions of the key search to machines 
     distributed throughout the network. The DNA Client will run 
     in the background, only taking unused processor time. <b>Distributed Network Attack (DNA)</b> is used in many different environments to provide specific,  <b>password <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">cracking</a></b> related functions. <b><i>For example</i></b>, law enforcement and  corporate <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> professionals can use <b>PRTK and DNA</b> in <i>computer  <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic</a> investigations</i> to access password-protected files. IT  administrators can use <b>DNA</b> to recover system passwords, while individual  users can use PRTK and DNA to recover lost passwords to personal files.  These two products provide access to passwords for a large number of  popular software applications. <b>DNA</b> uses multiple machines across the  network or across the world to conduct key space and dictionary <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a>.  In many cases, this makes use of time those computers would normally be  idle, saving the cost of additional hardware. Many organizations find  that the cost of additional hardware is justified for a secure,  dedicated password recovery lab. </div>
<div style="text-align: justify;">
<br />
<div class="ui-tabs-panel ui-widget-content ui-corner-bottom" id="dna-features">
<div class="featurewrapper">
<div class="FeatureRow">
<b>Distributed Network Attack® (DNA®) Features ::</b><br />
<ul class="square">
<li>Leverage graphic processing units on Microsoft Windows machines with CUDA-enabled GPUs.</li>
<li>Easy to read Statistics and Graphs</li>
<li>Add user dictionaries</li>
<li>Optimization for password attacks for specific <a href="http://www.toolwar.com/search/label/Language" target="_blank">languages</a></li>
<li>Customize user dictionaries</li>
<li>Stealth client installation functionality</li>
<li>Automatic Client update when updating the DNA Server</li>
<li>Control which clients work on certain jobs</li>
</ul>
</div>
</div>
</div>
<b>DNA® Worker Minimum Requirements :: </b><br />
<ul class="square">
<li>Operating System:</li>
</ul>
<ul class="square"><ul class="square">
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>® XP/2000</li>
<li>Macintosh OSX 10.3.9/10.4.x</li>
<li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> Red Hat/Fedora Core 4</li>
<li>Solaris</li>
</ul>
</ul>
<ul class="square">
<li>Processor:</li>
</ul>
<ul class="square"><ul class="square">
<li>Intel Pentium® III/P4/AMD Athlon™</li>
<li>Power PC G4/G5</li>
<li>Sparc</li>
</ul>
</ul>
<ul class="square">
<li>RAM: 1 Gb</li>
<li>Hard Disk Space: 40 Gb</li>
</ul>
</div>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EJxrRbrf12I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/ghaOJoJ08cw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://marketing.accessdata.com/acton/attachment/4390/u-001a/0/-/-/-/-/" target="_blank">Distributed Network Attack (DNA) version 7.0.0 (.iso)</a></div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://www.accessdata.com/">http://www.accessdata.com/</a>
</div>

Distributed Network Attack (DNA) :: Framework

Distributed Network Attack (DNA) is a new approach to recovering password protected files . In the past, recoveries have been limi...

WAIDPS (Wireless Auditing and IDS/IPS) :: Tools

<div class="MsoNormal" style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2brw15uNZM6cni3F7-EtWQHYhj-0aNTw7yRP5neqqvJNHGdMiVN1N_0W3-Viquk330eFmeUtUUvL8svfYNwbfTIeN9EHznj0wezjqVUp-xF_BlO8Gs1EjB_PoXg6gp8JdoTV0ztUiuyz/s1600/WAIDPS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2brw15uNZM6cni3F7-EtWQHYhj-0aNTw7yRP5neqqvJNHGdMiVN1N_0W3-Viquk330eFmeUtUUvL8svfYNwbfTIeN9EHznj0wezjqVUp-xF_BlO8Gs1EjB_PoXg6gp8JdoTV0ztUiuyz/s1600/WAIDPS.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: Arial;"><b>WAIDPS</b> (Wireless Auditing, Intrusion Detection and Prevention System) is an open source <b>wireless swissknife</b> written in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> and work on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> environment. This is a multipurpose tools designed for audit (<a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">WiFi</a> information in the surrounding and store in databases. This will be useful when it comes to auditing a <a href="http://www.toolwar.com/search/label/Network" target="_blank">network </a>if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment. </span></div>
<div class="MsoNormal" style="text-align: justify;">
</div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;"><b>WAIDPS</b> may be useful to penetration testers, <a href="http://www.toolwar.com/search/label/Wireless" target="_blank">wireless</a> trainers, law enforcement agencies and those who is interested to know more about wireless auditing and protection. The primarily purpose for this script is to detect intrusion. Once wireless detect is found, it display on screen and also log to file on the attack. Additional features are added to current script where previous WIDS does not have are :</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">automatically save the attack packets into a file</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">interactive mode where users are allow to perform many functions</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">allow user to analyse captured packets</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">load previously saved pcap file or any other pcap file to be examine</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">customizing filters</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">customize detection threshold (sensitivity of IDS in detection)</span></div>
<div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;">
</div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">At present, <b>WAIDPS</b> is able to detect the following wireless attacks and will subsequently add other detection found in the previous WIDS.</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Association / Authentication flooding</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect mass deauthentication which may indicate a possible WPA attack for handshake </span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WEP attack using the ARP request replay method</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WEP attack using chopchop method</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detection of Evil-Twin</span></div>
<div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detection of Rogue Access Point</span></div>
<div class="MsoNormal" style="text-align: justify;">
</div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">The whole structure of the <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">Wireless Auditing</a>, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">Intrusion Detection</a> & <a href="http://www.toolwar.com/search/label/IPS" target="_blank">Prevention System</a> will comprise of </span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">Harvesting WiFi Information         [Done]</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">Intrusion Detection                         [Done]</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">Intrusion Prevention                       [Done]</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">Auditing (Testing network)            [Done]</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">Other additional item include analyzing of packets, display of captured dump, display network barchart and much more.</span></div>
<div class="MsoNormal" style="text-align: justify;">
</div>
<div class="MsoNormal" style="text-align: justify;">
<b><span style="font-family: Arial;">Requirements</span></b></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">No special equipment is required to use this script as long as you have the following :</span></div>
<div class="MsoNormal" style="text-align: justify;">
</div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   1. Root access (admin)</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">2. Wireless interface which is capable of monitoring and injection</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">3. Python 2.7 installed </span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">4. <a href="http://www.toolwar.com/2013/09/aircrack-ng-12-beta.html" target="_blank">Aircrack-NG suite</a>installed</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">5. TShark installed</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">6 TCPDump installed</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">7 Mergecap installed (for joining pcap files)</span></div>
<div style="text-align: justify;">
<span style="font-family: Arial;">   </span><span style="font-family: Arial;">8 xterm  installed</span></div>
<div style="text-align: justify;">
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<b><span style="font-weight: normal;"><span style="font-family: Arial;"><b>Structure of WAIDS’ Display :: </b></span></span></b></div>
<div class="MsoNormal">
<span style="font-family: Arial;">Before starting with the detail description of the whole application, WAIDPS display structures are separated in several parts. For better understanding, the structures are as below.</span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<b><span style="font-family: Arial;">WiFi-Harvesting Module</span></b></div>
<div class="MsoNormal">
<span style="font-family: Arial;">- Collecting/Storing of Access Points/Stations details and the relationship with each other. [<b>Access Points / Wireless Clients Listing</b>]</span></div>
<span style="font-family: Arial;">- Displaying of unassociated station information and its probe </span></div>
<div style="text-align: justify;">
<span style="font-family: Arial;">[<b>Unassociated Stations</b>]</span> <br />
<div class="MsoNormal">
<span style="font-family: Arial;">- Allowing user to enter MAC addresses / Names to be monitored </span></div>
<div class="MsoNormal">
<span style="font-family: Arial;">[<b>Monitoring Panel</b>]</span></div>
<span style="font-family: Arial;">- Association of stations to access point, station switch from one access point to another, station acting as both a wireless client and access point, etc </span></div>
<div style="text-align: justify;">
<span style="font-family: Arial;">[<b>Association/Connection Alert</b>]</span> <br />
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<b><span style="font-family: Arial;">Intrusion Detection</span></b></div>
<div class="MsoNormal">
<span style="font-family: Arial;">- Capture/Analyzing of packets </span></div>
<div class="MsoNormal">
<span style="font-family: Arial;">- Displaying of Station/Access Point MAC addresses and detected suspicious data count [<b>Suspicious Activity Listing</b>]</span></div>
<div class="MsoNormal">
<span style="font-family: Arial;">- Displaying of analysed WEP/WPA/WPS attack pattern and its detail [<b>Attack Detected</b>]</span></div>
<div class="MsoNormal">
</div>
</div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>Screenshots ::  </b><a href="http://syworks.blogspot.in/2014/04/waidps-wireless-auditing-intrusion.html" target="_blank">Click Here</a><br />
<b>Text & Image Tutorial :: </b><a href="http://syworks.blogspot.in/2014/04/waidps-wireless-auditing-intrusion.html" target="_blank">Click Here</a><br />
<b>Installation Tutorial::</b><br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/aGTQAWoeujA?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<span id="goog_894600077"></span><span id="goog_894600078"></span>
</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>More Video Tutorials: </b> <a href="https://www.youtube.com/watch?v=s7kzQqOY3X0&index=2&list=PLrekpjW7JwW-T0CeXP8GwudtJmTJ6KZ8O" target="_blank">Click Here</a></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux :: </b><a href="https://github.com/SYWorks/waidps/archive/master.zip" target="_blank">WAIDPS</a><b> (.py)</b></div>
<div style="text-align: justify;">
<b>Source ::</b> <a href="https://github.com/SYWorks/waidps" target="_blank">https://github.com/SYWorks/waidps</a> </div>
<div style="text-align: justify;">
<b>Submitted By :: </b>SYChua</div>

WAIDPS (Wireless Auditing and IDS/IPS) :: Tools

WAIDPS (Wireless Auditing, Intrusion Detection and Prevention System) is an open source wireless swissknife written in Python and wo...

GoldenEye (DoS Testing) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="ddos icon" border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJOQnS__a36My3QgFrkkZZnKbMa2sQ5wymnzD-TYPn2-Hi3HzwaqF7hyphenhyphenimikRz5C7uJ3EQc2UHSYhjBNDc4TDogFEdp8zIL-ab7q41TBZPSowkU6qXuTkKbYPg3QOuCHEa5gb1WjXFL0js/s1600/ddos+logo.jpg" title="ddos icon" width="400" /></div>
<div style="text-align: justify;">
<b>GoldenEye</b> is a <b>HTTP DoS test tool</b>. This software is distributed under the <i>GNU General Public License</i> version 3 (GPLv3). <b>GoldenEye</b> is a <b><acronym title="HyperText Transfer Protocol">HTTP</acronym>/S
 Layer 7 <a href="http://www.toolwar.com/search/label/DDoS" target="_blank">Denial-of-Service</a> Testing Tool</b>. It uses KeepAlive (and 
Connection: keep-alive) paired with Cache-Control options to persist 
socket connection busting through caching (when possible) until it 
consumes all available sockets on the <acronym title="HyperText Transfer Protocol">HTTP</acronym>/S server.</div>
<div style="text-align: justify;">
This project started by the influence of Barry Shteiman who created HULK, a Proof-of-concept <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tool</a> that I decided to improve which later became <b>GoldenEye</b>. Kudos for you Barry! This software is written in purely<a href="http://www.toolwar.com/search/label/Python" target="_blank"> Python</a>.</div>
<h3 style="text-align: justify;">
Tutorial ::</h3>
<div style="text-align: justify;">
<b>Usages :: </b></div>
<pre><span style="font-family: "Courier New",Courier,monospace;"><code> USAGE: ./goldeneye.py <url> [OPTIONS]

OPTIONS:
     Flag           Description                     Default
     -t, --threads      Number of concurrent threads                (default: 500)
     -m, --method       HTTP Method to use 'get' or 'post'  or 'random'         (default: get)
     -d, --debug        Enable Debug Mode [more verbose output]         (default: False)
     -h, --help         Shows this help</code></span></pre>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b><span style="font-size: small;"><span style="font-weight: normal;">Python :: <a href="https://github.com/jseidl/GoldenEye/archive/master.zip" target="_blank">GoldenEye</a><b> (.py)</b></span></span></b></div>
<div style="text-align: justify;">
<b>Source Website ::</b>  <a href="https://github.com/jseidl/GoldenEye">https://github.com/jseidl/GoldenEye</a></div>

GoldenEye (DoS Testing) :: Tools

GoldenEye is a HTTP DoS test tool . This software is distributed under the GNU General Public License version 3 (GPLv3). GoldenEye is ...

Shellter (Dynamic Shellcode Injection) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="Shellter Tool Image" border="0" height="361" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoCFTJcSTQINV_sfK7AZLw_70-JcIoAkc47RndYmYREK6nCYviWJX0NHZWC8v57DqpRcode3mTmcXkovY1gp7aZNEH08v3-Wcd-bg13_CPfeQuMQt7Fq7GftMh4LemIyth1rYp_V2KlFPS/s1600/Shellter+Image.JPG" title="Shellter Tool Image" width="640" /></div>
<div style="text-align: justify;">
<b>Shellter</b> is a <b>dynamic shellcode injection tool</b>, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> applications (currently 32-bit apps only). The shellcode can be something yours or something generated through a <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a>, such as Metasploit.</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Shellter </b>takes advantage of the original structure of the PE file and
 doesn’t apply any modification such as changing <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> access 
permissions in sections, adding an extra section with RWE access,and 
whatever would look dodgy under an AV scan.</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Shellter</b> uses a unique dynamic approach which is based on the execution flow of the target application.</div>
<div style="text-align: justify;">
<b>Shellter</b> uses a unique dynamic approach which is based on the execution flow of
the target application. This means that no static/predefined locations are used
for shellcode injection. <b>Shellter </b>will launch and trace the target, while at the
same time will log the execution flow of the application.
</div>
<div style="text-align: justify;">
<b>Shellter</b> traces the entire execution flow that occurs in userland. That means,
code inside the target application itself (PE image), and code outside of it
that might be in a system dll or on a heap, etc. This happens in order to ensure
that functions actually belonging to the target executable, but are only used as
callback functions for Windows APIs will not be missed.

However, the tracing engine will not log any instructions that are not in the
memory range of the PE image of the target application, since these cannot be
used as a reference to permanently inject the shellcode.</div>
<div style="text-align: justify;">
<b>Why Need :: </b>Executables created through <a href="http://www.toolwar.com/2013/09/metasploit-framework.html" target="_blank">Metasploit</a> are most likely detected by most AV
vendors. By using Shellter, you automatically have an infinitely polymorphic
executable template, since you can use any 32-bit 'standalone' native Windows
executable to host your shellcode. By 'standalone' means an executable that 
doesn't need any proprietary DLLs, apart from the system DLLs to load and run.
For example, notepad.exe, and many other applications you can find online, or 
create by yourself as your own custom templates.

You can also use applications that make use of proprietary DLLs if those are
not required to create the process in the first place, and are normally loaded
later on if needed to execute code for a specific task. In case you select an
application that needs one or more proprietary DLLs to create the process in the
first place then you will have to include them in the same directory from where
you load the main executable. However, this is not recommended since it is more
convenient to have just a single executable to upload to the target. </div>
<h3>
Tutorials ::</h3>
<b>System Requirement ::</b> Windows XP SP3 (x32/x64) or Higher <br />
<b>Full Description :: </b><a href="https://www.shellterproject.com/Downloads/Shellter/Readme.txt" target="_blank">Click Here</a><br />
<b>Video Tutorial :: </b><a href="https://www.youtube.com/watch?v=91QmSy-dUEA" target="_blank">Click Here</a><br />
<h3>
Download ::</h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="https://www.shellterproject.com/Downloads/Shellter/Old/Shellter_v1.0.rar" target="_blank">Shellter v1.0 </a>(.rar)<b><br /></b></div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="https://www.shellterproject.com/introducing-shellter/">https://www.shellterproject.com/introducing-shellter/</a></div>

Shellter (Dynamic Shellcode Injection) :: Tools

Shellter is a dynamic shellcode injection tool , and probably the first dynamic PE infector ever created. It can be used in order to inj...

Cisco Global Exploiter (CGE) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="CISCO Global Exploiter" border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" title="CISCO Global Exploiter" width="320" /></a></div>
<div style="text-align: justify;">
<b>Cisco Global Exploiter (CGE)</b>, is an advanced, simple and fast <a href="http://www.toolwar.com/search/label/Security" target="_blank">        security</a> testing tool/ exploit engine, that is able to exploit 14 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">        vulnerabilities</a> in disparate Cisco switches and routers.  CGE is 
        <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line</a> driven <a href="http://www.toolwar.com/2013/09/perl-language.html" target="_blank">perl </a>script which has a simple and easy to use 
        front-end.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
CGE can exploit the following 14 vulnerabilities:</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[1] - Cisco 677/678 Telnet Buffer 
        Overflow Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[2] - Cisco IOS Router Denial of Service 
        Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[3] - Cisco IOS HTTP Auth Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[4] - Cisco IOS HTTP Configuration 
        Arbitrary Administrative Access Vulnerability[5] - Cisco Catalyst SSH 
        Protocol Mismatch Denial of Service Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[6] - Cisco 675 Web Administration 
        Denial of Service Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[7] - Cisco Catalyst 3500 XL Remote 
        Arbitrary Command Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[8] - Cisco IOS Software HTTP Request 
        Denial of Service Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[9] - Cisco 514 UDP Flood Denial of 
        Service Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[10] - CiscoSecure ACS for Windows NT 
        Server Denial of Service Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[11] - Cisco Catalyst Memory Leak 
        Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[12] - Cisco CatOS CiscoView HTTP Server 
        Buffer Overflow Vulnerability</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[13] - 0 Encoding IDS Bypass 
        Vulnerability (UTF)</span></div>
<div style="text-align: justify;">
<span style="font-family: Times New Roman;">[14] - Cisco IOS HTTP Denial of Service 
        Vulnerability</span></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
Tutorial :: </h3>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Installation:</b></div>
<div style="text-align: justify;">
<span style="font-family: Courier New;">tar -zxvf cge-13.tar.gz</span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><span style="font-family: Times New Roman;">Execution:</span></b></div>
<div style="text-align: justify;">
<span style="font-family: Courier New; font-size: x-small;">perl cge.pl <target> <vulnerability 
        number></span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Example output:</b></div>
<div style="text-align: justify;">
<span style="font-size: x-small;"><span style="font-family: Courier New;">[root@hacker cge-13]# perl cge.pl 
        192.168.1.254 3</span><br />
<span style="font-family: Courier New;">Vulnerability successful exploited with 
        [http://192.168.1.254/level/17/exec/....] ...</span></span></div>
<div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
The above is trying to exploit <span style="font-family: Times New Roman;">the Cisco 
        IOS HTTP Auth Vulnerability and hopefully using the nice link provided 
        we should have basic access to the switch we are attacking, (not 
        enable):</span></div>
<div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
 
        </div>
<h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
Download ::</h3>
<div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
<b>Linux :: </b><a href="http://packetstormsecurity.org/0405-exploits/cge-13.tar.gz" target="_blank">Cisco Global Exploiter</a> (.tar.gz)<b><br /></b></div>
<div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">
<b>Official Website :: </b><a href="http://www.vulnerabilityassessment.co.uk/cge.htm">http://www.vulnerabilityassessment.co.uk/cge.htm</a></div>

Cisco Global Exploiter (CGE) :: Tools

Cisco Global Exploiter (CGE) , is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14...

SSLsplit (MITM Attack against SSL/TLS) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="sslsplit" border="0" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiKnDa1SmFAz2I_uUyfY8OE-KawIYa9Rk7T3wbyfUM42-zCwgo1Hs18FThDil200FpKE2OdkcCO9Uvk0_lHGNieQuDLgJxQVuvj7VN0Yhxbtky5w-AyzRHrrqWZB4Qrf8q5dafKyblfRnO/s1600/SSLsplit.jpg" title="sslsplit" width="400" /></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><b>SSLsplit</b> is a tool for <b><a href="http://www.toolwar.com/search/label/MITM" target="_blank">man-in-the-middle attacks</a> against SSL/TLS</b> encrypted
<a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> connections.  Connections are transparently intercepted through a
network address translation engine and redirected to SSLsplit.  <b>SSLsplit</b>
terminates SSL/TLS and initiates a new SSL/TLS connection to the original
destination address, while logging all data transmitted.  SSLsplit is intended
to be useful for network <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensics</a> and <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>.</span></div>
<br />
<div style="text-align: justify;">
<span style="font-family: inherit;"><b>SSLsplit </b>supports plain TCP, plain SSL, HTTP and HTTPS connections over both
IPv4 and IPv6.  For SSL and HTTPS connections, SSLsplit generates and signs
forged X509v3 certificates on-the-fly, based on the original server certificate
subject DN and subjectAltName extension.  <b>SSLsplit</b> fully supports Server Name
Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and
ECDHE cipher suites.  <b>SSLsplit </b>can also use existing certificates of which the
private key is available, instead of generating forged ones.  <b>SSLsplit</b> supports
NULL-prefix CN certificates and can deny OCSP requests in a generic way.
SSLsplit removes HPKP response headers in order to prevent public key pinning.</span></div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>Installation ::</b></div>
<div style="text-align: justify;">
SSLsplit is or will be available as a package or port on the following systems:</div>
<ul style="text-align: justify;">
<li>OpenBSD: security/sslsplit</li>
<li>Arch Linux AUR: sslsplit</li>
<li>Fedora: sslsplit</li>
<li>Kali: sslsplit</li>
<li>Backtrack: sslsplit</li>
</ul>
<div style="text-align: justify;">
<b>To install from source:</b></div>
<div style="text-align: justify;">
<pre><code class=" ruby">make
make <span class="keymethods">test</span>       <span class="comment"># optional unit tests</span>
make install    <span class="comment"># optional install</span>
</code></pre>
</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Usage ::</b></div>
<div style="text-align: justify;">
<pre><code class=" sql">% sslsplit -h
<span class="keyword">Usage</span>: sslsplit [options...] [proxyspecs...]
  -c pemfile  use CA cert (<span class="keyword">and</span> <span class="keyword">key</span>) <span class="keyword">from</span> pemfile <span class="keyword">to</span> sign forged certs
  -k pemfile  use CA <span class="keyword">key</span> (<span class="keyword">and</span> cert) <span class="keyword">from</span> pemfile <span class="keyword">to</span> sign forged certs
  -C pemfile  use CA chain <span class="keyword">from</span> pemfile (intermediate <span class="keyword">and</span> root CA certs)
  -K pemfile  use <span class="keyword">key</span> <span class="keyword">from</span> pemfile <span class="keyword">for</span> leaf certs (<span class="keyword">default</span>: generate)
  -t certdir  use cert+chain+<span class="keyword">key</span> PEM files <span class="keyword">from</span> certdir <span class="keyword">to</span> target <span class="keyword">all</span> sites
              matching the common <span class="keyword">names</span> (non-matching: generate if CA)
  -O          deny <span class="keyword">all</span> OCSP requests <span class="keyword">on</span> <span class="keyword">all</span> proxyspecs
  -P          passthrough SSL connections if they cannot be split because <span class="keyword">of</span>
              client cert auth <span class="keyword">or</span> <span class="keyword">no</span> matching cert <span class="keyword">and</span> <span class="keyword">no</span> CA (<span class="keyword">default</span>: <span class="keyword">drop</span>)
  -g pemfile  use DH <span class="keyword">group</span> params <span class="keyword">from</span> pemfile (<span class="keyword">default</span>: keyfiles <span class="keyword">or</span> auto)
  -G curve    use ECDH named curve (<span class="keyword">default</span>: secp160r2 <span class="keyword">for</span> non-RSA leafkey)
  -Z          disable SSL/TLS compression <span class="keyword">on</span> <span class="keyword">all</span> connections
  -s ciphers  use the given OpenSSL cipher suite spec (<span class="keyword">default</span>: <span class="keyword">ALL</span>:-aNULL)
  -e engine   specify <span class="keyword">default</span> NAT engine <span class="keyword">to</span> use (<span class="keyword">default</span>: ipfw)
  -E          list available NAT engines <span class="keyword">and</span> exit
  -u <span class="keyword">user</span>     <span class="keyword">drop</span> <span class="keyword">privileges</span> <span class="keyword">to</span> <span class="keyword">user</span> (<span class="keyword">default</span> if run <span class="keyword">as</span> root: nobody)
  -j jaildir  chroot() <span class="keyword">to</span> jaildir (<span class="keyword">default</span> if run <span class="keyword">as</span> root: /var/empty)
  -p pidfile  <span class="keyword">write</span> pid <span class="keyword">to</span> pidfile (<span class="keyword">default</span>: <span class="keyword">no</span> pid file)
  -l logfile  <span class="keyword">connect</span> log: log one line summary per <span class="keyword">connection</span> <span class="keyword">to</span> logfile
  -L logfile  content log: <span class="keyword">full</span> data <span class="keyword">to</span> file <span class="keyword">or</span> named pipe (excludes -S)
  -S logdir   content log: <span class="keyword">full</span> data <span class="keyword">to</span> separate files <span class="keyword">in</span> dir (excludes -L)
  -d          daemon mode: run <span class="keyword">in</span> background, log error messages <span class="keyword">to</span> syslog
  -D          debug mode: run <span class="keyword">in</span> foreground, log debug messages <span class="keyword">on</span> stderr
  -V          print version information <span class="keyword">and</span> exit
  -h          print <span class="keyword">usage</span> information <span class="keyword">and</span> exit
  proxyspec = type listenaddr+port [natengine|targetaddr+port|<span class="string">"sni"</span>+port]
  e.g.        http <span class="number">0.0</span>.<span class="number">0.0</span> <span class="number">8080</span> www.roe.ch <span class="number">80</span>  # http/<span class="number">4</span>; static hostname dst
              https ::<span class="number">1</span> <span class="number">8443</span> <span class="number">2001</span>:db8::<span class="number">1</span> <span class="number">443</span>   # https/<span class="number">6</span>; static address dst
              https <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">9443</span> sni <span class="number">443</span>     # https/<span class="number">4</span>; SNI DNS lookups
              tcp <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">10025</span>              # tcp/<span class="number">4</span>; <span class="keyword">default</span> NAT engine
              ssl <span class="number">2001</span>:db8::<span class="number">2</span> <span class="number">9999</span> pf          # ssl/<span class="number">6</span>; NAT engine <span class="string">'pf'</span>
Example:
  sslsplit -k ca.<span class="keyword">key</span> -c ca.pem -P  https <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">8443</span>  https ::<span class="number">1</span> <span class="number">8443</span></code></pre>
</div>
<div style="text-align: justify;">
<code class=" sql"><span style="font-family: "Courier New",Courier,monospace;"><b><span style="font-weight: normal;"><span class="number"><br /></span></span></b></span>
</code></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Requirements ::</h3>
<div style="text-align: justify;">
SSLsplit depends on the OpenSSL and libevent 2.x libraries.
The build depends on GNU make and a POSIX.2 environment in <code>PATH</code>.
The (optional) unit tests depend on the check library.</div>
<div style="text-align: justify;">
SSLsplit currently supports the following operating systems and NAT engines:</div>
<ul style="text-align: justify;">
<li>FreeBSD: pf rdr and divert-to, ipfw fwd, ipfilter rdr</li>
<li>OpenBSD: pf rdr-to and divert-to</li>
<li>Linux: netfilter REDIRECT and TPROXY</li>
<li>Mac OS X: ipfw fwd and pf rdr (experimental)</li>
</ul>
<h3>
Download ::</h3>
<b>Linux :: </b><a href="http://mirror.roe.ch/rel/sslsplit/sslsplit-0.4.8.tar.bz2" target="_blank">SSLsplit v0.4.8</a> (.tar.bz2)<b><br /></b><br />
<b>Official Website ::</b> <a href="http://www.roe.ch/SSLsplit">http://www.roe.ch/SSLsplit</a><br /><code class=" ruby"><span class="comment"></span>
</code>

SSLsplit (MITM Attack against SSL/TLS) :: Tools

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently interc...

dotDefender (Web Application Firewall) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="dotdefender logo" border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNgB-QvtDSLba1_oj3raWHinKyPHlXi03q3ECtSO3gJ48vp-5nB4zTE6VeGXuf2zMoyT4qML8f8UFcVw3vF3eTqukbzuWA2BuOh0SMj7nVWNE42TjUn1Ljvis_vmEN16ihNYTUeLwR-dwx/s640/dotDefender+logo.jpg" title="dotdefender logo" width="640" /></div>
<br />
<b>dotDefender</b> is the market-leading software <b>Web Application Firewall  (WAF)</b>. <b>dotDefender</b> boasts enterprise-class <a href="http://www.toolwar.com/search/label/Security" target="_blank">security,</a> advanced  integration capabilities, easy maintenance and low total cost of  ownership (TCO). <b>dotDefender</b> is the perfect choice for protecting your  website and <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> applications today. </div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
<b>Tutorials :: </b></h3>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/DKlTdoIiaSU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<h3 style="text-align: justify;">
<b>Download ::</b> </h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://www.applicure.com/downloads/5.12%20no%20SP/DotDefender%20Install%2032Bit%20v5.12.13275%20msi.exe" target="_blank">dotDefender V5.12</a></div>
<div style="text-align: justify;">
<b>Debian :: </b><a href="http://www.applicure.com/downloads/5.12/Linux/i386/dotDefender-5.12.Linux.i386.deb.bin.gz" target="_blank">dotDefender V5.12</a></div>
<div style="text-align: justify;">
<b>Linux :: </b><a href="http://www.applicure.com/downloads/5.12/Linux/i386/dotDefender-5.12.Linux.i386.gen.bin.gz" target="_blank">dotDefender V5.12</a></div>
<b>RPM :: </b><a href="http://www.applicure.com/downloads/5.12/Linux/i386/dotDefender-5.12.Linux.i386.rpm.bin.gz" target="_blank">dotDefender V5.12</a>
<b> </b><br />
<b>Official Website :: </b><a href="http://www.applicure.com/">http://www.applicure.com/</a>

dotDefender (Web Application Firewall) :: Tools

dotDefender is the market-leading software Web Application Firewall (WAF) . dotDefender boasts enterprise-class security, advanced ...

Xenotix XSS Exploit Framework v4.5 :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.owasp.org/images/9/98/Xenotix.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Xenotix XSS Framework" border="0" height="237" src="https://www.owasp.org/images/9/98/Xenotix.png" title="Xenotix XSS Framework" width="400" /></a></div>
<div style="text-align: justify;">
<b>OWASP Xenotix XSS Exploit Framework</b> is an advanced <a href="http://www.toolwar.com/search/label/XSS" target="_blank">Cross Site  Scripting (XSS)</a> vulnerability detection and exploitation <a href="http://www.toolwar.com/search/label/Framework" target="_blank">framework</a>. It  provides Zero False Positive scan results with its unique Triple Browser  Engine (Trident, WebKit, and Gecko) embedded <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner.</a> It is claimed to  have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS  Payloads for effective XSS vulnerability detection and WAF Bypass. It  is incorporated with a feature rich <a href="http://www.toolwar.com/search/label/Information-Gathering" target="_blank">Information Gathering</a> module for  target Reconnaissance. The Exploit Framework includes highly offensive  XSS <a href="http://www.toolwar.com/search/label/Exploitation" target="_blank">exploitation</a> modules for <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">Penetration</a> Testing and Proof of Concept  creation. </div>
<div style="text-align: justify;">
<div style="border: none; color: black; font-size: 120%; margin: 0;">
<br />
<span style="font-size: small;"><b>SCANNER MODULES</b></span>
<br />
<span style="font-size: small;">
</span><ul>
<li><span style="font-size: small;">Manual Mode Scanner
</span></li>
<li><span style="font-size: small;">Auto Mode Scanner
</span></li>
<li><span style="font-size: small;">DOM Scanner
</span></li>
<li><span style="font-size: small;">Multiple Parameter Scanner
</span></li>
<li><span style="font-size: small;">POST Request Scanner
</span></li>
<li><span style="font-size: small;">Header Scanner
</span></li>
<li><span style="font-size: small;">Fuzzer
</span></li>
<li><span style="font-size: small;">Hidden Parameter Detector
</span></li>
</ul>
<span style="font-size: small;">
</span><span style="font-size: small;"><b>INFORMATION GATHERING MODULES</b></span>
<br />
<span style="font-size: small;">
</span><ul>
<li><span style="font-size: small;">WAF Fingerprinting
</span></li>
<li><span style="font-size: small;">Victim Fingerprinting
</span></li>
<li><span style="font-size: small;">Browser Fingerprinting
</span></li>
<li><span style="font-size: small;">Browser Features Detector
</span></li>
<li><span style="font-size: small;">Ping Scan
</span></li>
<li><span style="font-size: small;">Port Scan
</span></li>
<li><span style="font-size: small;">Internal Network Scan
</span></li>
</ul>
<span style="font-size: small;">
</span><span style="font-size: small;"><b>EXPLOITATION MODULES</b></span>
<br />
<span style="font-size: small;">
</span><ul>
<li><span style="font-size: small;">Send Message
</span></li>
<li><span style="font-size: small;">Cookie Thief
</span></li>
<li><span style="font-size: small;">Phisher
</span></li>
<li><span style="font-size: small;">Tabnabbing
</span></li>
<li><span style="font-size: small;">Keylogger
</span></li>
<li><span style="font-size: small;">HTML5 DDoSer
</span></li>
<li><span style="font-size: small;">Load File
</span></li>
<li><span style="font-size: small;">Executable Drive By
</span></li>
<li><span style="font-size: small;">JavaScript Shell
</span></li>
<li><span style="font-size: small;">Reverse HTTP WebShell
</span></li>
<li><span style="font-size: small;">Drive-By Reverse Shell
</span></li>
<li><span style="font-size: small;">Metasploit Browser Exploit
</span></li>
<li><span style="font-size: small;">Firefox Reverse Shell Addon (Persistent)
</span></li>
<li><span style="font-size: small;">Firefox Session Stealer Addon (Persistent)
</span></li>
<li><span style="font-size: small;">Firefox Keylogger Addon (Persistent)
</span></li>
<li><span style="font-size: small;">Firefox DDoSer Addon (Persistent)
</span></li>
<li><span style="font-size: small;">Firefox Linux Credential File Stealer Addon (Persistent)
</span></li>
<li><span style="font-size: small;">Firefox Download and Execute Addon (Persistent)
</span></li>
</ul>
<span style="font-size: small;">
</span><span style="font-size: small;"><b>UTILITY MODULES</b></span>
<br />
<span style="font-size: small;">
</span><ul>
<li><span style="font-size: small;">WebKit Developer Tools
</span></li>
<li><span style="font-size: small;">Payload Encoder
</span></li>
<li><span style="font-size: small;">JavaScript Beautify
</span></li>
<li><span style="font-size: small;">Hash Calculator
</span></li>
<li><span style="font-size: small;">Hash Detector
</span></li>
</ul>
</div>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/dCo5BCJWOdA?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
<b>Windows :: </b><span style="color: #3d85c6;"><span style="background-color: white;"><a href="http://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rarhttp://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rar" target="_blank">OWASP Xenotix v4.5</a> </span></span></div>
<div style="text-align: justify;">
<b>Official Websites :: </b>http://www.owasp.org/</div>
</div>

Xenotix XSS Exploit Framework v4.5 :: Framework

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework . It...

SILICA (WiFi Penetration Testing) :: Tools

<div style="text-align: justify;">
<span style="font-size: small;"></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3Pvv_IBiRa-8oX-3aa_2A22D5nvUsowumkAz3fTkG5t9hmCiUfG5XBQ9K7MtHa4Kch16v2V0fOiVRZCFh1GtfuGsYF9YsTitnsPUXCPQgDqqoijMqSka4DOSumJJFHujYBuhicQzLzSR-/s1600/Silica+Wireless+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Silica Wireless Screenshot" border="0" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3Pvv_IBiRa-8oX-3aa_2A22D5nvUsowumkAz3fTkG5t9hmCiUfG5XBQ9K7MtHa4Kch16v2V0fOiVRZCFh1GtfuGsYF9YsTitnsPUXCPQgDqqoijMqSka4DOSumJJFHujYBuhicQzLzSR-/s400/Silica+Wireless+screenshot.png" title="Silica Wireless Screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<span style="font-size: small;"><b>SILICA</b> is a tool for hacking or <i>Wi-Fi penetration testing</i>. Understanding the <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerabilities</a> of your <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">WiFi</a> network can be challenging as users can easily create networks
on demand, or even perhaps unintentionally. But as recent events have demonstrated, scanning your <i>WiFi
network</i> is an important part of understanding your <a href="http://www.toolwar.com/search/label/Security" target="_blank">security </a>posture.</span></div>
<div style="text-align: justify;">
<span style="font-size: small;">
Most vulnerability assessment tools
simply take their current network scanners and point them at the wireless infrastructure. This approach does not
give you the information that is unique to <a href="http://www.toolwar.com/search/label/Wireless" target="_blank">wireless </a>networks. Immunity has built the first automated, WiFi
specific, vulnerability assessment and penetration tool.</span></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
Unlike traditional scanners that merely identify possible
vulnerabilities, <b>SILICA</b> determines the true risk of a particular
access point. <b>SILICA</b> does this by unintrusively leveraging
vulnerabilities and determining what assets behind the
vulnerable access point can be compromised.</div>
<div style="text-align: justify;">
Additionally while traditional <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners</a> can enumerate the vulnerabilities of
a particular target, they cannot evaluate whether a mitigating
control is in place on the target or in the surrounding environ-
ment. With<b> SILICA</b>’s unique methodology it can report on
whether vulnerability can be successfully exploited.</div>
<div style="text-align: justify;">
<b>More than simple scanning, the benefits of using SILICA include:</b></div>
<div style="text-align: justify;">
1) Improved security posture<br />
2) Simplified trouble shooting<br />
3) <a href="http://www.toolwar.com/search/label/Network" target="_blank">Network</a> mapping<br />
4) Create real threat profiles and vulnerability assessments<br />
5) Build WiFi risk and vulnerability analysis for PCI, SOX<br />
6) Rogue access point detection<br />
7) Auditing wireless client security</div>
<h3 style="text-align: justify;">
<span style="font-size: small;">With SILICA You Can ::</span></h3>
<div style="text-align: justify;">
<span style="font-size: small;">1. Recover WEP, WPA 1,2 and LEAP keys<br />2. Passively hijack web application sessions for email, social networking and Intranet sites.<br />3. Map a wireless network and identify its relationships with associated clients and other access points.<br />4. Identify vendors, hidden SSIDs and equipment passively.<br />5. Scan and break into hosts on the network using integrated CANVAS exploit modules and commands to recover screenshots, password hashes and other sensitive information.<br />6. Perform man-in-the-middle attacks to find valuable information exchanged between hosts.<br />7. Generate reports for wireless and network data.<br />8. Hijack wireless client connections via access point impersonation.<br />9. Passively inject custom content into client's web sessions.<br />10. Take full control of wireless clients via CANVAS's client-side exploitation framework (clientD).<br />11. Decrypt and easily view all WEP and WPA 1/2 traffic.</span></div>
<h3 style="text-align: justify;">
Tutorial ::</h3>
<div style="text-align: justify;">
<b>Videos :: </b><a href="http://www.immunitysec.com/products-silica.shtml" target="_blank">Silica Videos Tutorials</a> </div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://downloads.immunityinc.com/SILICA_VM.zip" target="_blank">SILICA_VM</a></div>
<div style="text-align: justify;">
<span style="font-size: small;"></span></div>
<div style="text-align: justify;">
</div>

SILICA (WiFi Penetration Testing) :: Tools

SILICA is a tool for hacking or Wi-Fi penetration testing . Understanding the vulnerabilities of your WiFi network can be challengin...

Bluediving (Bluetooth Penetration Testing) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGDR5aWRa3G4M6DF_zV6qBMmhquEXiTAH_xz6QSOaASWovOeBIZlJmVlQESXiEd8UeBPa2KyYjOrLvJ7enIwRj5PMVixhz0sZ-Gbq-oQ947GmNFTzX6KObVr-2g2jhXfvTCt-yWHT5472P/s1600/bluediving+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Bluediving Screenshot" border="0" height="226" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGDR5aWRa3G4M6DF_zV6qBMmhquEXiTAH_xz6QSOaASWovOeBIZlJmVlQESXiEd8UeBPa2KyYjOrLvJ7enIwRj5PMVixhz0sZ-Gbq-oQ947GmNFTzX6KObVr-2g2jhXfvTCt-yWHT5472P/s400/bluediving+screenshot.jpg" title="Bluediving Screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<b>Bluediving</b> is a <i>Bluetooth penetration testing suite</i>. Bluediving implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as <a href="http://www.toolwar.com/search/label/Bluetooth" target="_blank">Bluetooth</a> address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> and greenplaque scanning mode (using more than one hci device).<br />
<b>Programming languages:</b> Perl and C<br />
<b>Supported operating systems: </b>GNU Linux 2.4 / 2.6 and FreeBSD<br />
<b>Requirements:</b> BlueZ, Sox, obexftp, Gnu Readline library, XML::Simple</div>
<div style="text-align: justify;">
<h3>
Download :: </h3>
</div>
<div style="text-align: justify;">
<b>Linux :: </b><a href="http://sourceforge.net/projects/bluediving/files/bluediving/bluediving-0.9/bluediving-0.9.tgz/download" target="_blank">Bluediving v0.9</a></div>
<div style="text-align: justify;">
<h3>
Tutorial ::</h3>
<a href="http://www.youtube.com/watch?v=njUoGVI6l1s" target="_blank">Click Here</a> </div>

Bluediving (Bluetooth Penetration Testing) :: Tools

Bluediving is a Bluetooth penetration testing suite . Bluediving implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has...

Car Whisperer (Hack Carkit Bluetooth) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="car whisperer image" border="0" height="187" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkC2AwMgoejXDeEWtuft-qbIf2141FbNI8oAzWjtHadAjcvYqBkZruCI7RBFC5-doo_cjpVxr86oB-qXBC21UY4DLNwCdpK6eQhCbKuSAZ9XQb7Dyo8z3Bxy-sWym6ja8oSEjPmhExS0OA/s400/Car+Whisperer+Image.jpg" title="car whisperer image" width="400" /></div>
<b>Carwhisperer</b> project intends to sensibilise manufacturers               of carkits and other <b>Bluetooth appliances</b> without display and keyboard               for the possible             security threat evolving from the use of standard passkeys.             </div>
<div style="text-align: justify;">
A <a href="http://www.toolwar.com/search/label/Bluetooth" target="_blank"><b>Bluetooth </b></a>passkey is used within the pairing process that takes               place, when                two<b> Bluetooth</b> enabled devices connect for the first time. Besides               other public                data, the passkey is a secret parameter used in the process that               generates and                exchanges the so-called link key. In Bluetooth communication scenarios               the link               key is used for authentication and encryption of the information               that is              exchanged between the counterparts of the communication.</div>
<div style="text-align: justify;">
The cw_scanner                 script is repeatedly performing a device inquiry for visible                 Bluetooth devices of which the class matches the one of Bluetooth                 Headsets                  and Hands-Free Units. Once a visible Bluetooth device with the                 appropriate <br />
device class is found, the cw_scanner script executes the carwhisperer                 binary                  that connects to the found device (on RFCOMM channel 1) and opens                 a control                connection and connects the SCO links.</div>
<div style="text-align: justify;">
The carwhiperer binary connects to the device found by the cw_scanner.               The passkey that is required for the initial connection to the               device is provided                by the cw_pin.pl script that replaces the official Bluez PIN helper               (graphical                application that usually prompts for the passkey). The cw_pin.pl               script                provides the passkey depending on the Bluetooth address that requests               it.                Depending on the first three bytes of the address, which references               the                manufacturer, different passkeys are returned by the cw_pin.sh               script. In                quite a few cases the preset standard passkey on headsets and handsfree               units              is '0000' or '1234'.</div>
<div style="text-align: justify;">
Once the connection has been successfully established, the carwhisperer               binary                starts sending audio to, and recording audio from the headset.               This allows attackers to inject audio data into the car. This could               be fake <br />
traffic announcements or nice words. Attackers are also able to               eavesdrop             conversations among people sitting in the car.</div>
<div style="text-align: justify;">
Ideally, the carwhisperer is used with a toooned dongle                and                 a directional                antenna that enhances the range of a Bluetooth radio quite a bit.</div>
<div style="text-align: justify;">
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/yZcL1k33tho?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/1c-jzYAH2gw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
<b>Linux :: </b><a href="http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz" target="_blank">Car Whisperer v0.2</a><br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>

Car Whisperer (Hack Carkit Bluetooth) :: Tools

Carwhisperer project intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and k...

HULK (Web Server DDoS) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="hulk ddos tool" border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmkIpDIrPxvWHtvaai_4lmV1eyCCUucwGOrd8aUni-ylFt1wNOuMbrXPPPrtc8hntwhyphenhyphenoPGGfY1vutVU40iKl62ewiHoIVJpoPAVQxG0fGoJuJYywjG5L1Kwvzl-NBExPpV23vg0rSOtoY/s320/hulk+web+server+logo.jpg" title="hulk ddos tool" width="320" /></div>
<b>HULK</b> is a <i>web server denial of service tool (DDoS Tool)</i> written for research 
purposes. It is designed to generate volumes of unique and obfuscated 
traffic at a webserver, bypassing caching engines and therefore hitting 
the server's direct resource pool.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The <b>Hulk Web server</b> is a brainchild of Barry Shteiman. This<i> DDoS attack 
tool </i>distinguishes itself from many of the other tools out in the wild. 
According to its creator, the Hulk Web server was born of his conclusion
 that most available DDoS attack tools produced predictable repeated 
patterns that could easily be mitigated. The principle behind the Hulk 
Web server is that a unique pattern is generated at each and every 
request, with the intention of increasing the load on the servers as 
well as evading any intrusion detection and prevention systems. </div>
<h3 style="text-align: justify;">
Some Techniques</h3>
<ul style="text-align: justify;">
<li>Obfuscation of Source Client – this is done by using a list of known
 User Agents, and for every request that is constructed, the User Agent 
is a random value out of the known list</li>
<li>Reference Forgery – the <i>referer</i> that points at the request is obfuscated and points into either the host itself or some major prelisted websites.</li>
<li>Stickiness – using some standard Http command to try and ask the 
server to maintain open connections by using Keep-Alive with variable 
time window</li>
<li>no-cache – this is a given, but by asking the HTTP server for <i>no-cache</i> , a server that is not behind a dedicated caching service will present a unique page.</li>
<li>Unique Transformation of URL – to eliminate caching and other 
optimization tools, I crafted custom parameter names and values and they
 are randomized and attached to each request, rendering it to be Unique,
 causing the server to process the response on each event.</li>
</ul>
<div style="text-align: justify;">
<b>Video Tutorial :: </b><a href="https://www.youtube.com/watch?v=dYjx2VoXjEA" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://packetstormsecurity.com/files/download/112856/hulk.zip" target="_blank">Hulk.zip</a><b><a href="http://packetstormsecurity.com/files/download/112856/hulk.zip" target="_blank"> </a></b></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.sectorix.com/ </div>

HULK (Web Server DDoS) :: Tools

HULK is a web server denial of service tool (DDoS Tool) written for research purposes. It is designed to generate volumes of unique an...

Yersinia (Network Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Yersinia Logo" border="0" height="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaip-ZZ9WXtUFqjvHpyobAuFZwEjxo7tfG3P7zCZO3FhpEcOO4kT7V5Tpw5l2HzQaqs_2m02KHTdfYYWHsDikZeBdyfU9d9bp3nMRC-uEUFZIOMoDgpdnVV5pb-NxIy1tBP9_DoBwLj8qN/s320/yersinia+logo.jpg" title="Yersinia Logo" width="320" /></div>
<b>Yersinia</b> is a <i>network tool designed</i> to take advantage of <i>some  weakeness in different network protocols.</i> It pretends to be a solid  framework for analyzing and testing the deployed networks and systems. </div>
<div style="text-align: justify;">
Currently, there are some network protocols implemented, but others  are coming (tell us which one is your preferred). Attacks for the  following network protocols are implemented (but of course you are free  for implementing new ones): </div>
<ul style="text-align: justify;">
<li>Spanning Tree Protocol (STP)</li>
<li>Cisco Discovery Protocol (CDP)</li>
<li>Dynamic Trunking Protocol (DTP)</li>
<li>Dynamic Host Configuration Protocol (DHCP)</li>
<li>Hot Standby Router Protocol (HSRP)</li>
<li>IEEE 802.1Q</li>
<li>IEEE 802.1X</li>
<li>Inter-Switch Link Protocol (ISL)</li>
<li>VLAN Trunking Protocol (VTP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/cyU-ds5M9Uo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Download Here ::</b> <a href="http://www.yersinia.net/download/yersinia-0.7.1.tar.gz"> Yersinia-0.7.1.tar.gz</a>  
<b> </b><br />
<b>Official Website ::</b> http://www.yersinia.net/</div>

Yersinia (Network Tool) :: Tools

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid f...

Social Engineering Toolkit (SET) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Social-Engineering-Toolkit Logo" border="0" height="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZp5OAjBJvIyr5zI3tkhYhzWyUadCCpXmfibfXqc_q0jgKSbkicYCNzA91NhgcYEyKkp2mjzZCDl-toVTu6AEL96HjxPEnEHhMAHpZfVw79c4kmp13o5fXXigNVPUL_aBkNQUqsT7-aH5u/s400/SET+Logo.jpg" title="Social-Engineering-Toolkit Logo" width="400" /></div>
<div style="text-align: justify;">
The <b>Social-Engineer Toolkit (SET)</b> was created and written by the  founder of <b>TrustedSec</b>. It is an open-source Python-driven tool aimed at  <b>penetration testing around Social-Engineering.</b> SET has been presented at  large-scale conferences including Blackhat, DerbyCon, Defcon, and  ShmooCon. With over two million downloads, SET is the standard for  social-engineering penetration tests and supported heavily within the  security community. </div>
<div style="text-align: justify;">
<b>The Social-Engineer Toolkit</b> has over 2 million downloads and is aimed  at leveraging advanced technological attacks in a social-engineering  type environment. TrustedSec believes that social-engineering is one of  the hardest attacks to protect against and now one of the most  prevalent. The toolkit has been featured in a number of books including  the number one best seller in security books for 9 months since its  release,“Metasploit: The Penetrations Testers Guide” written by TrustedSec’s founder as well as Devon Kearns, Jim O’Gorman, and Mati Aharoni.</div>
<div style="text-align: justify;">
<b>SET</b> is included in the latest version of the most popular Linux  distribution focused on security, Back|Track.  </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Q9oDyd2yAFc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<br />
<b>For More Video Tutorial :: </b><a href="https://www.trustedsec.com/downloads/social-engineer-toolkit/" target="_blank">Click Here </a><b> </b><br />
<b>Download Here :: </b><span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;"><span class="crayon-e">git </span><span class="crayon-r">clone</span><span class="crayon-h"> </span><span class="crayon-i">https</span><span class="crayon-o">:</span><span class="crayon-c">//github.com/trustedsec/social-engineer-toolkit/ set/</span></span></span></div>
<div class="crayon-pre" style="font-size: 12px !important; line-height: 15px !important;">
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
<b><span class="crayon-c"></span></b><span class="crayon-c"><b><span style="font-size: small;">Official Website :: </span></b><span style="font-size: small;">https://www.trustedsec.com/</span><b> </b></span><span class="crayon-c"></span></div>
</div>
<div style="text-align: justify;">
</div>
</div>

Social Engineering Toolkit (SET) :: Tools

The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec . It is an open-source Python-driven tool aimed...

XMPPloit - Attack XMPP Connections :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="XMPP-Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJbbgjGa7xols5pAsNzkM1VxoM5c361s5-R8quLAeqhK24S_-FJUhWnV6NmA7YYihS6gMpZsXAcmxfKvVwPvAx293lwDoPcJaQRz79xsMy9SDuaADWq_QG9HIv8dxxC9mPfHr1mvJcSX6w/s1600/xmpp+logo.png" title="XMPP Logo" /></div>
<div style="text-align: justify;">
<ins style="background-color: transparent; border: none; display: inline-table; height: 15px; margin: 0; padding: 0; position: relative; visibility: visible; width: 728px;"><ins id="aswift_0_anchor" style="background-color: transparent; border: none; display: block; height: 15px; margin: 0; padding: 0; position: relative; visibility: visible; width: 728px;"></ins></ins><b>XMPPloit</b> is a <i>command-line tool to attack 
XMPP connections</i>, allowing the attacker to place a gateway between the 
client and the server and perform different attacks on the client 
stream.
</div>
<div style="text-align: justify;">
The tool exploit implements vulnerabilities at the client & server side utilizing the <b>XMPP protocol.</b></div>
<div style="text-align: justify;">
The main goal is that all the process is transparently for the user and never replace any certificate (like HTTPS attacks).</div>
<div style="text-align: justify;">
<strong>Features</strong></div>
<ul style="text-align: justify;">
<li> Downgrade the authentication mechanism (can obtain the user credentials)</li>
<li>    Force the client not to use an encrypted communication</li>
<li>    Set filters for traffic manipulation</li>
</ul>
<div style="text-align: justify;">
Filters that have been implemented in this version for Google Talk are:</div>
<ul style="text-align: justify;">
<li>    Read all the the user’s account mails</li>
<li>    Read and modify all the user’s account contacts (being or not in the roster).</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Fj5kbwqXsqY?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://www.ldelgado.es/aplicaciones/xmpploit/XMPPloit.7z" target="_blank">XMPPloit (for Win)</a><b><br /></b></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.ldelgado.es/index.php?dir=aplicaciones/xmpploit </div>
</div>

XMPPloit - Attack XMPP Connections :: Tools

XMPPloit is a command-line tool to attack XMPP connections , allowing the attacker to place a gateway between the client and the serv...

w3af (Web Application Security Scanner) :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="w3af framework" border="0" height="121" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh64FcDATU9QTFYiVVR5bKHDAu351WePSLxj8CrwndRD9_1OJLupKc9aKtZP3EoCHKg85zUONoJj3rMcisiwLWr_f4Ki7jOgi6uzQElIKSxgHyqJjF4BoX_FfWaRoRjF2P0IoeBSvw84hv8/s400/w3af_dilan.png" title="w3af framework" width="400" /></div>
<div style="text-align: justify;">
<b>W3af</b> is a <i>open source web application security scanner framework</i>. <b>w3af</b> is a <i>Web Application Attack and Audit Framework</i>.  The project’s goal is to create a framework to help you secure your web  applications by finding and exploiting all web application  vulnerabilities.</div>
<div style="text-align: justify;">
<b>W3af</b> is an extremely popular, powerful, and flexible framework for  finding and exploiting web application vulnerabilities.  It is easy to  use and extend and features dozens of web assessment and exploitation  plugins.  In some ways it is like a web-focused Metasploit. </div>
<div style="text-align: justify;">
This framework is proudly developed using Python to be <i>easy to use and extend, </i>and licensed under GPLv2.0.</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Vd3pkgevgtw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: center;">
<b>
</b></div>
<div style="text-align: justify;">
<br />
<b>Download Here :: </b><br />
<pre><span style="background-color: white;"><code>git clone https://github.com/andresriancho/w3af.git
cd w3af
./w3af_gui</code></span></pre>
</div>
<div style="text-align: justify;">
<br />
<b>Official Website ::http://w3af.org/</b></div>
<div style="text-align: justify;">
</div>
</div>

w3af (Web Application Security Scanner) :: Framework

W3af is a open source web application security scanner framework . w3af is a Web Application Attack and Audit Framework . The project...

Subscribe to: Posts ( Atom )