PuTTY (SSH and Telnet Client) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="putty logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3zvoJcKewErjVHSTjvbSDUjRlAnvLx8DNoFccuOvxFsCFHnuKCMJYOJ1NrhyfEBId03fqOnulo2MIoeDxqIbix4vgflC093Md_UhkccEcdQQ4NZiRT5mNwvddKjRoz6N4izQD-ufOng6j/s1600/putty+logo.png" title="putty logo" /></div> <div style="text-align: justify;"> <b>PuTTY</b> is a free <b>implementation of Telnet and SSH for Windows and Unix</b> platforms, along with an <code>xterm</code> terminal emulator. It is written and maintained primarily by Simon Tatham. </div> <div style="text-align: justify;"> <b>PuTTY</b> is a free and <i>open-source terminal emulator</i>, serial console and <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> file transfer application. It supports several network <a href="http://www.toolwar.com/search/label/Protocol" target="_blank">protocols</a>, including SCP, SSH, Telnet and rlogin. The name "<b>PuTTY</b>" has no definitive meaning, though "tty" is the name for a terminal in the Unix tradition, usually held to be short for Teletype.<br /> <br /> <b>PuTTY</b> was originally written for Microsoft <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, but it has been ported to various other operating systems. Official ports are available for some Unix-like platforms, with work-in-progress ports to Classic Mac OS and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac</a> OS X, and unofficial ports have been contributed to platforms such as Symbian and Windows Mobile.<br /> </div> <h3 style="text-align: justify;"> Tutorials :: </h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9CZphjhQxIQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe" target="_blank">PuTTY x86</a> <b>(.exe)</b></div> <div style="text-align: justify;"> <b>Unix :: </b><a href="http://the.earth.li/~sgtatham/putty/latest/putty-0.63.tar.gz" target="_blank">PuTTY</a><b> (.tar.gz)</b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">http://www.chiark.greenend.org.uk/~sgtatham/putty/</a></div>

PuTTY (SSH and Telnet Client) :: Tools

PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. It is written ...

Read more »

Autopsy (Digital Investigation Analysis) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="Autopsy logo" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjf21td83eNESL_QTE9NjV-ZSQnqexy4JbWFatUW-4KkqydKjwnSYKqQmPFBy6cnZG7rQZEG7X211P1v_klRTAzd3_Ee5pDqpYn3sfpupP4ff-ao6WwTUaeq8fqKi0PgJQiwb-loD4CvqrI/s1600/autopsy+logo.jpg" title="Autopsy logo" width="200" /></div> <div style="text-align: justify;"> <b>Autopsy</b> is a graphical interface to the <a href="http://www.toolwar.com/search/label/CLI" target="_blank"><i>command line</i></a> <b>digital investigation analysis tools</b> in <a href="http://www.toolwar.com/2014/01/the-sleuth-kit-tsk-forensics-framework.html" target="_blank"> The Sleuth Kit</a>. Together, they can analyze <i>Windows and UNIX</i> disks and file systems (NTFS, FAT, UFS1/2, Ext2/3).</div> <div style="text-align: justify;"> <b>The Sleuth Kit </b>and <b>Autopsy</b> are both Open Source and run on UNIX platforms (you can use Cygwin to run them both on <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>). As <b>Autopsy</b> is HTML-based, you can connect to the <b>Autopsy</b> server from any platform using an HTML browser. Autopsy provides a "File Manager"-like interface and shows details about deleted data and file system structures.</div> <h3 style="text-align: justify;"> <span style="font-size: small;">Analysis Modes</span></h3> <ul style="text-align: justify;"> <li>A <b>dead analysis</b> occurs when a dedicated <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> system is used to examine the data from a suspect system. In this case, <b>Autopsy</b> and The Sleuth Kit are run in a trusted environment, typically in a lab. Autopsy and TSK support raw, Expert Witness, and AFF file formats. </li> <li>A <b>live analysis</b> occurs when the suspect <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> is being analyzed while it is running. In this case, <b>Autopsy</b> and The Sleuth Kit are run from a CD in an untrusted environment. This is frequently used during incident response while the incident is being confirmed. After it is confirmed, the system can be acquired and a dead analysis performed. </li> </ul> <h3 style="text-align: justify;"> Evidence Search Techniques</h3> <ul style="text-align: justify;"> <li><b>File Listing</b>: Analyze the files and directories, including the names of deleted files and files with Unicode-based names.</li> <li><b>File Content</b>: The contents of files can be viewed in raw, hex, or the ASCII strings can be extracted. When data is interpreted, Autopsy sanitizes it to prevent damage to the local analysis system. Autopsy does not use any client-side scripting languages.</li> <li><b>Hash Databases</b>: Lookup unknown files in a <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> database to quickly identify it as good or bad. Autopsy uses the NIST <i>National Software Reference Library (NSRL)</i> and user created databases of known good and known bad files </li> <li><b>File Type Sorting</b>: Sort the files based on their internal signatures to identify files of a known type. Autopsy can also extract only graphic images (including thumbnails). The extension of the file will also be compared to the file type to identify files that may have had their extension changed to hide them.</li> <li><b>Timeline of File Activity</b>: In some cases, having a timeline of file activity can help identify areas of a file system that may contain evidence. Autopsy can create timelines that contain entries for the Modified, Access, and Change (MAC) times of both allocated and unallocated files.</li> <li><b>Keyword Search</b>: Keyword searches of the file system image can be performed using ASCII strings and grep regular expressions. Searches can be performed on either the full file system image or just the unallocated space. An index file can be created for faster searches. Strings that are frequently searched for can be easily configured into Autopsy for automated searching. </li> <li><b>Meta Data Analysis</b>: Meta Data structures contain the details about files and directories. Autopsy allows you to view the details of any meta data structure in the file system. This is useful for recovering deleted content. Autopsy will search the directories to identify the full path of the file that has allocated the structure.</li> <li><b>Data Unit Analysis</b>: Data Units are where the file content is stored. Autopsy allows you to view the contents of any data unit in a variety of formats including ASCII, hexdump, and strings. The file type is also given and Autopsy will search the meta data structures to identify which has allocated the data unit. </li> <li><b>Image Details</b>: File system details can be viewed, including on-disk layout and times of activity. This mode provides information that is useful during data recovery. </li> </ul> <h3 style="text-align: justify;"> Case Management</h3> <ul style="text-align: justify;"> <li><b>Case Management</b>: Investigations are organized by <i>cases</i>, which can contain one or more <i>hosts</i>. Each host is configured to have its own time zone setting and clock skew so that the times shown are the same as the original user would have seen. Each host can contain one or more file system images to analyze. </li> <li><b>Event Sequencer</b>: Time-based events can be added from file activity or IDS and firewall logs. Autopsy sorts the events so that the sequence of incident events can be more easily determined. </li> <li><b>Notes</b>: Notes can be saved on a per-host and per-investigator basis. These allow you to make quick notes about files and structures. The original location can be easily recalled with the click of a button when the notes are later reviewed. All notes are stored in an ASCII file. </li> <li><b>Image Integrity</b>: It is crucial to ensure that files are not modified during analysis. Autopsy, by default, will generate an MD5 value for all files that are imported or created. The integrity of any file that Autopsy uses can be validated at any time. </li> <li><b>Reports</b>: Autopsy can create ASCII reports for files and other file system structures. This enables you to quickly make consistent data sheets during the investigation.</li> <li><b>Logging</b>: Audit logs are created on a case, host, and investigator level so that actions can be easily recalled. The exact Sleuth Kit commands that are executed are also logged.</li> <li><b>Open Design</b>: The code of Autopsy is open source and all files that it uses are in a raw format. All configuration files are in ASCII text and cases are organized by directories. This makes it easy to export the data and archive it. It also does not restrict you from using other tools that may solve the specific problem more appropriately.</li> <li><b>Client Server Model</b>: Autopsy is HTML-based and therefore you do not have to be on the same system as the file system images. This allows multiple investigators to use the same server and connect from their personal systems.</li> </ul> <div style="text-align: justify;"> <b>Autopsy</b> is written in <a href="http://www.toolwar.com/2013/09/perl-language.html" target="_blank">Perl</a> and runs on the same UNIX platforms as <a href="http://www.toolwar.com/2014/01/the-sleuth-kit-tsk-forensics-framework.html" target="_blank">The Sleuth Kit</a>:</div> <ul style="text-align: justify;"> <li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a></li> <li><a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a></li> <li>Open & FreeBSD</li> <li>Solaris</li> <li>Cygwin (you cannot use the win32 executables that can be downloaded from this site, you must build in Cygwin) </li> </ul> <h3> Tutorial ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RUgmkvt2WNg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3>  </h3> <h3> Download ::</h3> <b>Windows :: </b><a href="http://sourceforge.net/projects/autopsy/files/autopsy/3.0.8/autopsy-3.0.8-32bit.msi/download" target="_blank">Autopsy 3.0.8x32</a> (.msi) | <a href="http://sourceforge.net/projects/autopsy/files/autopsy/3.0.8/autopsy-3.0.8-64bit.msi/download" target="_blank">Autopsy 3.0.8x64</a> (.msi)<br /> <b>Linux :: </b><a href="http://sourceforge.net/projects/autopsy/files/autopsy/2.24/autopsy-2.24.tar.gz/download" target="_blank">Autopsy 2.08</a> (.tar.gz)<br /> <b>Official Website :: </b><a href="http://www.sleuthkit.org/autopsy/index.php" target="_blank">http://www.sleuthkit.org/autopsy/index.php </a>

Autopsy (Digital Investigation Analysis) :: Tools

Autopsy is a graphical interface to the command line digital investigation analysis tools in The Sleuth Kit . Together, they can anal...

Read more »

Xenotix XSS Exploit Framework v4.5 :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://www.owasp.org/images/9/98/Xenotix.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Xenotix XSS Framework" border="0" height="237" src="https://www.owasp.org/images/9/98/Xenotix.png" title="Xenotix XSS Framework" width="400" /></a></div> <div style="text-align: justify;"> <b>OWASP Xenotix XSS Exploit Framework</b> is an advanced <a href="http://www.toolwar.com/search/label/XSS" target="_blank">Cross Site Scripting (XSS)</a> vulnerability detection and exploitation <a href="http://www.toolwar.com/search/label/Framework" target="_blank">framework</a>. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner.</a> It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature rich <a href="http://www.toolwar.com/search/label/Information-Gathering" target="_blank">Information Gathering</a> module for target Reconnaissance. The Exploit Framework includes highly offensive XSS <a href="http://www.toolwar.com/search/label/Exploitation" target="_blank">exploitation</a> modules for <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">Penetration</a> Testing and Proof of Concept creation. </div> <div style="text-align: justify;"> <div style="border: none; color: black; font-size: 120%; margin: 0;"> <br /> <span style="font-size: small;"><b>SCANNER MODULES</b></span> <br /> <span style="font-size: small;"> </span><ul> <li><span style="font-size: small;">Manual Mode Scanner </span></li> <li><span style="font-size: small;">Auto Mode Scanner </span></li> <li><span style="font-size: small;">DOM Scanner </span></li> <li><span style="font-size: small;">Multiple Parameter Scanner </span></li> <li><span style="font-size: small;">POST Request Scanner </span></li> <li><span style="font-size: small;">Header Scanner </span></li> <li><span style="font-size: small;">Fuzzer </span></li> <li><span style="font-size: small;">Hidden Parameter Detector </span></li> </ul> <span style="font-size: small;"> </span><span style="font-size: small;"><b>INFORMATION GATHERING MODULES</b></span> <br /> <span style="font-size: small;"> </span><ul> <li><span style="font-size: small;">WAF Fingerprinting </span></li> <li><span style="font-size: small;">Victim Fingerprinting </span></li> <li><span style="font-size: small;">Browser Fingerprinting </span></li> <li><span style="font-size: small;">Browser Features Detector </span></li> <li><span style="font-size: small;">Ping Scan </span></li> <li><span style="font-size: small;">Port Scan </span></li> <li><span style="font-size: small;">Internal Network Scan </span></li> </ul> <span style="font-size: small;"> </span><span style="font-size: small;"><b>EXPLOITATION MODULES</b></span> <br /> <span style="font-size: small;"> </span><ul> <li><span style="font-size: small;">Send Message </span></li> <li><span style="font-size: small;">Cookie Thief </span></li> <li><span style="font-size: small;">Phisher </span></li> <li><span style="font-size: small;">Tabnabbing </span></li> <li><span style="font-size: small;">Keylogger </span></li> <li><span style="font-size: small;">HTML5 DDoSer </span></li> <li><span style="font-size: small;">Load File </span></li> <li><span style="font-size: small;">Executable Drive By </span></li> <li><span style="font-size: small;">JavaScript Shell </span></li> <li><span style="font-size: small;">Reverse HTTP WebShell </span></li> <li><span style="font-size: small;">Drive-By Reverse Shell </span></li> <li><span style="font-size: small;">Metasploit Browser Exploit </span></li> <li><span style="font-size: small;">Firefox Reverse Shell Addon (Persistent) </span></li> <li><span style="font-size: small;">Firefox Session Stealer Addon (Persistent) </span></li> <li><span style="font-size: small;">Firefox Keylogger Addon (Persistent) </span></li> <li><span style="font-size: small;">Firefox DDoSer Addon (Persistent) </span></li> <li><span style="font-size: small;">Firefox Linux Credential File Stealer Addon (Persistent) </span></li> <li><span style="font-size: small;">Firefox Download and Execute Addon (Persistent) </span></li> </ul> <span style="font-size: small;"> </span><span style="font-size: small;"><b>UTILITY MODULES</b></span> <br /> <span style="font-size: small;"> </span><ul> <li><span style="font-size: small;">WebKit Developer Tools </span></li> <li><span style="font-size: small;">Payload Encoder </span></li> <li><span style="font-size: small;">JavaScript Beautify </span></li> <li><span style="font-size: small;">Hash Calculator </span></li> <li><span style="font-size: small;">Hash Detector </span></li> </ul> </div> <h3> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/dCo5BCJWOdA?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> Download ::</h3> <b>Windows :: </b><span style="color: #3d85c6;"><span style="background-color: white;"><a href="http://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rarhttp://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rar" target="_blank">OWASP Xenotix v4.5</a> </span></span></div> <div style="text-align: justify;"> <b>Official Websites :: </b>http://www.owasp.org/</div> </div>

Xenotix XSS Exploit Framework v4.5 :: Framework

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework . It...

Read more »

WinDbg (Windows Debugger) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIZ53_pO0bAOCjl_oxpv2f2XhKxp-Z63nXIjIntBQxqPPcI_HT1qhdI4UMOb7ZHKD6D-KSRcJC068J4vvrq4tnFkTp0rQw0pgwPGLIASpGS7YoWpZ1srx4fVezCo-TPQ5gjHVyw-uyEUUw/s1600/windbg+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Windbg screenshot" border="0" height="271" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIZ53_pO0bAOCjl_oxpv2f2XhKxp-Z63nXIjIntBQxqPPcI_HT1qhdI4UMOb7ZHKD6D-KSRcJC068J4vvrq4tnFkTp0rQw0pgwPGLIASpGS7YoWpZ1srx4fVezCo-TPQ5gjHVyw-uyEUUw/s400/windbg+screenshot.png" title="Windbg screenshot" width="400" /></a></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>WinDbg</b> is a <i>graphical debugger from Microsoft</i>. It is actually just one component of the <i>Debugging Tools for <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> package</i>, which also includes the KD, CDB, and NTSD <a href="http://www.toolwar.com/search/label/Debugger" target="_blank">debuggers</a>. Its claim to fame is debugging <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> dumps produced after a crash. It can even debug in kernel mode. For downloads and more information.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/q-IWHHFQcXg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/1R0zqStq7ss?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows (x86) ::</b> <a class="FileNameLink" href="http://archive.msdn.microsoft.com/Project/Download/FileDownload.aspx?ProjectName=debugtoolswindows&DownloadId=13748" id="ctl00_ctl00_Content_TabContentPanel_Content_ReleaseFiles_FileList_ctl01_FileNameLink" tabindex="9" target="_blank">dbg_x86_6.12.2.633</a></div> <div style="text-align: justify;"> <b>Windows (x64) ::</b> <a href="http://archive.msdn.microsoft.com/Project/Download/FileDownload.aspx?ProjectName=debugtoolswindows&DownloadId=13747" target="_blank">WinDbg_x64</a>  </div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="https://www.microsoft.com/" target="_blank">https://www.microsoft.com/ </a></div>

WinDbg (Windows Debugger) :: Tools

WinDbg is a graphical debugger from Microsoft . It is actually just one component of the Debugging Tools for Windows package , which...

Read more »

Immunity Debugger :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="Immunity Debugger logo" border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9Tz7osQXiMIGssd8NGbnuYt2UuNlyHH6exkoSIEvMi6eJWYewN-waCLbYG-2ZjR-PbZhLWL2A9wBOmtAo9V0AKXaUBpGgoDlDoMAhMep5Qott6zJB-zoqQuUaLf0pzc5oMPvczcOOL0pJ/s400/debugger-logo.png" title="Immunity Debugger logo" width="400" /></div> <div style="text-align: justify;"> <b>Immunity Debugger</b> is a powerful new way to <i>write exploits, <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyze</a> <a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a>, and reverse engineer binary files.</i> It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> API for easy extensibility.</div> <div style="text-align: justify;"> <img border="0" src="http://www.immunityinc.com/bullet.gif" /> A <a href="http://www.toolwar.com/search/label/Debugger" target="_blank">debugger</a> with functionality designed specifically for the security industry<br /> <img border="0" src="http://www.immunityinc.com/bullet.gif" />Cuts exploit development time by 50%<br /> <img border="0" src="http://www.immunityinc.com/bullet.gif" />Simple, understandable interfaces<br /> <img border="0" src="http://www.immunityinc.com/bullet.gif" />Robust and powerful scripting language for automating intelligent debugging<br /> <img border="0" src="http://www.immunityinc.com/bullet.gif" />Lightweight and fast debugging to prevent corruption during complex analysis<br /> <img border="0" src="http://www.immunityinc.com/bullet.gif" />Connectivity to fuzzers and exploit development <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/fIUOiwYTpho?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/KlcLLzdtT2U?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://debugger.immunityinc.com/ID_register.py" target="_blank">Immunity Debugger </a><b> </b></div> <div style="text-align: justify;"> <b>Official Website ::</b>  <a href="http://debugger.immunityinc.com/">http://debugger.immunityinc.com/</a></div>

Immunity Debugger :: Tools

Immunity Debugger is a powerful new way to write exploits, analyze malware , and reverse engineer binary files. It builds on a solid ...

Read more »

VirusTotal (Analyze files and URLs) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="virustotal logo" border="0" height="70" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_tdl85tCDSMyYMpacR9LL_CK2AehDKuIiji7z27f0HCHva-H4cBOUdzchlHBuKhIMi7y-qAjBkrxhPNy9QG9vMIgh180-_lugQgdYdr5OKvqWU_gT4lZqr9v8ppC2b39ZnvLE-LyNkSWa/s400/virustotal+logo.png" title="virustotal logo" width="400" /> </div> <div style="text-align: justify;"> <b>VirusTotal</b>, a subsidiary of Google, is a <i><b>free <a href="http://www.toolwar.com/search/label/Online" target="_blank">online</a> service that analyzes files and URLs</b></i> enabling the <i>identification of viruses, worms, trojans and other kinds of malicious content</i> detected by antivirus engines and website <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners.</a> At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners. </div> <div style="text-align: justify;"> <b>VirusTotal’</b>s mission is to help in improving the antivirus and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> industry and make the internet a safer place through the development of free tools and services.<b> VirusTotal's</b> main characteristics are highlighted below. </div> <h3 style="text-align: justify;"> Free unbiased service ::</h3> <div style="text-align: justify;"> <b>VirusTotal</b>, is offered freely to end users as long as its use has no commercial purpose and does not become part of any business activity. Even though the service works with engines belonging to different enterprises and organizations, <b>VirusTotal</b> does not distribute or advertise any products belonging to third parties, but simply acts as an aggregator of information. This prevents us from being subjected to any kind of bias and allows us to offer an objective service to our users. </div> <h3 style="text-align: justify;"> Runs multiple antivirus engines and website scanners ::</h3> <div style="text-align: justify;"> <b>VirusTotal</b> simply acts as an information aggregator. The aggregated data is the output of different antivirus engines, website scanners, file and URL <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> tools and user contributions. The full list of antivirus solutions and website scanners used in VirusTotal can be found in the credits and collaboration acknowledgements section. </div> <h3 style="text-align: justify;"> Runs multiple file and URL characterization tools ::</h3> <div style="text-align: justify;"> As previously stated,<b> VirusTotal</b> also aggregates the output of a number of file and URL characterization tools. These tools cover a wide range of purposes, ranging from providing structural information about Microsoft Windows portable executables (PEs) to identifying signed software. The full list of file and URL characterization tools used in <b>VirusTotal</b> can be found in the credits and collaboration acknowledgements section. </div> <h3 style="text-align: justify;"> Real time updates of virus signatures and blacklists ::</h3> <div style="text-align: justify;"> The <a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a> signatures of antivirus solutions present in VirusTotal are periodically updated as they are developed and distributed by the antivirus companies. The update polling frequency is 15 minutes—this makes sure that the products are using the latest signature sets. </div> <div style="text-align: justify;"> <a href="http://www.toolwar.com/search/label/Web" target="_blank">Website</a> scanning is done via API queries to the different companies providing the particular solution, hence, the most updated version of their dataset is always used. </div> <h3 style="text-align: justify;"> Detailed results from each scanner ::</h3> <div style="text-align: justify;"> <b>VirusTotal </b>not only tells you whether a given antivirus solution detected a submitted file, but also displays the exact detection label returned by each engine (e.g. <span class="label important">I-Worm.Allaple.gen</span>). </div> <div style="text-align: justify;"> This feature is also present in URL scanners. Most of them will discriminate malware sites, phishing sites, suspicious sites, etc. Moreover, some of the engines will provide additional information explicitly stating whether a given URL belongs to a particular botnet, which brand is targeted by a given phishing site, etc. </div> <h3 style="text-align: justify;"> Real time global service operation statistics ::</h3> <div style="text-align: justify;"> Information about the number of resources (files and URLs) processed by <b>VirusTotal</b> can be found in the statistics section. These statistics provide a number of notions and groupings, such as global detection ratios for the received files, submissions per country, most popular detection labels, etc. No statistics comparing the different antivirus products and website detection engines are generated—neither will they ever be generated (on a public or private basis), even though their calculation is trivial. The reason is that using <b>VirusTotal </b> for antivirus testing is a bad idea. </div> <h3 style="text-align: justify;"> Automation API ::</h3> <div style="text-align: justify;"> File and URL scanning can be automated with a free public API. For obvious reasons (including prevention of competition with the antivirus products present in <b>VirusTotal</b>), the public API is subjected to a strong request rate limitation. Should a user require a higher request rate, a honeypot API is available for researchers and a private mass API is offered to individuals with commercial and product enhancement intentions. A detailed specification of the different APIs can be found in the advanced features section. </div> <h3 style="text-align: justify;"> Online malware research community ::</h3> <div style="text-align: justify;"> In August 2010 <b>VirusTotal </b>integrated a pseudo-social network that allows its users to interact with other users and comment on files and URLs. These comments may range from deep malware analyses to information on the distribution vector and in-the-wild locations of the submitted files, hence, the community acts as the collective intelligence component of VirusTotal. Files and URLs can be voted as malicious or innocuous, building a community maliciousness score for the resource. </div> <div style="text-align: justify;"> In other words, when security products fail (false positives/false negatives), there is still a chance that some VirusTotal Community user will have produced a useful review of the resource for its community peers. </div> <h3 style="text-align: justify;"> Desktop applications for interacting with the service ::</h3> <div style="text-align: justify;"> With the aim of making the Internet a safer place <b>VirusTotal's</b> team has released a number of desktop applications and tools for interacting with the service (one-click file uploader, <a href="http://www.toolwar.com/search/label/Browser" target="_blank">browser</a> extensions, etc.). Many of <b>VirusTotal's</b> users have also developed their own applications and have made them publicly available on the Internet. More information about these resources can be found in the advanced features section. </div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/TFSmJaiO_G0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /> <b>Online :: </b><a href="https://www.virustotal.com/">https://www.virustotal.com/</a></div>

VirusTotal (Analyze files and URLs) :: Tools

  VirusTotal , a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of v...

Read more »

Cuckoo Sandbox (Malware Analysis) :: Tools

<div class="row" style="text-align: justify;"> <div class="span6" style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Cockoo sandbox logo" border="0" height="128" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgibr626QwfgXHYV4JYq_X59SkjRlgqtUxt37xeoKA02je4VxQCzLHM2HF_UMNOs73aOU78-Ym3kDdcNf_Sh4lu8veicfMPHF_ExBSG4ZSq32iari06OXQx68KZJGay6AFbiMYSwZObGuUD/s400/cuckoo+sandbox+logo.png" title="Cockoo sandbox logo" width="400" /></div> <h3> What is Cuckoo Sandbox?</h3> <b>Cuckoo Sandbox</b> is a <b><i>malware analysis system</i></b>. What does that mean? It simply means that you can throw any <i>suspicious file</i> at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.<br /> <h3> Why should you use it?</h3> <i><b>Malware</b> is the swiss-army knife of cybercriminals</i> and any other adversary to your corporation or organization.<br /> In these evolving times, detecting and removing <a href="http://www.toolwar.com/search/label/Malware" target="_blank"> malware</a> artifacts is not enough: it's vitally important to understand how they work and what they would do/did on your systems when deployed and understand the context, the motivations and the goals of a breach.<br /> In this way you are able to more effectively understand the incident, respond to it and protect yourself for the future.<br /> There are infinite other contexts where you might need to deploy a sandbox internally, from <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyzing</a> an internal breach to proactively scouting wildly distributed threats, collect actionable data and analyzing the ones actively targeting your infrastructure or products.<br /> In any of these cases you'll find Cuckoo to be perfectly suitable, incredibly customizable and well... free!</div> <div class="span6" style="text-align: justify;"> <h3> What does it produce?</h3> Cuckoo generates a handful of different raw data which include:<br /> <ul> <li>Native functions and <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> API calls traces</li> <li>Copies of files created and deleted from the filesystem</li> <li>Dump of the memory of the selected process</li> <li>Full <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> dump of the analysis machine</li> <li>Screenshots of the desktop during the execution of the malware analysis</li> <li><a href="http://www.toolwar.com/search/label/Network" target="_blank">Network</a> dump generated by the machine used for the analysis</li> </ul> In order to make such results more consumable to the end users, Cuckoo is able to process them and generate different type of reports, which could include:<br /> <ul> <li>JSON report</li> <li>HTML report</li> <li>MAEC report</li> <li>MongoDB interface</li> <li>HPFeeds interface</li> </ul> Even more interestingly, thanks to Cuckoo's extensive modular design, you are able to customize both the processing and the reporting stages. Cuckoo provides you all the requirements to easily integrate the sandbox into your existing <a href="http://www.toolwar.com/search/label/Framework" target="_blank">frameworks</a> and storages with the data you want, in the way you want, with the format you want.<br /> <h3> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/720Vh3FaGN8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/KVoDCrYeCXo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/-npWBiDloRQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> Download :: </h3> <b>Alternative Downloads ::</b><br /> <pre>git clone git://github.com/cuckoobox/cuckoo.git</pre> If you want to clone a specific branch ::<br /> <pre>git clone -b <branch name> git://github.com/cuckoobox/cuckoo.git</pre> <b><span style="font-family: inherit;">Linux ::</span></b> <a href="http://www.cuckoosandbox.org/download.html" target="_blank">Cuckoo Sandbox 0.6</a><br /> <b>Official Website :: </b>http://www.cuckoosandbox.org/<br /> <h3> </h3> </div> </div>

Cuckoo Sandbox (Malware Analysis) :: Tools

What is Cuckoo Sandbox? Cuckoo Sandbox is a malware analysis system . What does that mean? It simply means that you can throw any su...

Read more »

Angry IP Scanner :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="angryip scanner logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgr5X1wp_12n0btEqP-TCO2mzp0n5YFM9n3Vo5p9Schm2bSkt5J-owscFGqTVtO6g3W9EzeWbUea2nfbxOQiLNnjvIkbJY141NAJhHk3wQI5aiUBe3b2UJGo9riUXcvga8Aiolecr7zO3MR/s1600/angryip+scanner+logo.jpg" title="angryip scanner logo" /></div> <div style="text-align: justify;"> <b>Angry IP Scanner</b> (or simply <i>ipscan</i>) is an open-source and cross-platform <b>network scanner</b> designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features. </div> <div style="text-align: justify;"> It is widely used by <i>network administrators</i> and just curious users around the world, including large and small enterprises, banks, and government agencies. It runs on <i>Linux</i>, <i>Windows</i>, and <i>Mac OS X</i>, possibly supporting other platforms as well. </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9wgcdgP-fgI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;">   </div> <div style="text-align: justify;"> <b>Download Here ::</b> <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan-win32-3.2.exe" target="_blank">Windows</a>  |  <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan_3.2_i386.deb" target="_blank">Linux</a>  |  <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan-mac-3.2.zip" target="_blank">MAC</a> </div> <div style="text-align: justify;"> <b>Official Website ::</b> http://angryip.org/ </div> </div>

Angry IP Scanner :: Tools

Angry IP Scanner (or simply ipscan ) is an open-source and cross-platform network scanner designed to be fast and simple to use. It ...

Read more »

Hashcat (Advanced Password Recovery) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="hashcat logo" border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYYautWUdpLjfrRNpPUGgD4WAHC_aRLMw0mWTn2js04tK6GY8KK7W6wfNHPtVakHEkxkjzcgR3dyYh7QG0OHlD1eU6ph1srgBIdy2DEMPNf-jAgst__JsTZIxKLzVIAS-yA9yTfmAaU84J/s320/hashcat.jpg" title="hashcat logo" width="320" /></div> <div style="text-align: justify;"> <b>Hashcat</b> plus is Worlds first and only GPGPU based rule engine and Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker.<br /> Features Free Multi-GPU (up to 16 gpus) Multi-Hash (up to 24 million hashes) Multi-OS (Linux & Windows native binaries) Multi-Platform (OpenCL & CUDA support) Multi-Algo (see below) Low resource utilization, you can still watch movies or play games while cracking Focuses highly iterated, modern hashes Focuses single dictionary based attacks Supports pause / resume while cracking Supports reading words from file Supports reading words from stdin Integrated thermal watchdog 20+ Algorithms implemented with performance in mind ... and much more </div> <h2 style="text-align: justify;"> <span style="font-size: large;"><b>Usage :: </b> </span></h2> <pre>Usage: ./hashcat-cli64.bin [options] hashfile [wordfiles|directories] Startup: -V, --version print version -h, --help print help --eula print eula Logging and Files: --remove enable remove of hash from hashlist once it is cracked --quiet suppress output --stdout stdout mode --disable-potfile do not write potfile -r, --rules-file=FILE rules-file for hybrid-attack -o, --output-file=FILE output-file for recovered hashes --output-format=NUM 0 = hash:pass 1 = hash:hex_pass 2 = hash:pass:hex_pass -e, --salt-file=FILE salts-file for unsalted hashlists --debug-file=FILE debug-file --debug-mode=NUM 1 = save finding rule (hybrid only) 2 = save original word (hybrid only) -p, --seperator-char=CHAR seperator-char for hashlists Resources: -n, --threads=NUM number of threads -c, --segment-size=NUM number of mb to cache from wordfile -s, --words-skip=NUM skip number of words (for resume) -l, --words-limit=NUM limit number of words (for distributed) Attacks: -g, --generate-rules=NUM number of self-generating rules --generate-rules-func-min=NUM force number of functions per rule min --generate-rules-func-max=NUM force number of functions per rule max -a, --attack-mode=NUM number of attack-mode 0 = Straight * 1 = Combination * 2 = Toggle-Case 3 = Brute-Force 4 = Permutation 5 = Table-Lookup * = for Hybrid-Attack use -r or -g -m, --hash-mode=NUM number of hash-mode 0 = MD5 200 = MySQL 1 = md5($pass.$salt) 300 = MySQL4.1/MySQL5 2 = md5($salt.$pass) 400 = MD5(Wordpress) 3 = md5(md5($pass)) 400 = MD5(phpBB3) 4 = md5(md5(md5($pass))) 500 = MD5(Unix) 5 = vBulletin < v3.8.5 600 = SHA-1(Base64) 6 = md5(md5($salt).$pass) 700 = SSHA-1(Base64) 7 = md5($salt.md5($pass)) 800 = SHA-1(Django) 8 = md5($salt.$pass.$salt) 900 = MD4 9 = md5(md5($salt).md5($pass)) 1000 = NTLM 10 = md5(md5($pass).md5($salt)) 1100 = Domain Cached Credentials 11 = md5($salt.md5($salt.$pass)) 1200 = MD5(Chap) 12 = md5($salt.md5($pass.$salt)) 1300 = MSSQL 15 = vBulletin > v3.8.5 30 = md5($username.0.$pass) 31 = md5(strtoupper(md5($pass))) 100 = SHA1 1400 = SHA256 101 = sha1($pass.$salt) 1600 = MD5(APR) 102 = sha1($salt.$pass) 1700 = SHA512 103 = sha1(sha1($pass)) 1800 = SHA-512(Unix) 104 = sha1(sha1(sha1($pass))) 105 = sha1(strtolower($username).$pass) Toggle-Case specific: --toggle-min=NUM number of alphas in plain minimum --toggle-max=NUM number of alphas in plain maximum Brute-Force specific: --bf-pw-min=NUM password length minimum --bf-pw-max=NUM password length maximum --bf-cs-buf=CHARS charset for attack Permutation specific: --perm-min=NUM number of chars in plain minimum --perm-max=NUM number of chars in plain maximum Table-Lookup specific: --table-min=NUM number of chars in plain minimum --table-max=NUM number of chars in plain maximum --table-file=FILE table file</pre> <pre> </pre> <pre> <b></b></pre> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/8fxLH-pokAI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <pre><b> </b></pre> <pre><b> </b></pre> <div style="text-align: left;"> <b>Download Here :: </b><a href="http://hashcat.net/files/oclHashcat-plus-0.15.7z" target="_blank">oclHashcat-plus-0.15.7z</a><b> </b></div> <div style="text-align: left;"> <b>Official Website ::</b> http://hashcat.net/</div> </div>

Hashcat (Advanced Password Recovery) :: Tools

Hashcat plus is Worlds first and only GPGPU based rule engine and Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. Fe...

Read more »

p0f (OS and Application Fingerprinting) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxMdkwqLhu3-pobymZBIO1qkTOxYwuX4bDCm4Q611wMbhHmVJFqDwC9T4Kry2DSL2ce_ZpjZSs3_1aULLvVDqe4vFIpOWUhyphenhyphenEX_EdPrmfz-HG-XmVhf9ArdZ8L37QRcjw75UeZOC30pf8G/s1600/p0f+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="p0f screenshot" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxMdkwqLhu3-pobymZBIO1qkTOxYwuX4bDCm4Q611wMbhHmVJFqDwC9T4Kry2DSL2ce_ZpjZSs3_1aULLvVDqe4vFIpOWUhyphenhyphenEX_EdPrmfz-HG-XmVhf9ArdZ8L37QRcjw75UeZOC30pf8G/s320/p0f+screenshot.jpg" title="p0f screenshot" width="320" /></a></div> <div style="text-align: justify;"> <b>p0f</b> is a versatile <i>passive OS and application fingerprinter,</i> and a tool for <i>detecting NAT/connection sharing</i>. It is useful for <i>penetration testing, routine network monitoring, and forensics</i>, and to aid abuse detection tools such as IDSes, spam filters, or honeypots. <b>P0f</b> is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP). </div> <div style="text-align: justify;"> Some of p0f's capabilities include: </div> <ul style="text-align: justify;"> <li> Highly scalable and extremely fast identification of the operating system and software on both endpoints of a vanilla TCP connection - especially in settings where <a href="http://www.nmap.org/">NMap</a> probes are blocked, too slow, unreliable, or would simply set off alarms. </li> <li> Measurement of system uptime and network hookup, distance (including topology behind NAT or packet filters), user language preferences, and so on. </li> <li> Automated detection of connection sharing / NAT, load balancing, and application-level proxying setups. </li> <li> Detection of clients and servers that forge declarative statements such as <i>X-Mailer</i> or <i>User-Agent</i>. </li> </ul> <div style="text-align: justify;"> <b>p0f</b> can be operated in the foreground or as a daemon, and offers a simple real-time API for third-party components that wish to obtain additional information about the actors they are talking to. </div> <div style="text-align: justify;"> Common uses for p0f include reconnaissance during penetration tests; routine network monitoring; detection of unauthorized network interconnects in corporate environments; providing signals for abuse-prevention tools; and miscellanous forensics. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/OROE_HoN8mg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> Download Here :: <a href="http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.06b.tgz" target="_blank">p0f-3.06b.tgz (for Linux)</a></div> <div style="text-align: justify;"> Official Website :: http://lcamtuf.coredump.cx/p0f3/</div> </div>

p0f (OS and Application Fingerprinting) :: Tools

p0f is a versatile passive OS and application fingerprinter, and a tool for detecting NAT/connection sharing . It is useful for pene...

Read more »

Yersinia (Network Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Yersinia Logo" border="0" height="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaip-ZZ9WXtUFqjvHpyobAuFZwEjxo7tfG3P7zCZO3FhpEcOO4kT7V5Tpw5l2HzQaqs_2m02KHTdfYYWHsDikZeBdyfU9d9bp3nMRC-uEUFZIOMoDgpdnVV5pb-NxIy1tBP9_DoBwLj8qN/s320/yersinia+logo.jpg" title="Yersinia Logo" width="320" /></div> <b>Yersinia</b> is a <i>network tool designed</i> to take advantage of <i>some weakeness in different network protocols.</i> It pretends to be a solid framework for analyzing and testing the deployed networks and systems. </div> <div style="text-align: justify;"> Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). Attacks for the following network protocols are implemented (but of course you are free for implementing new ones): </div> <ul style="text-align: justify;"> <li>Spanning Tree Protocol (STP)</li> <li>Cisco Discovery Protocol (CDP)</li> <li>Dynamic Trunking Protocol (DTP)</li> <li>Dynamic Host Configuration Protocol (DHCP)</li> <li>Hot Standby Router Protocol (HSRP)</li> <li>IEEE 802.1Q</li> <li>IEEE 802.1X</li> <li>Inter-Switch Link Protocol (ISL)</li> <li>VLAN Trunking Protocol (VTP)</li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/cyU-ds5M9Uo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>Download Here ::</b> <a href="http://www.yersinia.net/download/yersinia-0.7.1.tar.gz"> Yersinia-0.7.1.tar.gz</a> <b> </b><br /> <b>Official Website ::</b> http://www.yersinia.net/</div>

Yersinia (Network Tool) :: Tools

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid f...

Read more »

Social Engineering Toolkit (SET) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Social-Engineering-Toolkit Logo" border="0" height="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZp5OAjBJvIyr5zI3tkhYhzWyUadCCpXmfibfXqc_q0jgKSbkicYCNzA91NhgcYEyKkp2mjzZCDl-toVTu6AEL96HjxPEnEHhMAHpZfVw79c4kmp13o5fXXigNVPUL_aBkNQUqsT7-aH5u/s400/SET+Logo.jpg" title="Social-Engineering-Toolkit Logo" width="400" /></div> <div style="text-align: justify;"> The <b>Social-Engineer Toolkit (SET)</b> was created and written by the founder of <b>TrustedSec</b>. It is an open-source Python-driven tool aimed at <b>penetration testing around Social-Engineering.</b> SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community. </div> <div style="text-align: justify;"> <b>The Social-Engineer Toolkit</b> has over 2 million downloads and is aimed at leveraging advanced technological attacks in a social-engineering type environment. TrustedSec believes that social-engineering is one of the hardest attacks to protect against and now one of the most prevalent. The toolkit has been featured in a number of books including the number one best seller in security books for 9 months since its release,“Metasploit: The Penetrations Testers Guide” written by TrustedSec’s founder as well as Devon Kearns, Jim O’Gorman, and Mati Aharoni.</div> <div style="text-align: justify;"> <b>SET</b> is included in the latest version of the most popular Linux distribution focused on security, Back|Track.  </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Q9oDyd2yAFc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>For More Video Tutorial :: </b><a href="https://www.trustedsec.com/downloads/social-engineer-toolkit/" target="_blank">Click Here </a><b> </b><br /> <b>Download Here :: </b><span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;"><span class="crayon-e">git </span><span class="crayon-r">clone</span><span class="crayon-h"> </span><span class="crayon-i">https</span><span class="crayon-o">:</span><span class="crayon-c">//github.com/trustedsec/social-engineer-toolkit/ set/</span></span></span></div> <div class="crayon-pre" style="font-size: 12px !important; line-height: 15px !important;"> <div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1"> </div> <div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1"> </div> <div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1"> </div> <div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1"> </div> <div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1"> <b><span class="crayon-c"></span></b><span class="crayon-c"><b><span style="font-size: small;">Official Website :: </span></b><span style="font-size: small;">https://www.trustedsec.com/</span><b> </b></span><span class="crayon-c"></span></div> </div> <div style="text-align: justify;"> </div> </div>

Social Engineering Toolkit (SET) :: Tools

The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec . It is an open-source Python-driven tool aimed...

Read more »

Nessus Vulnerability Scanner :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Nessus Scanner" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6OR9csOrOT-agaTAXqGm7Dc8g1dfaiyPSJfkytcfchemokfyYVleLfHTCbQ9BcaJeSphdnxcTWuwqbwY2H-DyYcG9WrHIjhQT4QOqsXXnCcZ_bjDwaor0JP3kIOYpZsIKzRe_L22Uaf0C/s1600/images.jpg" title="Nessus Scanner" /> </div> <div style="text-align: justify;"> <b>Nessus Vulnereability Scanner</b> is one of the most powerful, popular and capable vulnerability scanners, particularly for UNIX or Windows systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use. </div> <div style="text-align: justify;"> <b>Nessus</b> is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Agentless auditing of configurations, patches, and web applications. 55,000+ vulnerability and configuration checks (plugins) – new plugins updated daily. Scans networks, systems, data, and applications. Post-scan analysis and monitoring tools. Part of Tenable's enterprise USM platform – providing centralized management of multiple vulnerability scanners and real-time vulnerability, log, and compliance management.</div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/sqFXXvaA8p4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <b>Download Here</b><b> ::</b> <a href="http://www.tenable.com/products/nessus/select-your-operating-system" target="_blank">Nessus 5.2</a></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>Official Website</b><u><b> </b></u><b>::</b> http://www.tenable.com/products/nessus </div> </div>

Nessus Vulnerability Scanner :: Tools

  Nessus Vulnereability Scanner is one of the most powerful, popular and capable vulnerability scanners, particularly for UNIX or Wind...

Read more »

Netfilter (Firewalling, NAT and Packet Managing ) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="netfilter logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nlPN3zHdxmcDO9QcN_iEWWnInhbDEk5ZFkMBw5IJpPvVU4B56F7ITPqWlXhdUI1FCcZ5bpmb-pVh-_BTAt0vlJbd0L2873b8GCCQrPFRK1vwADrxiRF45ox6HdKeR9tjh162_VALzc5m/s1600/netfilter-logo2.png" title="netfilter logo" /></div> <div style="text-align: justify;"> <b>Netfilter</b> is a <i>powerful packet filter implemented</i> in the standard Linux kernel. The userspace iptables tool is used for configuration. It now supports packet filtering (stateless or stateful), all kinds of network address and port translation (NAT/NAPT), and multiple API layers for 3rd party extensions. It includes many different modules for handling unruly protocols such as FTP.</div> <div style="text-align: justify;"> <b>netfilter</b> is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists of a number of classifiers (iptables matches) and one connected action (iptables target). </div> <h2 class="title" style="clear: both; text-align: justify;"> Main Features</h2> <div class="itemizedlist" style="text-align: justify;"> <ul class="itemizedlist" type="bullet"> <li class="listitem" style="list-style-type: disc;">stateless packet filtering (IPv4 and IPv6)</li> <li class="listitem" style="list-style-type: disc;">stateful packet filtering (IPv4 and IPv6)</li> <li class="listitem" style="list-style-type: disc;">all kinds of network address and port translation, e.g. NAT/NAPT (IPv4 and IPv6)</li> <li class="listitem" style="list-style-type: disc;">flexible and extensible infrastructure</li> <li class="listitem" style="list-style-type: disc;">multiple layers of API's for 3rd party extensions</li> </ul> </div> <div style="text-align: justify;"> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/kcOzdpi8cwg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b>git clone git://git.netfilter.org/iptables.git<br /> <br /> <b>Official Website :: </b>http://www.netfilter.org/</div> </div>

Netfilter (Firewalling, NAT and Packet Managing ) :: Tools

Netfilter is a powerful packet filter implemented in the standard Linux kernel. The userspace iptables tool is used for configuration...

Read more »

OllyDbg (Assembler Level Analyzing Debugger) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;">  <img alt="ollydbg logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1vAfnKJ8-M5K1EEHKBuj8uF-ShZ2QjcrkdqzH_9AvvZBe0jPW5tQro4dx5ZIgtPU7rUjz9j7Tk422LvIQgJGfgeBiUKQnaS5Ngm383C-Olp5HA0kUgIawNibxRhg1oc-TfiogFp2Asah4/s1600/ollydbg.gif" title="ollydbg logo" /><span style="font-size: x-large;">OllyDbg </span></div> <div style="text-align: justify;"> <b>OllyDbg</b> is a 32-bit <i>assembler level analyzing debugger</i> for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.<b> OllyDbg</b> features an intuitive user interface, advanced code analysis capable of recognizing procedures, loops, API calls, switches, tables, constants and strings, an ability to attach to a running program, and good multi-thread support. OllyDbg is free to download and use but no source code is provided. </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/uydMlQlEiyc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;">   </div> <div style="text-align: justify;"> Download Here :: <a href="http://www.ollydbg.de/odbg110.zip" target="_blank">OllyDbg1.10.zip (for Windows)</a></div> <div style="text-align: justify;"> Official Website :: http://www.ollydbg.de/</div> </div>

OllyDbg (Assembler Level Analyzing Debugger) :: Tools

  OllyDbg OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it par...

Read more »

Kali Linux :: ToolWar

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Kali Linux :: ToolWar" border="0" height="219" src="http://www.kali.org/wp-content/uploads/2013/03/kali-home-large-slider2.jpg" title="Kali Linux :: ToolWar" width="320" /></div> <br /> <div style="text-align: justify;"> <b>Kali Linux</b> is a newer version of BackTrack with additional tools. <b>Kali Linux</b> is a <b>Debian-derived Linux distribution</b> designed for forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni and Devon Kearns of Offensive Security developed it by rewriting BackTrack, their previous forensics Linux distribution.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <sup class="reference" id="cite_ref-1"></sup></div> <div style="text-align: justify;"> <a href="http://sdfa/" target="_blank"> </a></div> <div style="text-align: justify;"> Kali is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), <i>Wireshark</i> (a packet analyzer), <i>John the Ripper</i> (a password cracker), and <i>Aircrack-ng</i> (a software suite for penetration-testing wireless LANs).<sup class="reference" id="cite_ref-arrives_2-0"></sup> Users may run <b>Kali Linux</b> from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.<sup class="reference" id="cite_ref-arrives_2-1"></sup></div> <div style="text-align: justify;"> <a href="http://sdfa/" target="_blank"> </a></div> <div style="text-align: justify;"> <b>Kali Linux</b> is distributed in 32- and 64-bit images for use on hosts based on the x86 instruction set, as well as an image for the ARM architecture for use on the Raspberry Pi computer and on Samsung's ARM Chromebook.</div> <div style="text-align: justify;"> Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.</div> <ul style="text-align: justify;"> <li><b>More than 300 penetration testing tools:</b> After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.</li> <li><b>Free and always will be:</b> Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.</li> <li><b>Open source Git tree:</b> We are huge proponents of open source software and our development tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.</li> <li><b>FHS compliant:</b> Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.</li> <li><b>Vast wireless device support:</b> We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.</li> <li><b>Custom kernel patched for injection:</b> As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.</li> <li><b>Secure development environment:</b> The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.</li> <li><b>GPG signed packages and repos:</b> All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.</li> <li><b>Multi-language:</b> Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.</li> <li><b>Completely customizable:</b> We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users to customize Kali Linux to their liking, all the way down to the kernel.</li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/cLQ8Yd0C7sM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: center;"> </div> <div style="text-align: left;"> <b>Download Here :: </b><a href="http://cdimage.kali.org/kali-images/kali-1.0.5/kali-linux-1.0.5-i386.iso" target="_blank">Kali Linux 1.0.5 32-bit ISO</a><b> </b></div> <div style="text-align: left;"> <b>Official Website :: </b> http://www.kali.org/</div> <div style="text-align: justify;"> </div> <sup class="reference" id="cite_ref-3"></sup> <sup class="reference" id="cite_ref-3"></sup></div>

Kali Linux :: ToolWar

Kali Linux is a newer version of BackTrack with additional tools. Kali Linux is a Debian-derived Linux distribution designed for for...

Read more »

Wireshark (Network Sniffer) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIXKZEaCap5FyeQq_elpCaFbSo5rm_6vAVL2LNDu72zCd8Qnwzu_G3xiHrnY315MDPZNhKjcTSOcUNnDkwE3kYkNPF1eFE9j2vrJThbYPSWrAXY8tsTyEfh4alG421fuXtQ7SsscKgK7BH/s1600/wireshark+logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="wireshark-logo" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIXKZEaCap5FyeQq_elpCaFbSo5rm_6vAVL2LNDu72zCd8Qnwzu_G3xiHrnY315MDPZNhKjcTSOcUNnDkwE3kYkNPF1eFE9j2vrJThbYPSWrAXY8tsTyEfh4alG421fuXtQ7SsscKgK7BH/s200/wireshark+logo.jpg" title="wireshark-logo" width="200" /></a></div> <div style="text-align: justify;"> <b>Wireshark</b> is most usable <i>network sniffer software</i> that contains a lot small subprograms. <b>Wireshark</b> (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source multi-platform network protocol analyzer. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. <b>Wireshark</b> has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A <a class="local" href="http://sectools.org/tool/tcpdump/">tcpdump</a>-like console version named tshark is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).</div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/6X5TwvGXHP0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: left;"> <br /> <b>Download Here</b><b> ::</b> <a href="http://wiresharkdownloads.riverbed.com/wireshark/win32/Wireshark-win32-1.10.1.exe" target="_blank">Wireshark 1.10.1 (Windows x32)</a> & <a href="http://www.wireshark.org/download.html" target="_blank">Others </a></div> <div style="text-align: left;"> <b>Official Website  ::</b> http://www.wireshark.org/</div> </div>

Wireshark (Network Sniffer) :: Tools

Wireshark is most usable network sniffer software that contains a lot small subprograms. Wireshark (known as Ethereal until a tradema...

Read more »

DNSMap (DNS Network Mapper) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;">  <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtvLH9JV95_ugTvvdVTHaLKagKNfbMcFZroTS2L0UYmecPvN77x5zOtyG23Q0D_KhBl2itBUHXhGHB3ylnVmZDM_HbwONQVFB1JUPOEW8Ngr9Br57qzs4t-Gihxov75rM8h7TIgRrdf158/s1600/dnsmap.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnsmap screenshot" border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtvLH9JV95_ugTvvdVTHaLKagKNfbMcFZroTS2L0UYmecPvN77x5zOtyG23Q0D_KhBl2itBUHXhGHB3ylnVmZDM_HbwONQVFB1JUPOEW8Ngr9Br57qzs4t-Gihxov75rM8h7TIgRrdf158/s400/dnsmap.png" title="dnsmap screenshot" width="400" /></a></div> </div> <div style="text-align: justify;"> <b>dnsmap</b> is a <i><span itemprop="description">Passive DNS network mapper a.k.a. subdomains bruteforcer</span></i>. <b>dnsmap</b> is mainly meant to be used by pentesters during the <i> information gathering/enumeration phase</i> of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. dnsmap was included in Backtrack 2 and 3, although the version included is the now dated version 0.1. </div> <div style="text-align: justify;"> Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work (I rarely see zone transfers being publicly allowed these days by the way).<br /> <br /> obtain all IP addresses (A records) associated to each successfully bruteforced subdomain, rather than just one IP address per subdomain, abort the bruteforcing process in case the target domain uses wildcards , ability to be able to run the tool without providing a wordlist by using a built-in list of keywords, bruteforcing by using a user-supplied wordlist (as opposed to the built-in wordlist).</div> <h3 style="text-align: justify;"> New Improvements in Version 0.22 - </h3> <div style="text-align: justify;"> saving the results in human-readable and CSV format for easy processing,fixed bug that disallowed reading wordlists with DOS CRLF format,improved built-in subdomains wordlist,new bash script (<code>dnsmap-bulk.sh</code>) included which allows running dnsmap against a list of domains from a , user-supplied file. i.e.: bruteforcing several domains in a bulk fashion, bypassing of signature-based dnsmap detection by generating a proper pseudo-random subdomain when checking for wildcards</div> <div style="text-align: left;"> <h3 style="text-align: left;"> <span style="font-size: small;">Usage -</span></h3> <br /> <pre><code>usage: dnsmap <target-domain> [options] options: -w <wordlist-file> -r <results-path> </code></pre> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/55ITD0hceio?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /> <h3> Example on Live Domain</h3> The following is just an example so you get an idea of how dnsmap works. Very simple to use as you can see. If you want to save the results or use your own wordlist, checkout the usage syntax. Question for those who pay attention to detail: <i>can you spot the potential leaks of internal IP addresses?</i> <br /> <pre><code><span style="background-color: #ffd966;"> <span style="background-color: white;">$ dnsmap baidu.com dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org) [+] searching (sub)domains for baidu.com using built-in wordlist accounts.baidu.com IP address #1: 10.11.252.74 events.baidu.com IP address #1: 202.108.23.40 finance.baidu.com IP address #1: 60.28.250.196 IP address #2: 60.28.251.79 IP address #3: 60.28.251.206 IP address #4: 123.129.240.28 IP address #5: 123.129.240.29 IP address #6: 60.28.250.102 IP address #7: 60.28.250.111 forum.baidu.com IP address #1: 202.108.250.212 images.baidu.com IP address #1: 61.135.163.93 mail.baidu.com IP address #1: 10.23.3.137 mobile.baidu.com IP address #1: 202.108.23.125 mx.baidu.com IP address #1: 61.135.163.61 mx1.baidu.com IP address #1: 61.135.163.61 mx2.baidu.com IP address #1: 61.135.163.62 mx3.baidu.com IP address #1: 61.135.162.61 news.baidu.com IP address #1: 61.135.163.87 ns1.baidu.com IP address #1: 202.108.22.220 ns2.baidu.com IP address #1: 61.135.165.235 ns3.baidu.com IP address #1: 220.181.37.10 oracle.baidu.com IP address #1: 172.18.0.50 photo.baidu.com IP address #1: 61.135.163.93 photos.baidu.com IP address #1: 61.135.163.93 pop.baidu.com IP address #1: 61.135.166.249 proxy.baidu.com IP address #1: 202.108.11.30 smtp.baidu.com IP address #1: 61.135.163.61 vpn.baidu.com IP address #1: 202.108.250.231 wap.baidu.com IP address #1: 61.135.163.237 webmail.baidu.com IP address #1: 61.135.166.249 win.baidu.com IP address #1: 10.65.19.212 www.baidu.com IP address #1: 220.181.5.222 www1.baidu.com IP address #1: 220.181.5.222 www2.baidu.com IP address #1: 202.108.22.136 www3.baidu.com IP address #1: 202.108.22.188 [+] 29 (sub)domains and 35 IP address(es) found </span></span> </code></pre> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://www.gnucitizen.org/static/blog/2009/03/dnsmap-0222tar.gz">dnsmap-0.22.2.tar.gz</a></div> <div style="text-align: justify;"> <b>Source :: </b>http://code.google.com/p/dnsmap/</div> </div>

DNSMap (DNS Network Mapper) :: Tools

  dnsmap is a Passive DNS network mapper a.k.a. subdomains bruteforcer . dnsmap is mainly meant to be used by pentesters during the ...

Read more »

Aircrack-ng 1.2 Beta :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <img alt="Aircrack-ng logo" border="0" src="http://www.aircrack-ng.org/resources/aircrack-ng-new-logo.jpg" title="Aircrack-ng logo" /></div> <div style="margin-left: 1em; margin-right: 1em; text-align: justify;"> <b>Aircrack-ng</b> is a free open source tool for cracking 802.11 WEP and WPA-PSK that can (crack the key through the enough data packets or weak IVs captured in a file. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. In fact, <b>Aircrack-ng </b>suite is a collection of tools for auditing wireless networks.</div> <div style="text-align: center;"> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/GLO9HGDwOY0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> <br /> <b>Download Here</b><b> :: </b><span style="color: #3d85c6;"><a href="http://download.aircrack-ng.org/aircrack-ng-1.2-beta1.tar.gz" target="_blank">Aircrack-NG (for Linux)</a> </span><br /> <span style="color: #3d85c6;"><a href="http://download.aircrack-ng.org/aircrack-ng-1.2-beta1-win.zip" target="_blank">Aircrack-NG (for Windows)</a></span></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>Official Website  ::</b> http://www.aircrack-ng.org/</div> <div style="text-align: justify;"> </div> </div>

Aircrack-ng 1.2 Beta :: Tools

Aircrack-ng is a free open source tool for cracking 802.11 WEP and WPA-PSK that can (crack the key through the enough data packets o...

Read more »

DNSenum (DNS Enumeration) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxNRJcNRL-APPaXbHIFD6jfAfGbCGG1E052DaRrexH-nbnr31HFbWFG7KFm57OfZkJDDRj-ivRZTs9nt-w8RzbgB2kyglNN3h1MccRqG7vMob6eWeouWflpga0z9NFdYUmsxje824PEaUU/s1600/dnsenum.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnsenum screenshot" border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxNRJcNRL-APPaXbHIFD6jfAfGbCGG1E052DaRrexH-nbnr31HFbWFG7KFm57OfZkJDDRj-ivRZTs9nt-w8RzbgB2kyglNN3h1MccRqG7vMob6eWeouWflpga0z9NFdYUmsxje824PEaUU/s640/dnsenum.png" title="dnsenum screenshot" width="640" /></a></div> <br /> <span itemprop="description"><b>DNSenum </b>is a <i>pentesting cool created to enumerate DNS info about domains</i></span>. The purpose of <b>Dnsenum</b> is to gather as much information as possible about a domain. The program currently performs the following operations: </div> <div style="text-align: justify;"> 1) Get the host's addresse (A record). </div> <div style="text-align: justify;"> 2) Get the namservers (threaded). </div> <div style="text-align: justify;"> 3) Get the MX record (threaded). </div> <div style="text-align: justify;"> 4) Perform axfr queries on nameservers and get BIND versions(threaded). </div> <div style="text-align: justify;"> 5) Get extra names and subdomains via google scraping (google query = "allinurl: -www site:domain"). </div> <div style="text-align: justify;"> 6) Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded). </div> <div style="text-align: justify;"> 7) Calculate C class domain network ranges and perform whois queries on them (threaded). </div> <div style="text-align: justify;"> 8) Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded). </div> <div style="text-align: justify;"> 9) Write to domain_ips.txt file ip-blocks.<br /> <h3> Tutorials ::  </h3> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Sk7NI6LDkJQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/h-emEp6n9Fk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> Download :: </h3> <b>Linux :: </b><a href="http://dnsenum.googlecode.com/files/dnsenum-1.2.2.tar.gz" target="_blank">DNSenum 1.2.2 (for Linux)</a><b> </b></div> <div style="text-align: justify;"> <b>Source :: </b><a href="http://code.google.com/p/dnsenum/">http://code.google.com/p/dnsenum/</a></div> </div>

DNSenum (DNS Enumeration) :: Tools

DNSenum is a pentesting cool created to enumerate DNS info about domains . The purpose of Dnsenum is to gather as much information as ...

Read more »