ToolWar | Information Security (InfoSec) Tools

IKE Scan (Fingerprinting IPsec VPN Systems) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcR9RJFPXN5Woh63bjnW3K4BL8h78YqmsHhjWw9_sn02RfyPePlHARZxNahjALBnhYKNjFeKswsJ3T1wySPXaFBVwqG2gLt_wYMPhB-PuL_5toZ39tExguNXw4UEOw9NciozR-f1XQkl3l/s1600/ike+scan+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Ike-scan-screenshot" border="0" height="170" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcR9RJFPXN5Woh63bjnW3K4BL8h78YqmsHhjWw9_sn02RfyPePlHARZxNahjALBnhYKNjFeKswsJ3T1wySPXaFBVwqG2gLt_wYMPhB-PuL_5toZ39tExguNXw4UEOw9NciozR-f1XQkl3l/s400/ike+scan+screenshot.png" title="Ike-scan-screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<b><i>IKE Scan</i></b> is a command-line tool for <i>discovering, 
fingerprinting and testing IPsec VPN systems</i>.  It constructs and sends 
IKE Phase-1 packets to the specified hosts, and displays any responses 
that are received.
</div>
<div style="text-align: justify;">
<b><i>ike-scan</i> </b>allows you to:
</div>
<ul>
<li style="text-align: justify;"> Send IKE packets to any number of destination hosts, using a configurable output bandwidth or packet rate.
<dl><dd>This is useful for VPN detection, when you may need to scan large address spaces.
</dd></dl>
</li>
<li style="text-align: justify;"> Construct the outgoing IKE packet in a flexible way.
<dl><dd>This includes IKE packets which do not comply with the RFC requirements.
</dd></dl>
</li>
<li style="text-align: justify;"> Decode and display any returned packets.
</li>
<li><div style="text-align: justify;">
Crack aggressive mode pre-shared keys. You can use ike-scan to obtain the PSK hash data, and then use <i>psk-crack</i> to obtain the key.
</div>
</li>
</ul>
<div style="text-align: justify;">
</div>
<h3 style="text-align: justify;">
<b>Download :: </b></h3>
<ul style="text-align: justify;">
<li>for Linux : <span class="wf_file_text"><a class="wf_file" href="http://www.nta-monitor.com/files/ike-scan/ike-scan-1.9.tar.gz"><span class="wf_file_text">ike-scan-1.9.tar.gz</span></a></span></li>
<li><span class="wf_file_text"><span class="wf_file_text">Github: <a href="https://github.com/royhills/ike-scan" title="https://github.com/royhills/ike-scan">https://github.com/royhills/ike-scan</a></span></span></li>
</ul>
<div style="text-align: justify;">
This will compile on Unix and Linux systems as well as Windows 
systems with Cygwin. You will need a C compiler, the "make" utility and 
the appropriate system header files to compile ike-scan. It uses 
autoconf and automake, so compilation and installation is the normal 
./configure; make; make install process.</div>
<ul style="text-align: justify;">
<li>Windows : <a class="wf_file" href="http://www.nta-monitor.com/files/ike-scan/ike-scan-win32-1.9.zip"><span class="wf_file_text">ike-scan-win32-1.9.zip</span></a></li>
</ul>
<div style="text-align: justify;">
This is a zip file containing a Win-32 binary version of ike-scan 
together with the Cygwin DLL which provides posix support. It runs on 
Win-9x, NT, 2000 and XP. The executable was produced by compiling the 
ike-scan source on a Windows system running Cygwin.</div>
<h3 style="text-align: justify;">
Tutorial ::  </h3>
<div style="text-align: justify;">
<b><span style="font-size: small;">IKE-Scan User Guide</span>  ::</b> <a href="http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide" target="_blank">Click Here</a></div>

IKE Scan (Fingerprinting IPsec VPN Systems) :: Tools

IKE Scan is a command-line tool for discovering, fingerprinting and testing IPsec VPN systems . It constructs and sends IKE Phase-1 p...

Polipo (Fast Caching Web Proxy) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-NyUbYXHd__DneQqwv5fvd1SVGs74usTJyhqxbZKsUNdTap7RuNPogsL8ETY0pKvOltAv4cV3YLUaGUWh04ihvwKbvm0rLcHhSbvj22zKYf-dY-FI2PAaxKo4wOc5WHr7ZTFYTSpxkkdS/s1600/polipo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="polipo" border="0" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-NyUbYXHd__DneQqwv5fvd1SVGs74usTJyhqxbZKsUNdTap7RuNPogsL8ETY0pKvOltAv4cV3YLUaGUWh04ihvwKbvm0rLcHhSbvj22zKYf-dY-FI2PAaxKo4wOc5WHr7ZTFYTSpxkkdS/s320/polipo.png" title="polipo" width="320" /></a></div>
<div style="text-align: justify;">
<b>Polipo</b> is a small and<i> fast caching web proxy</i>
(a web cache, an HTTP
proxy, a proxy server).  While <b>Polipo </b>was designed to be used by one
person or a small group of people, there is nothing that prevents it
from being used by a larger group.

</div>
<div style="text-align: justify;">
<b>Polipo </b>has some features that are, as far as I know, unique among
currently available proxies:
</div>
<ul style="text-align: justify;">
<li><b>Polipo </b>will use HTTP/1.1 
pipelining if it believes
that the remote server supports it, whether the incoming requests
are pipelined or come in simultaneously on multiple connections (this
is more than the simple usage of persistent connections, which is done
by <i>e.g.</i> Squid);
</li>
<li><b>Polipo</b> will cache the
initial segment of an instance if the download has been
interrupted, and, if necessary, complete it later using 
Range
requests;
</li>
<li><b>Polip</b>o will upgrade client requests to HTTP/1.1 even if they come
in as HTTP/1.0, and up- or downgrade server replies to the client's
capabilities (this may involve conversion to or from the HTTP/1.1
chunked
encoding);
</li>
<li><b>Polipo </b>has complete support for 
IPv6 
(except for scoped (link-local) addresses).
</li>
<li><b>Polipo </b>can optionally use a technique known as 
Poor Man's
Multiplexing to reduce latency even further.
</li>
</ul>
<div style="text-align: justify;">
In short, <b>Polipo u</b>ses a plethora of techniques to make web browsing
(seem) faster. </div>
<div style="text-align: justify;">
<br /></div>
<b>Download Here ::</b> git clone git://git.wifi.pps.univ-paris-diderot.fr/polipo<br />
                              <a href="http://freehaven.net/~chrisd/polipo/polipo-1.0.4.tar.gz" target="_blank">Polipo-1.0.4.tar.gz (for Linux)</a><br />
                              <a href="http://freehaven.net/~chrisd/polipo/polipo-1.0.4-win32.zip" target="_blank">Polipo-1.0.4-win32.zip</a><br />
<b>Tutorial & Official Website ::</b>  http://www.pps.univ-paris-diderot.fr/~jch/software/polipo/

Polipo (Fast Caching Web Proxy) :: Tools

Polipo is a small and fast caching web proxy (a web cache, an HTTP proxy, a proxy server). While Polipo was designed to be used by on...

HULK (Web Server DDoS) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="hulk ddos tool" border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmkIpDIrPxvWHtvaai_4lmV1eyCCUucwGOrd8aUni-ylFt1wNOuMbrXPPPrtc8hntwhyphenhyphenoPGGfY1vutVU40iKl62ewiHoIVJpoPAVQxG0fGoJuJYywjG5L1Kwvzl-NBExPpV23vg0rSOtoY/s320/hulk+web+server+logo.jpg" title="hulk ddos tool" width="320" /></div>
<b>HULK</b> is a <i>web server denial of service tool (DDoS Tool)</i> written for research 
purposes. It is designed to generate volumes of unique and obfuscated 
traffic at a webserver, bypassing caching engines and therefore hitting 
the server's direct resource pool.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The <b>Hulk Web server</b> is a brainchild of Barry Shteiman. This<i> DDoS attack 
tool </i>distinguishes itself from many of the other tools out in the wild. 
According to its creator, the Hulk Web server was born of his conclusion
 that most available DDoS attack tools produced predictable repeated 
patterns that could easily be mitigated. The principle behind the Hulk 
Web server is that a unique pattern is generated at each and every 
request, with the intention of increasing the load on the servers as 
well as evading any intrusion detection and prevention systems. </div>
<h3 style="text-align: justify;">
Some Techniques</h3>
<ul style="text-align: justify;">
<li>Obfuscation of Source Client – this is done by using a list of known
 User Agents, and for every request that is constructed, the User Agent 
is a random value out of the known list</li>
<li>Reference Forgery – the <i>referer</i> that points at the request is obfuscated and points into either the host itself or some major prelisted websites.</li>
<li>Stickiness – using some standard Http command to try and ask the 
server to maintain open connections by using Keep-Alive with variable 
time window</li>
<li>no-cache – this is a given, but by asking the HTTP server for <i>no-cache</i> , a server that is not behind a dedicated caching service will present a unique page.</li>
<li>Unique Transformation of URL – to eliminate caching and other 
optimization tools, I crafted custom parameter names and values and they
 are randomized and attached to each request, rendering it to be Unique,
 causing the server to process the response on each event.</li>
</ul>
<div style="text-align: justify;">
<b>Video Tutorial :: </b><a href="https://www.youtube.com/watch?v=dYjx2VoXjEA" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://packetstormsecurity.com/files/download/112856/hulk.zip" target="_blank">Hulk.zip</a><b><a href="http://packetstormsecurity.com/files/download/112856/hulk.zip" target="_blank"> </a></b></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.sectorix.com/ </div>

HULK (Web Server DDoS) :: Tools

HULK is a web server denial of service tool (DDoS Tool) written for research purposes. It is designed to generate volumes of unique an...

Yeti (Network Foot-Printing) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5p_8uF28TyyEY6WHl18BJAymokj8-VVu3MRWW5Wt7IIrOKw2h-IiduRV_50rPsD9BqFdwAWtpQ9-szzl3mPK2neFFLS6lG6F0wxVLr7SueOJFhRZRFJRSJQia0DgBxQlZnQRUrCAjfAbO/s1600/yeti+tool+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Yeti tool screenshot" border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5p_8uF28TyyEY6WHl18BJAymokj8-VVu3MRWW5Wt7IIrOKw2h-IiduRV_50rPsD9BqFdwAWtpQ9-szzl3mPK2neFFLS6lG6F0wxVLr7SueOJFhRZRFJRSJQia0DgBxQlZnQRUrCAjfAbO/s400/yeti+tool+screenshot.png" title="Yeti tool screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<b>Yeti </b>is a network foot-printing tool and <b>Yeti</b> is a <i>perfect tool to perform the reconnaissance </i>phase before a 
pentest or a security assessment. A nice feature is the use of a <i>GeoIP 
database to look for IP addresses</i> and <i>display your network</i> on a world 
map. <b>Yeti</b> grabs information publicly available on the Internet and does 
not perform any intrusive actions. Big companies may have a huge amount 
of devices and resources online with remote offices in several 
countries, several websites. If you host applications in the cloud, it 
could also discover what are your “neighbours” (who share the same IP 
addresses as you).
</div>
<div style="text-align: justify;">
Yeti is developed in Java and run on all the well-known operating systems flavors. Yeti proposes the following features:
</div>
<ul style="text-align: justify;">
<li> Domain expansion – Based on a domain names list, it gathers 
information for all the available TLD (read from a list). Ex: 
rootshell.be, rootshell.org, rootshell.eu, rootshell.com, etc. Whois 
information is gathered and filters can be applied to search for 
relevant information.
</li>
<li> Forward lookup – Extracts information from domains (MX records, etc)
</li>
<li> Certification extraction – Extracts the SSL certificates from web sites.
</li>
<li> Reverse lookup – Performs reverse IP lookup from IP lists.
</li>
<li> IP/Site scan – Using the Microsoft Bing API, it extracts information based on domain names or IP addresses<b>. </b></li>
</ul>
<b>Tutorial :: </b><a href="http://spyeti.blogspot.in/p/getting-started.html" target="_blank">Click Here</a><b> </b><br />
<b>Download Here :: </b><a href="http://www.sensepost.com/cms/resources/labs/tools/misc/jyeti-dist.tar.bz2" target="_blank">Yeti .tar.bz2 (for Linux)</a><b><br /></b><br />
<b>Official Website ::</b> http://spyeti.blogspot.in/

Yeti (Network Foot-Printing) :: Tools

Yeti is a network foot-printing tool and Yeti is a perfect tool to perform the reconnaissance phase before a pentest or a security asse...

Open Port Check :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicOHIjv0sZ6FWi82BD2iuD-v4RVC7PrOOwgcyjOEffZhUsxMYw0_jC8qZH0d7S5vNhLSpa_JhSkdOz07kcikEL7iGBp-VTN6buPqChCQk80D1dFP8ODW8IUMlyGELXXpqIKtR8XqszQgxZ/s1600/open+port+check.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="open port checker logo" border="0" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicOHIjv0sZ6FWi82BD2iuD-v4RVC7PrOOwgcyjOEffZhUsxMYw0_jC8qZH0d7S5vNhLSpa_JhSkdOz07kcikEL7iGBp-VTN6buPqChCQk80D1dFP8ODW8IUMlyGELXXpqIKtR8XqszQgxZ/s400/open+port+check.JPG" title="open port checker logo" width="400" /></a></div>
<div style="text-align: justify;">
The <b>open port checker</b> is a tool you can use to<i> check your external IP 
address</i> and <i>detect open ports on your connection</i>. <b>Open Port Check</b> tool is useful 
for finding out if your port forwarding is setup correctly or if your 
server applications are being blocked by a firewall. This tool may also 
be used as a port scanner to scan your network for ports that are 
commonly forwarded. It is important to note that some ports, such as 
port 25, are often blocked at the ISP level in an attempt to prevent 
malicious activity. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Online ::</b> <a href="http://www.yougetsignal.com/tools/open-ports/" target="_blank">Open Port Check Here</a></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.yougetsignal.com/</div>

Open Port Check :: Tools

The open port checker is a tool you can use to check your external IP address and detect open ports on your connection . Open Port Ch...

Spamhole (Fake Open SMTP Relay) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="spamhole icon" border="0" height="288" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqgcukVMDw1RsYGJ3aGblNfFV_xTdGEVOlVczM9nJ9m8k1eXqNCk2wif9XPVHMr_ZIL4s9Nn9vAIyf8K7a8o-5NzEpSjVjd1wssVxKNoB14was_qw88F8xtQ89GTkteQlby9ostpsdlgN6/s320/spamhole+logo.jpg" title="spamhole icon" width="320" /></div>
<b>Spamhole</b> is a <i>fake open SMTP relay</i>, intended to stop (some) spam by 
convincing spammers that it is delivering spam messages for them, when 
in fact it is not.<b> </b><br />
<h2>
<b>Usages :: </b></h2>
<pre><span style="font-family: "Courier New",Courier,monospace;">spamhole.h Config Options:

PWD - spamhole's present working directory (where it stores it's data.

UID - spamhole's running UID (after binding to the port, it drops privs to this user)

IDENT - A text string to uniquely identify this spamhole.This string will be added to modified emails via the
 X-SpamHole-Ident header.

LOCAL_IP - The local address you want spamhole to listen on (use "0.0.0.0" for all local addresses).

LOCAL_PORT - The local port for spamhole to listen to (usually port 25)

SMTP_RELAY - The remote SMTP relay or mail server that spamhole will redirect connections to for mail service.

SMTP_PORT - The port that SMTP_RELAY listens on for SMTP.

MAX_CON - The maximum number of unmodified 'passthrough' SMTP connections any given IP is allowed to have.  After
 this threshold is reached, incoming SMTP will be modified and tagged via X-SpamHole headers.

HOLEADDR - The email address that modified connections will have emails re-addressed to.  This should be a SPAM
 mailbox or spam registration address, such as the registration address for a Bayesian Filter.</span></pre>
<br />
<b>Download Here :: </b><a href="http://sourceforge.net/projects/spamhole/files/latest/download" target="_blank">Spamhole 0.4.tar.gz (for Linux)</a><br />
<b>Official Website :: </b>http://www.spamhole.net/

Spamhole (Fake Open SMTP Relay) :: Tools

Spamhole is a fake open SMTP relay , intended to stop (some) spam by convincing spammers that it is delivering spam messages for them, w...

DNSRecon (DNS Information Gathering) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBmBNrk2zjtV5xfWpJ9Ho5Dxa_UwHGMt5XrbrxISfORTwpUgIpmszrDOrbLbsO6loanBsuVWDn27vHVtA4zWOLDGCd-r9_Uf7Bc1W2EBm0TDEkMdxq6dRPqXoKZ8Jj5iD12qE0nBpf7Oz_/s1600/dnsrecon1.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnsrecon" border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBmBNrk2zjtV5xfWpJ9Ho5Dxa_UwHGMt5XrbrxISfORTwpUgIpmszrDOrbLbsO6loanBsuVWDn27vHVtA4zWOLDGCd-r9_Uf7Bc1W2EBm0TDEkMdxq6dRPqXoKZ8Jj5iD12qE0nBpf7Oz_/s400/dnsrecon1.jpeg" title="dnsrecon" width="400" /></a></div>
<span class="nodeLabelBox repTarget " role="treeitem"><span class="nodeBracket editable insertBefore "></span><span class="nodeText editable "><span class="  "><b>DNS
 reconnaissance or DNSRecon</b> is part of the <i>information gathering stage</i> on a 
penetration test engagement.When a penetration tester is performing a 
DNS reconnaissance is trying to obtain as much as information as he can 
regarding the DNS servers and their records.The information that can be 
gathered it can disclose the network infrastructure of the company 
without alerting the IDS/IPS.This is due that most of the organizations 
are not monitoring their DNS server traffic and those that do they only 
monitor the zone transfers attempts.</span></span></span><br />
<span class="nodeLabelBox repTarget " role="treeitem"><span class="nodeText editable "><span class="  ">On the web there are a variety of tools available that can gather DNS information effectively but in this article we will focus on the DNSRecon which is a tool that was developed by Carlos Perez and it is designed to perform DNS reconnaissance.This tool is included on backtrack and it is written in python. </span></span></span><br />
<b>DNSrecon</b> is a simple tool writen for target <b>enumeration</b> during  authorized penetration test engaments. This tool provides diferent  methods for enumerating targets thru DNS service. </div>
<ul style="text-align: justify;">
<li>Standard Record Enumeration for a given domain (A, NS, SOA and MX). </li>
<li>Top Leven Domain Expansion for a given domain. </li>
<li>Zone Transfer against all NS records of a given domain. </li>
<li>Reverse Lookup against a given IP Range given a start and end IP. </li>
</ul>
<div style="text-align: justify;">
 Here is an Example of the tool enumerating SRV Record and Standard Record.</div>
<pre style="background-color: #fbfbfb; border: 1px solid #cecece; min-height: 40px; overflow: auto; padding: 5px; width: 650px;"><pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 19px; margin: 0em; width: 100%;">root@bt:~# ./dnsrecon.rb -t srv -d avaya.com</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">_sip._udp.avaya.com,198.152.17.90,5060</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; margin: 0em; width: 100%;">_sip._tcp.avaya.com,198.152.17.90,5060</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">root@bt:~# ./dnsrecon.rb -t std -d google.com</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 18px; margin: 0em; width: 100%;">google.com,209.85.171.100,A</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">google.com,74.125.67.100,A</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">google.com,74.125.45.100,A</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 19px; margin: 0em; width: 100%;">ns1.google.com,216.239.32.10,SOA</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">ns4.google.com,216.239.38.10,NS</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 18px; margin: 0em; width: 100%;">ns1.google.com,216.239.32.10,NS</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 18px; margin: 0em; width: 100%;">ns2.google.com,216.239.34.10,NS</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 17px; margin: 0em; width: 100%;">ns3.google.com,216.239.36.10,NS</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 18px; margin: 0em; width: 100%;">smtp4.google.com,72.14.221.25,MX,10</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 19px; margin: 0em; width: 100%;">smtp1.google.com,209.85.237.25,MX,10</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; height: 19px; margin: 0em; width: 100%;">smtp2.google.com,64.233.165.25,MX,10</pre>
<pre style="background-color: #fbfbfb; font-family: consolas,'Courier New',courier,monospace; font-size: 11px; margin: 0em; width: 100%;">smtp3.google.com,209.85.137.25,MX,10</pre>
</pre>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/uy9Z6C8vVRw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<br />
<b>Download Here :: </b><a href="https://github.com/darkoperator/dnsrecon/blob/master/dnsrecon.py" target="_blank">dnsrecon.py</a><b>
</b></div>
<div style="text-align: justify;">
<b>Source :: </b><cite>https://github.com/darkoperator/<b>dnsrecon</b></cite></div>
</div>

DNSRecon (DNS Information Gathering) :: Tools

DNS reconnaissance or DNSRecon is part of the information gathering stage on a penetration test engagement.When a penetration tester...

DnsWalk (DNS Debugger) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggh9ptz7RMcUIN0S7vYdjFGEiIuggl4BgFl57Di5eVBDYTyViNa6nJQfw_rsg7al9rQASDXRcO-Fw6jIL1y3JE9pMLwQBuoahSa__orjcZ-KvqaYvTHKo53VnEUuahL4usjaC9DG0-VSQm/s1600/dnswalk+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnswalk screenshot" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggh9ptz7RMcUIN0S7vYdjFGEiIuggl4BgFl57Di5eVBDYTyViNa6nJQfw_rsg7al9rQASDXRcO-Fw6jIL1y3JE9pMLwQBuoahSa__orjcZ-KvqaYvTHKo53VnEUuahL4usjaC9DG0-VSQm/s1600/dnswalk+screenshot.png" title="dnswalk screenshot" /></a></div>
<div style="text-align: justify;">
<b>Dnswalk</b> is a <b>DNS debugger</b>. It performs zone transfers of  specifieddomains, and checks the database in numerous ways for  internalconsistency, as well as accuracy.  <b>dnswalk</b> is not for the faint  of heart.  It should NOT be used without a firm knowledge of the DNS  RFC's.  The warnings and errors must be interpreted within the context they are being used.  Something  may be flagged as a warning, but in reality it is a really bad error. Conversely dnswalk will flag things as warnings and possibly even  errors, but they may actually be perfectly "legal" or normal in your specific situation.  <b>dnswalk </b>is not an AI engine.  It just provides  useful information which you need to interpret. If you use this tool for  cracking or otherwise evil purposes, the author hereby considers you a  slime-ball.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/i-KMGQvDOUc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Download Here :: </b><a href="http://sourceforge.net/projects/dnswalk/files/latest/download" target="_blank">Dnswalk 2.0.2 (for Linux)</a><b>
</b>
<b> </b><br />
<b>Source ::</b> http://sourceforge.net/projects/dnswalk/</div>

DnsWalk (DNS Debugger) :: Tools

Dnswalk is a DNS debugger . It performs zone transfers of specifieddomains, and checks the database in numerous ways for internalcons...

HostMap (Hosts Discovery) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGKwLKElCSEhex-_U5vhK8pGd5CaZoOheAiXG3v0gep9WqvjsG1ezuhfstT4PnSblQG1kBjqmvrn9pgrXFl9uIM2tW8oXHGndJXwmDDNKLJymjRBM4E_ewFeSOdy5ERmljHWZzlmGxW2gy/s1600/Hostmap+image.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="hostmap image" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGKwLKElCSEhex-_U5vhK8pGd5CaZoOheAiXG3v0gep9WqvjsG1ezuhfstT4PnSblQG1kBjqmvrn9pgrXFl9uIM2tW8oXHGndJXwmDDNKLJymjRBM4E_ewFeSOdy5ERmljHWZzlmGxW2gy/s1600/Hostmap+image.png" title="hostmap image" /></a></div>
<div style="text-align: justify;">
<b>Hostmap</b> is a free, <i>automatic, hostnames and virtual hosts 
discovery tool</i> written in Ruby by Alessandro `jekil` Tanasi and licensed
 under GNU General Public License version 3 (GPLv3). It's goal is to 
enumerate all hostnames and configured virtual hosts on an IP address. 
The primary users of hostmap are professionals performing vulnerability 
assessments and penetration tests.
</div>
<div style="text-align: justify;">
hostmap helps you using several techniques to enumerate all the hostnames associated with an IP address.
</div>
<div style="text-align: justify;">
The major features are:
</div>
<ul style="text-align: justify;">
<li> DNS names and virtual hosts enumeration
</li>
<li> Multiple discovery techniques, to read more see documentation.
</li>
<li> Results correlation, aggregation and normalization
</li>
<li> Multithreaded and event based engine
</li>
<li> Platform independent
</li>
</ul>
<div style="text-align: justify;">
<b>Downlaod Here ::</b> <a href="https://sourceforge.net/projects/hostmap/files/hostmap/hostmap-0.2/hostmap-0.2.tar.gz/download" target="_blank">Hostmap (for Linux)</a></div>
<div style="text-align: justify;">
<b>Official Website ::</b> http://www.lonerunners.net/ </div>
</div>

HostMap (Hosts Discovery) :: Tools

Hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby by Alessandro `jekil` Tanasi and licensed u...

DNSTracer (DNS Route) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijwi4woQmAhYPT0HfRIFqdXQpeOUXfuxlKLRCrcPaokynz71x66BXbyCIF6IAC2GsPaQEd1flhUoUmSSzx7TQommBkqteEQLjJBNIeQZ9s_hzczl3cyyIFOlmx7SeuBcVXWwDKLgN4QBdV/s1600/dnstracer+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnstracer screenshot" border="0" height="202" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijwi4woQmAhYPT0HfRIFqdXQpeOUXfuxlKLRCrcPaokynz71x66BXbyCIF6IAC2GsPaQEd1flhUoUmSSzx7TQommBkqteEQLjJBNIeQZ9s_hzczl3cyyIFOlmx7SeuBcVXWwDKLgN4QBdV/s400/dnstracer+screenshot.jpg" title="dnstracer screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<b>dnstracer</b> determines where a given <i>Domain Name Server (DNS) gets its information</i> from, and follows the chain of DNS servers back to the servers which know the data.</div>
<br />
Example :-<br />
<pre class="screenshot">[~] edwin@k7><b>dnstracer www.mavetju.org</b>
Tracing to www.mavetju.org via 127.0.0.1, timeout 15 seconds
127.0.0.1 (127.0.0.1)
 |\___ B.ROOT-SERVERS.NET [.] (128.9.0.107)
 |     |\___ M.GTLD-SERVERS.NET [org] (202.153.114.101)
 |     |     |\___ NS2.SECONDARY.COM [mavetju.org] (198.133.199.4) Got authoritative answer
 |     |      \___ NS1.SECONDARY.COM [mavetju.org] (198.133.199.3) Got authoritative answer
 |     |\___ E.GTLD-SERVERS.NET [org] (192.12.94.30)
 |     |     |\___ NS2.SECONDARY.COM [mavetju.org] (198.133.199.4) (cached)
 |     |      \___ NS1.SECONDARY.COM [mavetju.org] (198.133.199.3) (cached)
 |     |\___ K.GTLD-SERVERS.NET [org] (213.177.194.5)
 |     |     |\___ NS2.SECONDARY.COM [mavetju.org] (198.133.199.4) (cached)
 |     |      \___ NS1.SECONDARY.COM [mavetju.org] (198.133.199.3) (cached)
[...]
 |      \___ A.GTLD-SERVERS.NET [org] (192.5.6.30)
 |           |\___ NS2.SECONDARY.COM [mavetju.org] (198.133.199.4) (cached)
 |            \___ NS1.SECONDARY.COM [mavetju.org] (198.133.199.3) (cached)
 |\___ F.ROOT-SERVERS.NET [.] (192.5.5.241)
 |     |\___ M.GTLD-SERVERS.NET [org] (202.153.114.101) (cached)
 |     |\___ E.GTLD-SERVERS.NET [org] (192.12.94.30) (cached)
 |     |\___ K.GTLD-SERVERS.NET [org] (213.177.194.5) (cached)
 |     |\___ J.GTLD-SERVERS.NET [org] (210.132.100.101) (cached)
 |     |\___ F.GTLD-SERVERS.NET [org] (192.35.51.30) (cached)
[...]
 |      \___ A.GTLD-SERVERS.NET [org] (192.5.6.30) (cached)
 |\___ G.ROOT-SERVERS.NET [.] (192.112.36.4)
 |     |\___ M.GTLD-SERVERS.NET [org] (202.153.114.101) (cached)
[...]</pre>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/ibBUa6u9R6Y?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Download Here ::</b> <a href="http://freecode.com/urls/90291af9c8922e02e73b8299afb0f868" target="_blank">dnstracer (for Linux)</a><br />
<b>Source ::</b> http://www.mavetju.org/unix/dnstracer.php</div>

DNSTracer (DNS Route) :: Tools

dnstracer determines where a given Domain Name Server (DNS) gets its information from, and follows the chain of DNS servers back to th...

Search Admin Page :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdcso7UY1h5XykvO-IVJgbC7WBbxEMzF5qNNokr9_1Qn_h3XUVzOaC9vF31WIxkYIrecDz-y7AY_03oY1TckohiD4gHeEPavrbbxUXu6xIISF-n-pX8cy3XbCkg9aCHwdwPVMqZ85x5ADg/s1600/admin-page-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"></a><img alt="admin page logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj97Ace25MACKbume5zTfWwhcH97pPJJSgUkBumonW7ThiP9l85PtQfgOS2xUDDoi1qwpu5I_PzD9J79Lo5Jfy68wAxHwkX8ONP6t6bIuVeXeA2mrmh7aRVkY7u9rYcJKpXkE_Oeu6RStIr/s1600/admin+page.jpg" title="admin page logo" /></div>
<br />
<b>Search Admin Page</b> is a script that written in python. With the help <i>admin page finder script</i> we can find admin panel of website. This codes searches for admin pages, and in the future will also execute SQL/XSS injections and return the outputs.  <br />
  <br />
<b>Download Here ::</b> <a href="https://github.com/ephexeve/Search-admin-page/archive/master.zip" target="_blank">Search Admin Finder (.py)</a><br />
<b>Source ::</b> https://github.com/ephexeve/Search-admin-page

Search Admin Page :: Tools

Search Admin Page is a script that written in python. With the help admin page finder script we can find admin panel of website. This c...

Angry IP Scanner :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="angryip scanner logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgr5X1wp_12n0btEqP-TCO2mzp0n5YFM9n3Vo5p9Schm2bSkt5J-owscFGqTVtO6g3W9EzeWbUea2nfbxOQiLNnjvIkbJY141NAJhHk3wQI5aiUBe3b2UJGo9riUXcvga8Aiolecr7zO3MR/s1600/angryip+scanner+logo.jpg" title="angryip scanner logo" /></div>
<div style="text-align: justify;">
<b>Angry IP Scanner</b> (or simply <i>ipscan</i>) is an open-source and  cross-platform <b>network scanner</b> designed to be fast and simple to use. It  scans IP addresses and ports as well as has many other features. </div>
<div style="text-align: justify;">
It is widely used by <i>network administrators</i> and just curious  users around the world, including large and small enterprises, banks,  and government agencies. It runs on <i>Linux</i>, <i>Windows</i>, and <i>Mac OS X</i>, possibly supporting other platforms as well. </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9wgcdgP-fgI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
  </div>
<div style="text-align: justify;">
<b>Download Here ::</b> <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan-win32-3.2.exe" target="_blank">Windows</a>  |  <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan_3.2_i386.deb" target="_blank">Linux</a>  |  <a href="http://sourceforge.net/projects/ipscan/files/ipscan3-binary/3.2/ipscan-mac-3.2.zip" target="_blank">MAC</a> </div>
<div style="text-align: justify;">
<b>Official Website ::</b> http://angryip.org/ </div>
</div>

Angry IP Scanner :: Tools

Angry IP Scanner (or simply ipscan ) is an open-source and cross-platform network scanner designed to be fast and simple to use. It ...

Hashcat (Advanced Password Recovery) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="hashcat logo" border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYYautWUdpLjfrRNpPUGgD4WAHC_aRLMw0mWTn2js04tK6GY8KK7W6wfNHPtVakHEkxkjzcgR3dyYh7QG0OHlD1eU6ph1srgBIdy2DEMPNf-jAgst__JsTZIxKLzVIAS-yA9yTfmAaU84J/s320/hashcat.jpg" title="hashcat logo" width="320" /></div>
<div style="text-align: justify;">
<b>Hashcat</b> plus is Worlds first and only GPGPU based rule engine and  Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker.<br />
Features Free Multi-GPU (up to 16 gpus) Multi-Hash (up to 24 million hashes) Multi-OS (Linux & Windows native binaries) Multi-Platform (OpenCL & CUDA support) Multi-Algo (see below) Low resource utilization, you can still watch movies or play games while cracking Focuses highly iterated, modern hashes Focuses single dictionary based attacks Supports pause / resume while cracking Supports reading words from file Supports reading words from stdin Integrated thermal watchdog 20+ Algorithms implemented with performance in mind ... and much more </div>
<h2 style="text-align: justify;">
<span style="font-size: large;"><b>Usage :: </b> </span></h2>
<pre>Usage: ./hashcat-cli64.bin [options] hashfile [wordfiles|directories]

Startup:
  -V,  --version                     print version
  -h,  --help                        print help
       --eula                        print eula

Logging and Files:
       --remove                      enable remove of hash from hashlist once it is cracked
       --quiet                       suppress output
       --stdout                      stdout mode
       --disable-potfile             do not write potfile
  -r,  --rules-file=FILE             rules-file for hybrid-attack
  -o,  --output-file=FILE            output-file for recovered hashes
       --output-format=NUM           0 = hash:pass
                                     1 = hash:hex_pass
                                     2 = hash:pass:hex_pass
  -e,  --salt-file=FILE              salts-file for unsalted hashlists
       --debug-file=FILE             debug-file
       --debug-mode=NUM              1 = save finding rule (hybrid only)
                                     2 = save original word (hybrid only)
  -p,  --seperator-char=CHAR         seperator-char for hashlists

Resources:

-n,  --threads=NUM                 number of threads
  -c,  --segment-size=NUM            number of mb to cache from wordfile
  -s,  --words-skip=NUM              skip number of words (for resume)
  -l,  --words-limit=NUM             limit number of words (for distributed)

Attacks:
  -g,  --generate-rules=NUM          number of self-generating rules
       --generate-rules-func-min=NUM force number of functions per rule min
       --generate-rules-func-max=NUM force number of functions per rule max
  -a,  --attack-mode=NUM             number of attack-mode
                                     0 = Straight *
                                     1 = Combination *
                                     2 = Toggle-Case
                                     3 = Brute-Force
                                     4 = Permutation
                                     5 = Table-Lookup
                                     * = for Hybrid-Attack use -r or -g

-m,  --hash-mode=NUM               number of hash-mode

0 = MD5                           200 = MySQL
   1 = md5($pass.$salt)              300 = MySQL4.1/MySQL5
   2 = md5($salt.$pass)              400 = MD5(Wordpress)
   3 = md5(md5($pass))               400 = MD5(phpBB3)
   4 = md5(md5(md5($pass)))          500 = MD5(Unix)
   5 = vBulletin < v3.8.5            600 = SHA-1(Base64)
   6 = md5(md5($salt).$pass)         700 = SSHA-1(Base64)
   7 = md5($salt.md5($pass))         800 = SHA-1(Django)
   8 = md5($salt.$pass.$salt)        900 = MD4
   9 = md5(md5($salt).md5($pass))   1000 = NTLM
  10 = md5(md5($pass).md5($salt))   1100 = Domain Cached Credentials
  11 = md5($salt.md5($salt.$pass))  1200 = MD5(Chap)
  12 = md5($salt.md5($pass.$salt))  1300 = MSSQL
  15 = vBulletin > v3.8.5
  30 = md5($username.0.$pass)
  31 = md5(strtoupper(md5($pass)))
 100 = SHA1                         1400 = SHA256
 101 = sha1($pass.$salt)            1600 = MD5(APR)
 102 = sha1($salt.$pass)            1700 = SHA512
 103 = sha1(sha1($pass))            1800 = SHA-512(Unix)
 104 = sha1(sha1(sha1($pass)))
 105 = sha1(strtolower($username).$pass)

Toggle-Case specific:
      --toggle-min=NUM               number of alphas in plain minimum
      --toggle-max=NUM               number of alphas in plain maximum

Brute-Force specific:
      --bf-pw-min=NUM                password length minimum
      --bf-pw-max=NUM                password length maximum
      --bf-cs-buf=CHARS              charset for attack

Permutation specific:
      --perm-min=NUM                 number of chars in plain minimum
      --perm-max=NUM                 number of chars in plain maximum

Table-Lookup specific:
      --table-min=NUM                number of chars in plain minimum
      --table-max=NUM                number of chars in plain maximum
      --table-file=FILE              table file</pre>
<pre> </pre>
<pre> <b></b></pre>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/8fxLH-pokAI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<pre><b>
</b></pre>
<pre><b> </b></pre>
<div style="text-align: left;">
<b>Download Here :: </b><a href="http://hashcat.net/files/oclHashcat-plus-0.15.7z" target="_blank">oclHashcat-plus-0.15.7z</a><b>
</b></div>
<div style="text-align: left;">
<b>Official Website ::</b> http://hashcat.net/</div>
</div>

Hashcat (Advanced Password Recovery) :: Tools

Hashcat plus is Worlds first and only GPGPU based rule engine and Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. Fe...

p0f (OS and Application Fingerprinting) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxMdkwqLhu3-pobymZBIO1qkTOxYwuX4bDCm4Q611wMbhHmVJFqDwC9T4Kry2DSL2ce_ZpjZSs3_1aULLvVDqe4vFIpOWUhyphenhyphenEX_EdPrmfz-HG-XmVhf9ArdZ8L37QRcjw75UeZOC30pf8G/s1600/p0f+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="p0f screenshot" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxMdkwqLhu3-pobymZBIO1qkTOxYwuX4bDCm4Q611wMbhHmVJFqDwC9T4Kry2DSL2ce_ZpjZSs3_1aULLvVDqe4vFIpOWUhyphenhyphenEX_EdPrmfz-HG-XmVhf9ArdZ8L37QRcjw75UeZOC30pf8G/s320/p0f+screenshot.jpg" title="p0f screenshot" width="320" /></a></div>
<div style="text-align: justify;">
<b>p0f</b> is a versatile <i>passive OS and application fingerprinter,</i> and a tool  for <i>detecting NAT/connection sharing</i>.  It is useful for <i>penetration  testing, routine network monitoring, and forensics</i>, and to aid abuse  detection tools such as IDSes, spam filters, or honeypots. <b>P0f</b> is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP). </div>
<div style="text-align: justify;">
Some of p0f's capabilities include: </div>
<ul style="text-align: justify;">
<li> Highly scalable and extremely fast identification of the operating system      and software on both endpoints of a vanilla TCP connection - especially in      settings where <a href="http://www.nmap.org/">NMap</a> probes are blocked, too slow, unreliable, or would      simply set off alarms.  </li>
<li> Measurement of system uptime and network hookup, distance (including      topology behind NAT or packet filters), user language preferences, and so on.  </li>
<li> Automated detection of connection sharing / NAT, load balancing, and      application-level proxying setups.  </li>
<li> Detection of clients and servers that forge declarative statements      such as <i>X-Mailer</i> or <i>User-Agent</i>.  </li>
</ul>
<div style="text-align: justify;">
<b>p0f</b> can be operated in the foreground or as a daemon, and offers a simple real-time API for third-party components that wish to obtain additional information about the actors they are talking to. </div>
<div style="text-align: justify;">
Common uses for p0f include reconnaissance during penetration tests; routine network monitoring; detection of unauthorized network interconnects in corporate environments; providing signals for abuse-prevention tools; and miscellanous forensics. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/OROE_HoN8mg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<br />
Download Here :: <a href="http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.06b.tgz" target="_blank">p0f-3.06b.tgz (for Linux)</a></div>
<div style="text-align: justify;">
Official Website :: http://lcamtuf.coredump.cx/p0f3/</div>
</div>

p0f (OS and Application Fingerprinting) :: Tools

p0f is a versatile passive OS and application fingerprinter, and a tool for detecting NAT/connection sharing . It is useful for pene...

Yersinia (Network Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Yersinia Logo" border="0" height="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaip-ZZ9WXtUFqjvHpyobAuFZwEjxo7tfG3P7zCZO3FhpEcOO4kT7V5Tpw5l2HzQaqs_2m02KHTdfYYWHsDikZeBdyfU9d9bp3nMRC-uEUFZIOMoDgpdnVV5pb-NxIy1tBP9_DoBwLj8qN/s320/yersinia+logo.jpg" title="Yersinia Logo" width="320" /></div>
<b>Yersinia</b> is a <i>network tool designed</i> to take advantage of <i>some  weakeness in different network protocols.</i> It pretends to be a solid  framework for analyzing and testing the deployed networks and systems. </div>
<div style="text-align: justify;">
Currently, there are some network protocols implemented, but others  are coming (tell us which one is your preferred). Attacks for the  following network protocols are implemented (but of course you are free  for implementing new ones): </div>
<ul style="text-align: justify;">
<li>Spanning Tree Protocol (STP)</li>
<li>Cisco Discovery Protocol (CDP)</li>
<li>Dynamic Trunking Protocol (DTP)</li>
<li>Dynamic Host Configuration Protocol (DHCP)</li>
<li>Hot Standby Router Protocol (HSRP)</li>
<li>IEEE 802.1Q</li>
<li>IEEE 802.1X</li>
<li>Inter-Switch Link Protocol (ISL)</li>
<li>VLAN Trunking Protocol (VTP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/cyU-ds5M9Uo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Download Here ::</b> <a href="http://www.yersinia.net/download/yersinia-0.7.1.tar.gz"> Yersinia-0.7.1.tar.gz</a>  
<b> </b><br />
<b>Official Website ::</b> http://www.yersinia.net/</div>

Yersinia (Network Tool) :: Tools

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid f...

Fierce (DNS Enumeration) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
 <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-d0GilIUG5gDmVrO9tXHE8UJRtwhXIr4VOfgiq6g0SySvlmFZvw7j4UPg3IEW2Ngpv9CxGhO0Cq94iAL9eUmsarmZ8wzwJHgmSM1t3kWG8zfMEfxm7QLPnHMWfkarA-sqsYXQJRJUhROK/s1600/fierce+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="fierce domain" border="0" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-d0GilIUG5gDmVrO9tXHE8UJRtwhXIr4VOfgiq6g0SySvlmFZvw7j4UPg3IEW2Ngpv9CxGhO0Cq94iAL9eUmsarmZ8wzwJHgmSM1t3kWG8zfMEfxm7QLPnHMWfkarA-sqsYXQJRJUhROK/s400/fierce+screenshot.png" title="fierce domain" width="400" /></a></div>
<div style="text-align: justify;">
<b>Fierce </b>is a <i>DNS Enumeration</i> and <b>Fierce</b> is a <i>semi-lightweight scanner that helps locate non-contiguous IP  space and hostnames</i> against specified domains.  It's really meant as a  pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those  require that you already know what IP space you are looking for.  This  does not perform exploitation and does not scan the whole internet  indiscriminately.  It is meant specifically to locate likely targets  both inside and outside a corporate network.  Because it uses DNS  primarily you will often find mis-configured networks that leak internal  address space. That's especially useful in targeted malware.  <b><br />
</b></div>
<div style="text-align: justify;">
<b>Fierce</b> domain scan was born out of personal frustration after  performing a web application security audit.  It is traditionally very  difficult to discover large swaths of a corporate network that is  non-contiguous.  It's terribly easy to run a scanner against an IP  range, but if the IP ranges are nowhere near one another you can miss  huge chunks of networks.</div>
<div style="text-align: justify;">
First what Fierce is not.  Fierce is not an IP scanner, it is not a  DDoS tool, it is not designed to scan the whole internet or perform any  un-targeted attacks. It is meant specifically to locate likely targets  both inside and outside a corporate network.  Only those targets are  listed (unless the -nopattern switch is used).  No exploitation is  performed (unless you do something intentionally malicious with the  -connect switch).  Fierce is a reconnaissance tool.  Fierce is a PERL  script that quickly scans domains (usually in just a few minutes,  assuming no network lag) using several tactics.</div>
<div style="text-align: justify;">
First it queries your DNS for the DNS servers of the target.  It then  switches to using the target's DNS server (you can use a different one  if you want using the -dnsserver switch but this can cause problems if  the server you use won't tell you information about other people's sites  and of course you won't find much relevant internal address space).   Fierce then attempts to dump the SOA records for the domain in the very  slim hope that the DNS server that your target uses may be  misconfigured.  Once that fails (because it almost always will) it  attempts to "guess" names that are common amongst a lot of different  companies.  Don't ask me where I got the list, it's just a list of names  that id and I have seen all over the place.  I thought about adding a  dictionary to this, but I think that would take a lot longer, and given  that very few of the words are dictionary words I don't think this would  add a lot of value.</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/il6Ey1sNc0w?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<br />
<b>Download Here :: </b><a href="http://ha.ckers.org/fierce/fierce.pl" target="_blank">fierce.pl</a></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://ha.ckers.org/fierce/</div>
</div>

Fierce (DNS Enumeration) :: Tools

Fierce is a DNS Enumeration and Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames again...

Social Engineering Toolkit (SET) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Social-Engineering-Toolkit Logo" border="0" height="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZp5OAjBJvIyr5zI3tkhYhzWyUadCCpXmfibfXqc_q0jgKSbkicYCNzA91NhgcYEyKkp2mjzZCDl-toVTu6AEL96HjxPEnEHhMAHpZfVw79c4kmp13o5fXXigNVPUL_aBkNQUqsT7-aH5u/s400/SET+Logo.jpg" title="Social-Engineering-Toolkit Logo" width="400" /></div>
<div style="text-align: justify;">
The <b>Social-Engineer Toolkit (SET)</b> was created and written by the  founder of <b>TrustedSec</b>. It is an open-source Python-driven tool aimed at  <b>penetration testing around Social-Engineering.</b> SET has been presented at  large-scale conferences including Blackhat, DerbyCon, Defcon, and  ShmooCon. With over two million downloads, SET is the standard for  social-engineering penetration tests and supported heavily within the  security community. </div>
<div style="text-align: justify;">
<b>The Social-Engineer Toolkit</b> has over 2 million downloads and is aimed  at leveraging advanced technological attacks in a social-engineering  type environment. TrustedSec believes that social-engineering is one of  the hardest attacks to protect against and now one of the most  prevalent. The toolkit has been featured in a number of books including  the number one best seller in security books for 9 months since its  release,“Metasploit: The Penetrations Testers Guide” written by TrustedSec’s founder as well as Devon Kearns, Jim O’Gorman, and Mati Aharoni.</div>
<div style="text-align: justify;">
<b>SET</b> is included in the latest version of the most popular Linux  distribution focused on security, Back|Track.  </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Q9oDyd2yAFc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<br />
<b>For More Video Tutorial :: </b><a href="https://www.trustedsec.com/downloads/social-engineer-toolkit/" target="_blank">Click Here </a><b> </b><br />
<b>Download Here :: </b><span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;"><span class="crayon-e">git </span><span class="crayon-r">clone</span><span class="crayon-h"> </span><span class="crayon-i">https</span><span class="crayon-o">:</span><span class="crayon-c">//github.com/trustedsec/social-engineer-toolkit/ set/</span></span></span></div>
<div class="crayon-pre" style="font-size: 12px !important; line-height: 15px !important;">
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
</div>
<div class="crayon-line" id="crayon-526c3fed2a2ac390979488-1">
<b><span class="crayon-c"></span></b><span class="crayon-c"><b><span style="font-size: small;">Official Website :: </span></b><span style="font-size: small;">https://www.trustedsec.com/</span><b> </b></span><span class="crayon-c"></span></div>
</div>
<div style="text-align: justify;">
</div>
</div>

Social Engineering Toolkit (SET) :: Tools

The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec . It is an open-source Python-driven tool aimed...

Nessus Vulnerability Scanner :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Nessus Scanner" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6OR9csOrOT-agaTAXqGm7Dc8g1dfaiyPSJfkytcfchemokfyYVleLfHTCbQ9BcaJeSphdnxcTWuwqbwY2H-DyYcG9WrHIjhQT4QOqsXXnCcZ_bjDwaor0JP3kIOYpZsIKzRe_L22Uaf0C/s1600/images.jpg" title="Nessus Scanner" /> </div>
<div style="text-align: justify;">
<b>Nessus Vulnereability Scanner</b> is one of the most powerful, popular and capable vulnerability scanners,  particularly for UNIX or Windows systems.  It was initially free and open source,  but they closed the source code in 2005 and removed the free "Registered Feed" version  in 2008. It now costs $1,200 per year, which still beats many of its  competitors. A free “Home Feed” is also available, though it is limited  and only licensed for home network use.  </div>
<div style="text-align: justify;">
<b>Nessus</b> is constantly updated, with more than 46,000 plugins. Key  features include remote and local (authenticated) security checks, a  client/server architecture with a web-based interface, and an embedded  scripting language for writing your own plugins or understanding the  existing ones. Agentless auditing of configurations, patches, and web applications. 55,000+ vulnerability and configuration checks (plugins) – new plugins updated daily. Scans networks, systems, data, and applications. Post-scan analysis and monitoring tools. Part of Tenable's enterprise USM  platform – providing centralized management of multiple vulnerability  scanners and real-time vulnerability, log, and compliance management.</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/sqFXXvaA8p4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<b>Download Here</b><b> ::</b> <a href="http://www.tenable.com/products/nessus/select-your-operating-system" target="_blank">Nessus 5.2</a></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Official Website</b><u><b> </b></u><b>::</b> http://www.tenable.com/products/nessus </div>
</div>

Nessus Vulnerability Scanner :: Tools

Nessus Vulnereability Scanner is one of the most powerful, popular and capable vulnerability scanners, particularly for UNIX or Wind...

Netfilter (Firewalling, NAT and Packet Managing ) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="netfilter logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nlPN3zHdxmcDO9QcN_iEWWnInhbDEk5ZFkMBw5IJpPvVU4B56F7ITPqWlXhdUI1FCcZ5bpmb-pVh-_BTAt0vlJbd0L2873b8GCCQrPFRK1vwADrxiRF45ox6HdKeR9tjh162_VALzc5m/s1600/netfilter-logo2.png" title="netfilter logo" /></div>
<div style="text-align: justify;">
<b>Netfilter</b> is a <i>powerful packet filter implemented</i> in the standard Linux  kernel. The userspace iptables tool is used for configuration. It now  supports packet filtering (stateless or stateful), all kinds of network  address and port translation (NAT/NAPT), and multiple API layers for 3rd  party extensions. It includes many different modules for handling  unruly protocols such as FTP.</div>
<div style="text-align: justify;">
<b>netfilter</b> is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack.  A registered callback function is then called back for every packet that traverses the respective hook within the network stack. iptables is a generic table structure for the definition of rulesets.  Each rule within an IP table consists of a number of classifiers (iptables matches) and one connected action (iptables target). </div>
<h2 class="title" style="clear: both; text-align: justify;">
Main Features</h2>
<div class="itemizedlist" style="text-align: justify;">
<ul class="itemizedlist" type="bullet">
<li class="listitem" style="list-style-type: disc;">stateless packet filtering (IPv4 and IPv6)</li>
<li class="listitem" style="list-style-type: disc;">stateful packet filtering (IPv4 and IPv6)</li>
<li class="listitem" style="list-style-type: disc;">all kinds of network address and port translation, e.g. NAT/NAPT (IPv4 and IPv6)</li>
<li class="listitem" style="list-style-type: disc;">flexible and extensible infrastructure</li>
<li class="listitem" style="list-style-type: disc;">multiple layers of API's for 3rd party extensions</li>
</ul>
</div>
<div style="text-align: justify;">
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/kcOzdpi8cwg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
</div>
<div style="text-align: justify;">
<br />
<b>Download Here :: </b>git clone git://git.netfilter.org/iptables.git<br />
<br />
<b>Official Website :: </b>http://www.netfilter.org/</div>
</div>

Netfilter (Firewalling, NAT and Packet Managing ) :: Tools

Netfilter is a powerful packet filter implemented in the standard Linux kernel. The userspace iptables tool is used for configuration...

OllyDbg (Assembler Level Analyzing Debugger) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
 <img alt="ollydbg logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1vAfnKJ8-M5K1EEHKBuj8uF-ShZ2QjcrkdqzH_9AvvZBe0jPW5tQro4dx5ZIgtPU7rUjz9j7Tk422LvIQgJGfgeBiUKQnaS5Ngm383C-Olp5HA0kUgIawNibxRhg1oc-TfiogFp2Asah4/s1600/ollydbg.gif" title="ollydbg logo" /><span style="font-size: x-large;">OllyDbg </span></div>
<div style="text-align: justify;">
<b>OllyDbg</b> is a 32-bit <i>assembler level analyzing debugger</i> for Microsoft  Windows. Emphasis on binary code analysis makes it particularly useful  in cases where source is unavailable.<b> OllyDbg</b> features an intuitive user  interface, advanced code analysis capable of recognizing procedures,  loops, API calls, switches, tables, constants and strings, an ability to  attach to a running program, and good multi-thread support. OllyDbg is  free to download and use but no source code is provided. </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/uydMlQlEiyc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
  </div>
<div style="text-align: justify;">
Download Here :: <a href="http://www.ollydbg.de/odbg110.zip" target="_blank">OllyDbg1.10.zip (for Windows)</a></div>
<div style="text-align: justify;">
Official Website :: http://www.ollydbg.de/</div>
</div>

OllyDbg (Assembler Level Analyzing Debugger) :: Tools

OllyDbg OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it par...

Kali Linux :: ToolWar

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Kali Linux :: ToolWar" border="0" height="219" src="http://www.kali.org/wp-content/uploads/2013/03/kali-home-large-slider2.jpg" title="Kali Linux :: ToolWar" width="320" /></div>
<br />
<div style="text-align: justify;">
<b>Kali Linux</b> is a newer version of BackTrack with additional tools. <b>Kali Linux</b> is a <b>Debian-derived Linux distribution</b> designed for forensics and penetration testing.  It is maintained and funded by Offensive Security Ltd. Mati Aharoni and  Devon Kearns of Offensive Security developed it by rewriting BackTrack, their previous forensics Linux distribution.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<sup class="reference" id="cite_ref-1"></sup></div>
<div style="text-align: justify;">
<a href="http://sdfa/" target="_blank"> </a></div>
<div style="text-align: justify;">
Kali is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), <i>Wireshark</i> (a packet analyzer), <i>John the Ripper</i> (a password cracker), and <i>Aircrack-ng</i> (a software suite for penetration-testing wireless LANs).<sup class="reference" id="cite_ref-arrives_2-0"></sup> Users may run <b>Kali Linux</b> from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.<sup class="reference" id="cite_ref-arrives_2-1"></sup></div>
<div style="text-align: justify;">
<a href="http://sdfa/" target="_blank"> </a></div>
<div style="text-align: justify;">
<b>Kali Linux</b> is distributed in 32- and 64-bit images for use on hosts based on the x86 instruction set, as well as an image for the ARM architecture for use on the Raspberry Pi computer and on Samsung's ARM Chromebook.</div>
<div style="text-align: justify;">
Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.</div>
<ul style="text-align: justify;">
<li><b>More than 300 penetration testing tools:</b>  After reviewing every tool that was included in BackTrack, we  eliminated a great number of tools that either did not work or had other  tools available that provided similar functionality.</li>
<li><b>Free and always will be:</b> Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.</li>
<li><b>Open source Git tree:</b> We are huge proponents of open source software and our development tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.</li>
<li><b>FHS compliant:</b> Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.</li>
<li><b>Vast wireless device support:</b>  We have built Kali Linux to support as many wireless devices as we  possibly can, allowing it to run properly on a wide variety of hardware  and making it compatible with numerous USB and other wireless devices.</li>
<li><b>Custom kernel patched for injection:</b>  As penetration testers, the development team often needs to do wireless  assessments so our kernel has the latest injection patches included.</li>
<li><b>Secure development environment:</b>  The Kali Linux team is made up of a small group of trusted individuals  who can only commit packages and interact with the repositories while  using multiple secure protocols.</li>
<li><b>GPG signed packages and repos:</b>  All Kali packages are signed by each individual developer when they are  built and committed and the repositories subsequently sign the packages  as well.</li>
<li><b>Multi-language:</b>  Although pentesting tools tend to be written in English, we have ensured  that Kali has true multilingual support, allowing more users to operate  in their native language and locate the tools they need for the job.</li>
<li><b>Completely customizable:</b>  We completely understand that not everyone will agree with our design  decisions so we have made it as easy as possible for our more  adventurous users to customize Kali Linux to their liking, all the way down to the kernel.</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/cLQ8Yd0C7sM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: center;">
</div>
<div style="text-align: left;">
<b>Download Here :: </b><a href="http://cdimage.kali.org/kali-images/kali-1.0.5/kali-linux-1.0.5-i386.iso" target="_blank">Kali Linux 1.0.5 32-bit ISO</a><b>
</b></div>
<div style="text-align: left;">
<b>Official Website :: </b> http://www.kali.org/</div>
<div style="text-align: justify;">
</div>
<sup class="reference" id="cite_ref-3"></sup>
<sup class="reference" id="cite_ref-3"></sup></div>

Kali Linux :: ToolWar

Kali Linux is a newer version of BackTrack with additional tools. Kali Linux is a Debian-derived Linux distribution designed for for...

XMPPloit - Attack XMPP Connections :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="XMPP-Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJbbgjGa7xols5pAsNzkM1VxoM5c361s5-R8quLAeqhK24S_-FJUhWnV6NmA7YYihS6gMpZsXAcmxfKvVwPvAx293lwDoPcJaQRz79xsMy9SDuaADWq_QG9HIv8dxxC9mPfHr1mvJcSX6w/s1600/xmpp+logo.png" title="XMPP Logo" /></div>
<div style="text-align: justify;">
<ins style="background-color: transparent; border: none; display: inline-table; height: 15px; margin: 0; padding: 0; position: relative; visibility: visible; width: 728px;"><ins id="aswift_0_anchor" style="background-color: transparent; border: none; display: block; height: 15px; margin: 0; padding: 0; position: relative; visibility: visible; width: 728px;"></ins></ins><b>XMPPloit</b> is a <i>command-line tool to attack 
XMPP connections</i>, allowing the attacker to place a gateway between the 
client and the server and perform different attacks on the client 
stream.
</div>
<div style="text-align: justify;">
The tool exploit implements vulnerabilities at the client & server side utilizing the <b>XMPP protocol.</b></div>
<div style="text-align: justify;">
The main goal is that all the process is transparently for the user and never replace any certificate (like HTTPS attacks).</div>
<div style="text-align: justify;">
<strong>Features</strong></div>
<ul style="text-align: justify;">
<li> Downgrade the authentication mechanism (can obtain the user credentials)</li>
<li>    Force the client not to use an encrypted communication</li>
<li>    Set filters for traffic manipulation</li>
</ul>
<div style="text-align: justify;">
Filters that have been implemented in this version for Google Talk are:</div>
<ul style="text-align: justify;">
<li>    Read all the the user’s account mails</li>
<li>    Read and modify all the user’s account contacts (being or not in the roster).</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Fj5kbwqXsqY?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://www.ldelgado.es/aplicaciones/xmpploit/XMPPloit.7z" target="_blank">XMPPloit (for Win)</a><b><br /></b></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.ldelgado.es/index.php?dir=aplicaciones/xmpploit </div>
</div>

XMPPloit - Attack XMPP Connections :: Tools

XMPPloit is a command-line tool to attack XMPP connections , allowing the attacker to place a gateway between the client and the serv...

Wireshark (Network Sniffer) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIXKZEaCap5FyeQq_elpCaFbSo5rm_6vAVL2LNDu72zCd8Qnwzu_G3xiHrnY315MDPZNhKjcTSOcUNnDkwE3kYkNPF1eFE9j2vrJThbYPSWrAXY8tsTyEfh4alG421fuXtQ7SsscKgK7BH/s1600/wireshark+logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="wireshark-logo" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIXKZEaCap5FyeQq_elpCaFbSo5rm_6vAVL2LNDu72zCd8Qnwzu_G3xiHrnY315MDPZNhKjcTSOcUNnDkwE3kYkNPF1eFE9j2vrJThbYPSWrAXY8tsTyEfh4alG421fuXtQ7SsscKgK7BH/s200/wireshark+logo.jpg" title="wireshark-logo" width="200" /></a></div>
<div style="text-align: justify;">
<b>Wireshark</b> is most usable <i>network sniffer software</i> that contains a lot small subprograms. <b>Wireshark</b> (known as Ethereal until a trademark dispute in Summer 2006)  is a fantastic open source multi-platform network protocol analyzer. It  allows you to examine data from a live network or from a capture file on  disk. You can interactively browse the capture data, delving down into  just the level of packet detail you need. <b>Wireshark</b> has several powerful  features, including a rich display filter language and the ability to  view the reconstructed stream of a TCP session. It also supports  hundreds of protocols and media types. A <a class="local" href="http://sectools.org/tool/tcpdump/">tcpdump</a>-like  console version named tshark is included. One word of caution is that  Wireshark has suffered from dozens of remotely exploitable security  holes, so stay up-to-date and be wary of running it on untrusted or  hostile networks (such as security conferences).</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/6X5TwvGXHP0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: left;">
<br />
<b>Download Here</b><b> ::</b> <a href="http://wiresharkdownloads.riverbed.com/wireshark/win32/Wireshark-win32-1.10.1.exe" target="_blank">Wireshark 1.10.1 (Windows x32)</a> & <a href="http://www.wireshark.org/download.html" target="_blank">Others </a></div>
<div style="text-align: left;">
<b>Official Website  ::</b> http://www.wireshark.org/</div>
</div>

Wireshark (Network Sniffer) :: Tools

Wireshark is most usable network sniffer software that contains a lot small subprograms. Wireshark (known as Ethereal until a tradema...

DNSMap (DNS Network Mapper) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
 <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtvLH9JV95_ugTvvdVTHaLKagKNfbMcFZroTS2L0UYmecPvN77x5zOtyG23Q0D_KhBl2itBUHXhGHB3ylnVmZDM_HbwONQVFB1JUPOEW8Ngr9Br57qzs4t-Gihxov75rM8h7TIgRrdf158/s1600/dnsmap.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dnsmap screenshot" border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtvLH9JV95_ugTvvdVTHaLKagKNfbMcFZroTS2L0UYmecPvN77x5zOtyG23Q0D_KhBl2itBUHXhGHB3ylnVmZDM_HbwONQVFB1JUPOEW8Ngr9Br57qzs4t-Gihxov75rM8h7TIgRrdf158/s400/dnsmap.png" title="dnsmap screenshot" width="400" /></a></div>
</div>
<div style="text-align: justify;">
<b>dnsmap</b> is a <i><span itemprop="description">Passive DNS network mapper a.k.a. subdomains bruteforcer</span></i>. <b>dnsmap</b> is mainly meant to be used by pentesters during the <i> information gathering/enumeration phase</i> of infrastructure security  assessments. During the enumeration stage, the security consultant would  typically discover the target company’s IP netblocks, domain names,  phone numbers, etc. dnsmap was included in Backtrack 2 and 3, although the version included is the now dated version 0.1.  </div>
<div style="text-align: justify;">
Subdomain brute-forcing is another technique that should be used in  the enumeration stage, as it’s especially useful when other domain  enumeration techniques such as zone transfers don’t work (I rarely see  zone transfers being publicly allowed these days by the way).<br />
<br />
obtain all IP addresses (A records) associated to each successfully  bruteforced subdomain, rather than just one IP address per subdomain, abort the bruteforcing process in case the target domain uses wildcards , ability to be able to run the tool without providing a wordlist by using a built-in list of keywords, bruteforcing by using a user-supplied wordlist (as opposed to the built-in wordlist).</div>
<h3 style="text-align: justify;">
New Improvements in Version 0.22 - </h3>
<div style="text-align: justify;">
saving the results in human-readable and CSV format for easy processing,fixed bug that disallowed reading wordlists with DOS CRLF format,improved built-in subdomains wordlist,new bash script (<code>dnsmap-bulk.sh</code>) included which allows  running dnsmap against a list of domains from a , user-supplied file.  i.e.: bruteforcing several domains in a bulk fashion, bypassing of signature-based dnsmap detection by generating a proper pseudo-random subdomain when checking for wildcards</div>
<div style="text-align: left;">
<h3 style="text-align: left;">
<span style="font-size: small;">Usage -</span></h3>
<br />
<pre><code>usage: dnsmap <target-domain> [options]
options:
-w <wordlist-file>
-r <results-path>
</code></pre>
</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/55ITD0hceio?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br />
<h3>
Example on Live Domain</h3>
The following is just an example so you get an idea of how dnsmap  works. Very simple to use as you can see. If you want to save the  results or use your own wordlist, checkout the usage syntax. Question  for those who pay attention to detail: <i>can you spot the potential leaks of internal IP addresses?</i>
<br />
<pre><code><span style="background-color: #ffd966;">
<span style="background-color: white;">$ dnsmap baidu.com
dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for baidu.com using built-in wordlist

accounts.baidu.com
IP address #1: 10.11.252.74

events.baidu.com
IP address #1: 202.108.23.40

finance.baidu.com
IP address #1: 60.28.250.196
IP address #2: 60.28.251.79
IP address #3: 60.28.251.206
IP address #4: 123.129.240.28
IP address #5: 123.129.240.29
IP address #6: 60.28.250.102
IP address #7: 60.28.250.111

forum.baidu.com
IP address #1: 202.108.250.212

images.baidu.com
IP address #1: 61.135.163.93

mail.baidu.com
IP address #1: 10.23.3.137

mobile.baidu.com
IP address #1: 202.108.23.125

mx.baidu.com
IP address #1: 61.135.163.61

mx1.baidu.com
IP address #1: 61.135.163.61

mx2.baidu.com
IP address #1: 61.135.163.62

mx3.baidu.com
IP address #1: 61.135.162.61

news.baidu.com
IP address #1: 61.135.163.87

ns1.baidu.com
IP address #1: 202.108.22.220

ns2.baidu.com
IP address #1: 61.135.165.235

ns3.baidu.com
IP address #1: 220.181.37.10

oracle.baidu.com
IP address #1: 172.18.0.50

photo.baidu.com
IP address #1: 61.135.163.93

photos.baidu.com
IP address #1: 61.135.163.93

pop.baidu.com
IP address #1: 61.135.166.249

proxy.baidu.com
IP address #1: 202.108.11.30

smtp.baidu.com
IP address #1: 61.135.163.61

vpn.baidu.com
IP address #1: 202.108.250.231

wap.baidu.com
IP address #1: 61.135.163.237

webmail.baidu.com
IP address #1: 61.135.166.249

win.baidu.com
IP address #1: 10.65.19.212

www.baidu.com
IP address #1: 220.181.5.222

www1.baidu.com
IP address #1: 220.181.5.222

www2.baidu.com
IP address #1: 202.108.22.136

www3.baidu.com
IP address #1: 202.108.22.188

[+] 29 (sub)domains and 35 IP address(es) found </span></span>
</code></pre>
</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://www.gnucitizen.org/static/blog/2009/03/dnsmap-0222tar.gz">dnsmap-0.22.2.tar.gz</a></div>
<div style="text-align: justify;">
<b>Source :: </b>http://code.google.com/p/dnsmap/</div>
</div>

DNSMap (DNS Network Mapper) :: Tools

dnsmap is a Passive DNS network mapper a.k.a. subdomains bruteforcer . dnsmap is mainly meant to be used by pentesters during the ...

Subscribe to: Posts ( Atom )