Unicornscan :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Unicornscan Logo" border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-Se65R6_fXbhsEvZ4OGb94u-Hutt37Pcs2drLQu7Mk9bGq9J2Z4v_z2fEgACR2By3wGwaimGRLdxDXBz6znTBTgn3m44TEEgIITTVw-YrbRClrzUCcIrvn4Rz-jcjutLIAfRSU1lnnYyq/s320/unicornscan+logo.png" title="Unicornscan Logo" width="320" /></div> <div style="text-align: justify;"> <b>Unicornscan </b>is a new<i> information gathering and correlation engine</i> built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. </div> <h4 style="text-align: justify;"> Benefits:</h4> <div style="text-align: justify;"> <b>Unicornscan</b> is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Although it currently has hundreds of individual features, a main set of abilities include: </div> <ul style="text-align: justify;"> <li> Asynchronous stateless TCP scanning with all variations of TCP Flags. </li> <li> Asynchronous stateless TCP banner grabbing </li> <li> Asynchronous protocol specific UDP Scanning (sending enough of a signature to elicit a response). </li> <li> Active and Passive remote OS, application, and component identification by analyzing responses. </li> <li> PCAP file logging and filtering </li> <li> Relational database output </li> <li> Custom module support </li> <li> Customized data-set views </li> </ul> <br /> <b>Video Tutorial ::</b> <a href="https://www.youtube.com/watch?v=u_nvGriEb9M" target="_blank">Click Here</a> <br /> <b>Download Here :: </b><a href="http://sourceforge.net/projects/osace/files/unicornscan/unicornscan%20-%200.4.7%20source/unicornscan-0.4.7-2.tar.bz2/download">Unicornscan - 0.4.7-2</a><br /> <b>Official Website :: </b>http://www.unicornscan.org/ </div>

Unicornscan :: Tools

Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing commu...

Read more »

Metasploit Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Metasploit Framework" border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRSOyPh20yguq6DjZOgkEcBHC8wQ_Io1QDFE0-kXz-N9y7eoKn8qmNGwMSzoLNGU14xryBBHoTyJIlzutFs5ok3tgblKnFB2yXitsliLOPa4eGDX0ubGavMFLynPT0JKFv4f_tnTkl8Hdn/s320/metasploit-framework-toolwar.png" title="Metasploit Framework" width="320" /></div> <div style="text-align: justify;"> <b>Metasploit Framework</b> is a most usable framework for exploiting network or servers. <b>Metasploit</b> <b>Framework</b> took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the <b>Metasploit Framework</b> as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is <i>Metasploitable,</i> an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers. </div> <div style="text-align: justify;"> <i><b>Metasploit</b></i> was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition (<i>$3,000</i> per year per user), and a full-featured Pro edition (<i>$15,000</i> per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less). </div> <div style="text-align: justify;"> The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs.</div> <div style="text-align: justify;"> The <b>Metasploit Project</b> is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.<br /> Its best-known sub-project is the open source.<sup class="reference" id="cite_ref-bsdlicense_1-1"></sup> <b>Metasploit Framework</b>, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.<br /> The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.<br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/q0xkf1g2mbY?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: left;"> <br /> <b>Download Here</b><b> ::</b> <a href="http://www.rapid7.com/products/metasploit/metasploit-community-registration.jsp" target="_blank">Metasploit Community Eddition</a></div> <div style="text-align: left;"> <u><b>Official Website</b> </u>:: http://www.metasploit.com/</div> </div> </div>

Metasploit Framework

Metasploit Framework is a most usable framework for exploiting network or servers. Metasploit Framework took the security world by st...

Read more »

3D Traceroute :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBJ4Xr604xfPWiWvBb3Aw8WC8JzrHpS4IdXHwZsvAKuDnn51KaLpu1Dgd-Paplt_znZOVLlOh34op8IXHV0WS3R0jj0OTBQ77qlSjjoSbSDmrRQDu-L60juD4COAGGYu1ruVPbo6XXf_AN/s1600/3d-traceroute+screenshot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="3D Traceroute screenshot" border="0" height="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBJ4Xr604xfPWiWvBb3Aw8WC8JzrHpS4IdXHwZsvAKuDnn51KaLpu1Dgd-Paplt_znZOVLlOh34op8IXHV0WS3R0jj0OTBQ77qlSjjoSbSDmrRQDu-L60juD4COAGGYu1ruVPbo6XXf_AN/s400/3d-traceroute+screenshot.gif" title="3D Traceroute screenshot" width="400" /></a></div> <ul style="text-align: justify;"> <li><b>3d traceroute display: </b>multiple graphics modification options</li> <li><b>statistics window: </b>min, max, average, standard deviation and history window with destination ping time</li> <li><b>as list:</b> the usual data view with lots of features</li> <li>long period Ping and HTTP monitor</li> <li><b>Whois query:</b> everything with only one click</li> <li><b>record and playback: </b>record any trace and playback step by step</li> <li><b>build in browser: </b>and the browser is already built in.</li> <li>ASN inspector</li> <li><b>NSLookup:</b> with UDP and TCP. And zone transfer capability.</li> <li><b>Day and Night trace:</b> Admins beloved toy</li> <li><b>Command-line execution mode: </b>full replacement for good old buddy tracert.</li> <li>passive OS fingerprinting</li> <li>three different Portscanner (knows 3,612 well known ports)</li> <li>analyze eMail headers: against RBLs</li> <li>Connection viewer: TCP, IP, UDP etc. statistics</li> <li><b>HTTP Spy: </b>query HTTP-headers and webpages</li> <li>Atomic Clock Sync</li> <li>ISO 3166 code browser</li> <li>build in TELNET client</li> <li>low CPU-Usage</li> <li>everywhere a usefull context menu</li> <li>Working with Windows 2000 and Windows XP, XP SP1 und XP SP2 (perhaps with Windows 98, 98SE or ME and NT4)</li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zw7cl_JtDWY?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>Download Here :: </b> <b> </b><a href="http://www.d3tr.de/downloads/d3tr-1-6-46-94.exe" target="_blank">3D Traceroute (for Windows)</a><br /> <b>Official Website :: </b>http://www.d3tr.de/ </div>

3D Traceroute :: Tools

3d traceroute display: multiple graphics modification options statistics window: min, max, average, standard deviation an...

Read more »

NetSleuth (Network Monitoring and Forensic Analysis) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="netsleuth logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnMrr3NyERcpGCqRi_R4P6lMHK0f1RnEnoloLM5uTw3-WmKU3ztlXHMM6wOMnFHty78NHNfF_VrPivDUL-BoT5R3gIrqaaMaGfAFMdVood9c8mcXv14tb5c7lO3Cw971VUfHUUyRc2qV0G/s1600/netsleuth+logo.png" title="netsleuth logo" /></div> <div style="text-align: justify;"> <span style="font-size: small;"><b>NetSleuth</b> is a free <i>network monitoring and forensic analysis tool.</i> NetSleuth identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.</span></div> <div style="text-align: justify;"> <span style="font-size: large;">NetSleuth features:</span></div> <div style="text-align: justify;"> </div> <ul style="text-align: justify;"> <li>A realtime overview of devices connected to a network.</li> <li>No requirement for hardware or reconfiguration of networks.</li> <li>“Silent portscanning” and undetectable network monitoring.</li> <li>Offline analysis of pcap files to aid in intrusion response and network forensics.</li> <li>Automatic identification of a vast array of device types, including smartphones, tablets, gaming consoles, printers, routers, desktops and more</li> </ul> <div style="text-align: justify;"> <span style="font-weight: normal;"><span style="font-size: large;">Silent PortScanning:</span></span></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> Many network devices broadcast various information across the network. Often this is for ‘zero configuration’ style services, for example Apple’s Bonjour protocol. This information often contains information on the machine, and services running on that device – great information for fingerprinting.</div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> For this reason, it is possible to obtain port scanning style information completely silently. NetSleuth also does not put the network adapters into promiscuous mode, mitigating some techniques to detect sniffing network adapters.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: large;">Offline Analysis :</span></div> <div style="text-align: justify;"> <span style="font-size: small;">A network capture from any network with consumer devices will contain a huge amount of rich broadcast traffic for analysis. NetSleuth can analyse and extract this data from .pcap files from Snort, Wireshark or other tools. It can also analyse data intercepted by Kismet (the .pcapdump) files.</span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: small;"><b>Tutorial [T] ::</b> <a href="http://netgrab.co.uk/blog/" target="_blank">Click Here</a></span></div> <div style="text-align: justify;"> <b><span style="font-size: small;">Download Here :: </span></b><span style="font-size: small;"><a href="https://dl.dropbox.com/u/89573721/NetSleuth%20Installer.msi" target="_blank">NetSleuth (for Windows)</a></span><b><span style="font-size: small;"><br /></span></b></div> <div style="text-align: justify;"> <span style="font-size: small;"><b>Official Website :: </b>http://netgrab.co.uk/netsleuth/ </span></div> </div>

NetSleuth (Network Monitoring and Forensic Analysis) :: Tools

NetSleuth is a free network monitoring and forensic analysis tool. NetSleuth identifies and fingerprints network devices by silent net...

Read more »

Firewalk (Network Security) : Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbgRWmUehqIWyGZoJXMGkeGJ6Adyg2kd1Nkij3CmxD2O-XBpIGbA8YfKq4tt7WQ08fNWxzGIr6MolNMNAIoH6YLFrOfxN646eLpW537-wWTMrl2wh-bI2JMptxMvOTPK9b6s0iEnu1kenq/s1600/firewalk.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbgRWmUehqIWyGZoJXMGkeGJ6Adyg2kd1Nkij3CmxD2O-XBpIGbA8YfKq4tt7WQ08fNWxzGIr6MolNMNAIoH6YLFrOfxN646eLpW537-wWTMrl2wh-bI2JMptxMvOTPK9b6s0iEnu1kenq/s320/firewalk.gif" width="320" /></a></div> <div style="text-align: justify;"> <b>Firewalk</b> is an <b>active reconnaissance network security tool</b> that attempts to determine what layer 4 protocols a  given IP forwarding device will pass. Firewalk  works  by sending out TCP or UDP packets with a TTL one greater than the targeted gateway.  If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit an ICMP_TIME_EXCEEDED  message.  If the gateway hostdoes not allow the traffic, it will likely drop the packets on  the floor and we will see no response.</div> <div style="text-align: justify;"> To get  the  correct  IP  TTL that will result in expired packets one beyond the gateway we need  to  ramp  up  hop-counts.   We  do  this  in the same manner that traceroute works.  Once we have the gateway hopcount (at  that point the scan is said to be `bound`) we can begin our scan.</div> <div style="text-align: justify;"> It is significant to note the fact that the ultimate destination host does not have to be reached.  It just  needs to be somewhere downstream, on the other side of the gateway, from the scanning host.</div> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/VWNnAcrpZ_4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>Download Here :: </b><a href="http://packetfactory.openwall.net/firewalk/dist/firewalk.tar.gz" target="_blank">Firewalk 5.0 (for Linux)</a> <b> </b><br /> <b>Official Website :: </b>http://packetfactory.openwall.net/projects/firewalk/</div>

Firewalk (Network Security) : Tools

Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a  given IP forwarding de...

Read more »

KOLKATA (Web Application Fingerprinting) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="kolkata web application fingerpriniting tool" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjblh7okaX78YSdEtAzJwG8C6OYlRXWupeC8svbS39nXWePEaV3Mo3xwGCYqinIFajRoXhBNxjZq6rPBWvgB2KbTQUATdjhFPRbPkVyKrcJykmaOUlLLJs27Q6mzqszFpUXleLMIcCjPYT-/s1600/Web-App-fingerprint-sized-293x150.jpg" title="kolkata web application fingerpriniting tool" /></div> <div style="text-align: justify;"> <b>Kolkata</b> is a <i>web application fingerprinting engine</i> written in <a href="http://www.toolwar.com/2013/09/perl-language.html" target="_blank" title="Perl">Perl</a> that combines cryptography with IDS evasion. Kolkata uses session splicing for IDS evasion and configurable checksums of static files in order to determine the version of a web application. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Download Here ::</b> <a href="http://www.blackhatlibrary.net/releases/kolkata.tgz" target="_blank">Kolkata.tgz</a> </div> <div style="text-align: justify;"> <b>Official Website ::</b> http://www.blackhatlibrary.net/Kolkata</div> </div>

KOLKATA (Web Application Fingerprinting) :: Tools

Kolkata is a web application fingerprinting engine written in Perl that combines cryptography with IDS evasion. Kolkata uses session ...

Read more »

Hyenae (Network Packet Generator) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBMOLR2ZTa5RSR8Ux4czLsXWaN9-LIIMiXjO7bHfNrMnqzxEK_pH_fwpipilVGQ9N-wcK531BpSUSESlvGQb9JJZTY7zskNPggwFuJQGEQCdlqHYq6-Potb1RxU6O1kCfmV5GsbTWu1dek/s1600/hyenae+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Hyenae logo" border="0" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBMOLR2ZTa5RSR8Ux4czLsXWaN9-LIIMiXjO7bHfNrMnqzxEK_pH_fwpipilVGQ9N-wcK531BpSUSESlvGQb9JJZTY7zskNPggwFuJQGEQCdlqHYq6-Potb1RxU6O1kCfmV5GsbTWu1dek/s400/hyenae+screenshot.jpg" title="Hyenae logo" width="400" /></a></div> <div style="text-align: justify;"> <b>Hyenae</b> is a highly flexible platform independent <b>network packet generator</b>. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.</div> <div style="text-align: justify;"> <br /></div> <br /> <br /> <header> <div style="text-align: left;"> <span style="font-size: large;">Features :-</span></div> </header> <br /> <ul class="features"> <li class="feature">ARP-Request flooding</li> <li class="feature">ARP-Cache poisoning</li> <li class="feature">PPPoE session initiation flooding</li> <li class="feature">Blind PPPoE session termination</li> <li class="feature">ICMP-Echo flooding</li> <li class="feature">ICMP-Smurf attack</li> <li class="feature">ICMP based TCP-Connection reset</li> <li class="feature">TCP-SYN flooding</li> <li class="feature">TCP-Land attack</li> <li class="feature">Blind TCP-Connection reset</li> <li class="feature">UDP flooding</li> <li class="feature">DNS-Query flooding</li> <li class="feature">DHCP-Discover flooding</li> <li class="feature">DHCP starvation attack</li> <li class="feature">DHCP-Release forcing</li> <li class="feature">Cisco HSRP active router hijacking</li> <li class="feature">Pattern based packet address configuration</li> <li class="feature">Intelligent address and address protocol detection</li> <li class="feature">Smart wildcard-based randomization</li> <li class="feature">Daemon for setting up remote attack networks</li> <li class="feature">HyenaeFE QT-Frontend support</li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/uQsNb88coa4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: center;"> <b><br /></b></div> <div style="text-align: left;"> <b>Download Here :: </b><a href="http://sourceforge.net/projects/hyenae/files/latest/download" target="_blank">Hyenae 0.36 (for Windows)</a><b><br /></b></div> <div style="text-align: left;"> <b>Source ::</b> http://sourceforge.net/projects/hyenae/</div> <ul class="features"> </ul> <div style="text-align: justify;"> </div> </div>

Hyenae (Network Packet Generator) :: Tools

Hyenae is a highly flexible platform independent network packet generator . It allows you to reproduce several MITM, DoS and DDoS atta...

Read more »

GeoIPgen (Country-to-IPs-Generator) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="geoipgen icon" border="0" height="144" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi68UPK43K-SzwK60RkMTvy0xb1PYYUvt2edO0JjB8s4eBkj7wRgg5laEl91xLPBdhRxrfy9VhxOsujk66yFWJhbj974NCWR8v98dv5HLmmk6c-p04hz4YTY90_SmSi3rSr1_hEJeDbRpYW/s640/geoipgen+icon.jpg" title="geoipgen icon" width="640" /></div> <div style="text-align: justify;"> <b>GeoIPgen</b> is a <b>country-to-IPs generator</b>. It’s a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. </div> <div style="text-align: justify;"> <b>Geoipgen</b> is the first published software that uses a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country to produce the complete set of IP addresses for a country. Previously software has generated IP address ranges so that entire countries can be blocked by a firewall and the technique used by geoipgen has been discussed before by the GNUcitizen researchers.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Downlaod Here :: </b><a href="http://geoipgen.googlecode.com/files/geoipgen-0.4.tar.gz" target="_blank">GeoIPgen v0.4 (for Linux)</a><b><br /></b></div> <div style="text-align: justify;"> <b>Tutorial & Official Website ::</b> http://www.morningstarsecurity.com/research/geoipgen</div> </div>

GeoIPgen (Country-to-IPs-Generator) :: Tools

GeoIPgen is a country-to-IPs generator . It’s a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country datab...

Read more »

Geo Spider (Monitoring Network Activity on Map) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbWV44FLZKalMnAjREF-I6OdDsUwc8q8EwkD0Vrz9v6_qfsLxumQAmI7V2QA5jjDvQHv_lphNXWDOoh8mNq087eIot2qjII9DGgbyhpiaOgFKnltL02GivcLVY4D_Fc7TFi3uqF0qBSUYm/s1600/GEO_Spider.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="geospider logo" border="0" height="280" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbWV44FLZKalMnAjREF-I6OdDsUwc8q8EwkD0Vrz9v6_qfsLxumQAmI7V2QA5jjDvQHv_lphNXWDOoh8mNq087eIot2qjII9DGgbyhpiaOgFKnltL02GivcLVY4D_Fc7TFi3uqF0qBSUYm/s400/GEO_Spider.jpg" title="geospider logo" width="400" /></a></div> <div style="text-align: justify;"> <b>GEO Spider</b> helps you to <b>trace, identify and monitor your network activity on world map</b>. You can trace any website or IP address on the Earth. Built on <b>.NET technology</b> GEO Spider uses fast and reliable approach in detecting hostnames, IP addresses, domain names. </div> <div style="text-align: justify;"> While many IP lookup tools only provide network provider locations, GEO Spider uses unique IP location engine to provide a much higher level of accuracy by identifying the actual physical city and country location of servers and routers. GEO Spider can analyze and trace all network applications on the fly, including HTTP/HTTP.</div> <h4 style="text-align: justify;"> How does GEO Spider work?</h4> <div style="text-align: justify;"> GEO Spider monitors all your network activity and shows full information about each connection. All connections are passed through GEO Spider Spy engine, so you can trace all your connections (where you have been in the world and where you located now). GEO Spider expands your Windows tools to provide magic versatility. It will make a great addition to your network toolkit.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Trial Download Here :: </b><a href="http://oreware.com/download_prog.php?id_prog=22" target="_blank">Geo Spider (for Windows)</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://oreware.com/</div> </div>

Geo Spider (Monitoring Network Activity on Map) :: Tools

GEO Spider helps you to trace, identify and monitor your network activity on world map . You can trace any website or IP address on the...

Read more »

eMailTrackerPro :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipm5lCo7c-C8Zh8fBebeme0YA0c8SYv4pY8x8hgwDgSrpTJjQtw1od8KHEPNCkJmMqdpYmzJ9KP_Xh5WzwvdEwcsuvgZPv9plIDzbPLfy6hzyfH484jFfbGp6xtgCHpg7yDFPfJGT2Hche/s1600/emailtrackerpro+logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="emailtrackerpro logo" border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipm5lCo7c-C8Zh8fBebeme0YA0c8SYv4pY8x8hgwDgSrpTJjQtw1od8KHEPNCkJmMqdpYmzJ9KP_Xh5WzwvdEwcsuvgZPv9plIDzbPLfy6hzyfH484jFfbGp6xtgCHpg7yDFPfJGT2Hche/s320/emailtrackerpro+logo.jpg" title="emailtrackerpro logo" width="320" /></a></div> <div style="text-align: justify;"> <b>eMailTrackerPro </b>is a <b>email tracking tool</b> for emails that trace the location of email as well as it provides additional facilities like report abuse and spam filter. Over 97% of all email is spam. Spam can be harmless but annoying, it can contain viruses or it can try and trick someone into giving up personal details which in turn leads to identity fraud. EmailTrackerPro not only offers the ability to <b>trace an email</b> using the email header but it also comes with a <b>spam filter</b> (advanced edition), which scans each email as it arrives and warns the user if it's suspected spam. Essentially stopping spam email before it reaches its intended recipient. Pro version available at $29.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: small;">An email 'header' contains all the information required to track where it came from. It holds the footprint of each server the email travelled through which in almost all cases leads us back to the city/town the email originated.  </span></div> <div style="text-align: justify;"> <span style="font-size: small;"><br /> </span></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="color: #333333;">Whois information is essentially contact details for the organization that registered/is responsible for the IP address or website being traced. Also uncovered are any services running on the destination machine.</span></span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="color: #333333; font-size: 14px;"><span style="font-size: small;"><span style="color: #333333;">The most valuable feature is the ability to trace more than one IP address or domain name at a time. <b>Trace as many IP addresses and domain names as required</b> and either output the results to a new tab or an Excel/HTML file.</span></span></span></div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/smoGpdnGgVg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <span style="color: #333333; font-size: 14px;"><span style="font-size: small;"><span style="color: #333333;"><b>Trial Download Here ::</b> <a href="http://download.visualware.com/pub/emt/emt.exe" target="_blank">eMailTrackerPro v10.0b (for Windows)</a></span></span></span></div> <div style="text-align: justify;"> <span style="color: #333333; font-size: 14px;"><span style="font-size: small;"><span style="color: #333333;"><b>Official Website ::</b>  http://www.emailtrackerpro.com/</span></span> </span></div> </div>

eMailTrackerPro :: Tools

eMailTrackerPro is a email tracking tool for emails that trace the location of email as well as it provides additional facilities like ...

Read more »

Magic NetTrace :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitcGgXxKhw9H9P_fygc4LLDsJnd8VStH1ul7w-vpicdfdC-F1Ou1TEIdQH6b5SHTf2nkgazZb1ZpBiixzBylT9X680Lj6m2tGdHQh98pOtALd6-1SYITPaEVswwG4CfsneY5wB-BvYE8Xf/s1600/magic+nettrace+logo.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="magic nettrace" border="0" height="284" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitcGgXxKhw9H9P_fygc4LLDsJnd8VStH1ul7w-vpicdfdC-F1Ou1TEIdQH6b5SHTf2nkgazZb1ZpBiixzBylT9X680Lj6m2tGdHQh98pOtALd6-1SYITPaEVswwG4CfsneY5wB-BvYE8Xf/s400/magic+nettrace+logo.gif" title="magic nettrace" width="400" /></a></div> <div style="text-align: justify;"> <b>Magic NetTrace</b> is an<b> IP Tracer software</b> with multithreading that will let you know the exact route the signal goes from your PC to any host or IP in the Web. The tool runs whois queries for all intermediate routing nodes, looking up their IP addresses and domain names. You can also ping the host to check accessibility. The program features a multithreading architecture, integration with IExplorer and multilingual support. The 'magic' of the IP Tracer utility, making it pre-eminent among the similar software, lies within the unique multithreading system. <b>Magic NetTrace</b> doesn't require the host's reply before sending a request to another host, as the tool simultaneously tracks the entire amount of routes between hosts. Such an advanced tracking scheme provides the results with the best speed possible. Convenience is not an empty sound for the creators of<b> Magic NetTrace.</b> The program integrates with Internet Explorer 5.0 or higher, allowing you to use the tool's features right in the browser window. One click on a special button located on the IExplorer's toolbar will launch the tracking right away. It'll trace the route to the host displayed in the IE address bar. The worldwide popularity of Magic NetTrace led to the implementation of multilingual support. The utility supports English, French, German, Dutch, Catalan, Greek, Italian, Spanish. </div> <div style="text-align: justify;"> <b><br /></b></div> <div style="text-align: justify;"> <b>Trial Download Here ::</b> <a href="http://www.tialsoft.com/download/?url=http://www.tialsoft.com/mNTr.exe" target="_blank">Magic NetTrace (for Windows)</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.tialsoft.com/mnettrace/</div> </div>

Magic NetTrace :: Tools

Magic NetTrace is an IP Tracer software with multithreading that will let you know the exact route the signal goes from your PC to an...

Read more »

Fake AP :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="desc" style="text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjD01ZyILKGZU3_vKqybniILm8PnGW4hHNxpKqIvTm8x-_SDhQDADGT3GGh8Yr3SHo_mG-K5MnE3aYO0q-89gosZWfpljnifcowQ6Igrwp6ZMGtpezr2A4Mi4D6FGDimBX63hBdc191DpEl/s1600/fakeap+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="fakeap logo" border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjD01ZyILKGZU3_vKqybniILm8PnGW4hHNxpKqIvTm8x-_SDhQDADGT3GGh8Yr3SHo_mG-K5MnE3aYO0q-89gosZWfpljnifcowQ6Igrwp6ZMGtpezr2A4Mi4D6FGDimBX63hBdc191DpEl/s400/fakeap+logo.png" title="fakeap logo" width="400" /></a><b> </b></div> <div class="desc" style="text-align: justify;"> <b>Black Alchemy's Fake AP</b> <i>generates thousands of counterfeit 802.11b access points</i>. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL. If one access point is good, 53,000 must be better. </div> <div class="desc" style="text-align: justify;"> <br /></div> <div class="desc" style="text-align: justify;"> <b>Tutorial ::</b> <a href="http://wirelessdefence.org/Contents/FakeAPMain.htm" target="_blank">Click Here</a></div> <div class="desc" style="text-align: justify;"> <b>Download Here :: </b><a href="http://www.blackalchemy.to/project/fakeap/download.php?name=fakeap-0.3.2.tar.gz" target="_blank">FakeAP 0.3.2.tar.gz</a><b><br /></b></div> <div class="desc" style="text-align: justify;"> <b>Official Website ::</b> http://www.blackalchemy.to/project/fakeap/</div> </div>

Fake AP :: Tools

  Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points . Hide in plain sight amongst Fake AP's cac...

Read more »

NetworkMiner (Network Forensic Analysis) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAUyLaa-4IUXQhqdk1vjKovp6WTv_5eISsJ6e0S9fMbM46pUcuBL5l6HBCw26trrKD3gQXOFVcZRLJH91as_Np8Y40zYp35kl3IrOhqyplr0kuUgIKK2ryR-LlGvaCBJkZtW6pr3ip7wDQ/s1600/network+miner+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAUyLaa-4IUXQhqdk1vjKovp6WTv_5eISsJ6e0S9fMbM46pUcuBL5l6HBCw26trrKD3gQXOFVcZRLJH91as_Np8Y40zYp35kl3IrOhqyplr0kuUgIKK2ryR-LlGvaCBJkZtW6pr3ip7wDQ/s200/network+miner+logo.png" width="200" /></a></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>NetworkMiner</b> is a<b> Network Forensic Analysis Tool (NFAT)</b> for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. <b>NetworkMiner</b> can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. </div> <div style="text-align: justify;"> <b>NetworkMiner</b> collects data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main user interface view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames). </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/6yb5r9XQ0qs?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://www.netresec.com/?download=NetworkMiner" target="_blank">NetworkMiner (free eddition)</a><b> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b> http://www.netresec.com/?page=NetworkMiner</div> </div>

NetworkMiner (Network Forensic Analysis) :: Tools

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkM...

Read more »

Network Spoofer :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="networkspoofer logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMN4hwc7eZbm9Dew4yvfHeZ3h_ZmsU3kIYaAkYuXUGfSKq3bsBTwcwY9sxW6EFuo-bASkp58Xm2YHgA_kxBUZbnkDfEaxYb9zy5Txmq38Z0h75buZVzIPnYepDMjmp6myAK8X4JNsRLAhA/s1600/networkspoofer-logo.png" title="networkspoofer logo" /></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>Network Spoofer</b> lets you change websites on other people’s computers – from your phone.</div> <div style="text-align: justify;"> Please note that there is no intention for <b>Network Spoofer</b> to include any malicious features. This application is a fun demonstration of how vulnerable home networks are to simple attacks, with permission of the network owner – DO NOT attempt to use Network Spoofer on any corporate or other non-residential networks (eg. at school, university). It becomes very obvious when Network Spoofer is being used on a Network, and use of Network Spoofer will be considered malicious hacking by network administrators. You have been warned.</div> <b> </b> <b> </b><br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FR9vFmxNLKI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b>Download Here ::</b>  <a href="http://digitalsquid.co.uk/dl/android-netspoof-0.9.apk" target="_blank">Network Spoofer 0.9</a> <b>Official Website :: </b>http://digitalsquid.co.uk/netspoof/</div>

Network Spoofer :: Tools

Network Spoofer lets you change websites on other people’s computers – from your phone. Please note that there is no intention for ...

Read more »

FOCA (Metadata Analyzer) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="foca logo toolwar" border="0" height="163" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_r5MVkxBwNCvxK4jGg_H_RQHnfDhbTNp2Ed3tEy8FL8RJflwgVTcEHORzatASmF21pYF3JkyjxWwvdkXkQPlEFQ9LqD0YSXkcSyanqj0nX60zI8V7FRSOWyo3v2q1_uhF7VZYi4VsChVJ/s400/foca+logo.jpg" title="foca logo toolwar" width="400" /></div> <div style="text-align: justify;"> <b>FOCA</b> will <b>analyze metadata</b> from Microsoft Office Documents, PDF files, Open Office Files and Word Perfect files, EXIF Metadata out of images and the best part is that you can add the files you collected manually or found and downloaded thru web searches using Google and Live Search witch makes it extremely flexible for pentests. it will enumerate Users, Folders, Printers, Emails and the version of Software used to create the file. This tool will run on Windows XP and Windows Vista, I found it to be really unstable in Windows 7 Beta.</div> <div style="text-align: justify;"> <b>FOCA</b> means seal in Spanish language. <b>FOCA</b> or <b>Fingerprinting Organizations with Collected Archives</b> is a tool to discover files on target website and extract metadata from it. FOCA is a Windows based tool for the metadata extraction. It provides a GUI for easy usage. FOCA basically uses search engines for the purpose of discovering files and extracts metadata from them. There also exists an online version of the application, which can be found at http://www.informatica64.com/foca/ </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/c2LSHt8HB34?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://dl2.downloadcrew.com/?r=SBPN%2FSBPN_3.0.mvc&t=1382010847&c=c77d0352a0aaf602ef24185ec25a0bdc6fe7b201&sw=22211" target="_blank">FOCA 3.0</a><b> </b></div> <div style="text-align: justify;"> <b>Online Version :: </b>http://www.informatica64.com/foca/ </div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.informatica64.com/foca.aspx</div> </div>

FOCA (Metadata Analyzer) :: Tools

FOCA will analyze metadata from Microsoft Office Documents, PDF files, Open Office Files and Word Perfect files, EXIF Metadata out of...

Read more »

OpenSCAP :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="openscap logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXQFj4zLeCW14YEVKoqD8MA3fWadKIZo-_UJ6_GUaXS8XEx85KgovsQNqIQM9VbWcOQV7B_waPPpDlc9txypQddRoEgzz-bnZoHLzIalEcR8xhVoDKoglRqmBHG6aSJZNh5NyrnFUrUOCe/s1600/open-scap-logo_small.png" title="openscap logo" /></div> <div style="text-align: justify;"> The <b>OpenSCAP </b>Project is created to provide an open-source framework to the community which enables integration with the <i>Security Content Automation Protocol (SCAP) suite</i> of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP. </div> <div style="text-align: justify;"> <b>SCAP </b>is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Text Tutorial :: </b><a href="http://www.open-scap.org/page/Documentation" target="_blank">Click Here </a></div> <div style="text-align: justify;"> <b>Download Here ::</b> <a href="http://www.open-scap.org/page/Download" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.open-scap.org/page/Main_Page </div> </div>

OpenSCAP :: Framework

The OpenSCAP Project is created to provide an open-source framework to the community which enables integration with the Security Conten...

Read more »

BoNeSi (DDoS Botnet Simulator) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="botnet image" border="0" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb2QJrXDxPXxucvDRBpPq9Z0JXDanBCAptS0_mEXCfxC8HUvUncdsBgLZvtOinpVWo7fsxlPIlk6KnwB9UJQiV-A7VQ-2chiZLnXC9t4T9ZVXVWV9kcB5EqMRnQbHQVE4J7zd60XDXOJHz/s640/botnet.jpg" title="botnet image" width="640" /></div> <div style="text-align: justify;"> <b>BoNeSi</b>, the <i>DDoS Botnet Simulator</i> is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks. <br /> <br /> <b>BoNeSi</b> generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly configurable and rates, data volume, source IP addresses, URLs and other parameters can be configured. <br /> <br /> There are plenty of other tools out there to spoof IP addresses with UDP and ICMP, but for TCP spoofing, there is no solution. BoNeSi is the first tool to simulate HTTP-GET floods from large-scale bot networks. BoNeSi also tries to avoid to generate packets with easy identifiable patterns (which can be filtered out easily). <br /> <br /> We highly recommend to run BoNeSi in a closed testbed environment. However, UDP and ICMP attacks could be run in the internet as well, but you should be carefull. HTTP-Flooding attacks can not be simulated in the internet, because answers from the webserver must be routed back to the host running BoNeSi. <br /> <br /> <b>BoNeSi</b> sniffs for TCP packets on the network interface and responds to all packets in order to establish TCP connections. For this feature, it is necessary, that all traffic from the target webserver is routed back to the host running BoNeSi </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Download Here ::</b> <a href="http://bonesi.googlecode.com/files/bonesi-0.2.0.tar.gz" target="_blank">BoNeSi 0.2.0.tar.gz</a></div> <div style="text-align: justify;"> <b>Source ::</b> http://code.google.com/p/bonesi/</div> </div>

BoNeSi (DDoS Botnet Simulator) :: Tools

BoNeSi , the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study t...

Read more »

Nemesis (Network Packet Cracking and Injection) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-s3afX0EXdm4TbrREj68-f68bnfV1HdgiSTHDg1ooUrgnhItFtDAl-A2gHMcASeRVpVET3owvlrgqbzur2TzDl08oRCUQ7uKwj5LQraaXmWkVd0t8bdYIAdZw9bM2WflkunL30xPMJov1/s1600/nemesis+packet+logo.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nemesis packet logo" border="0" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-s3afX0EXdm4TbrREj68-f68bnfV1HdgiSTHDg1ooUrgnhItFtDAl-A2gHMcASeRVpVET3owvlrgqbzur2TzDl08oRCUQ7uKwj5LQraaXmWkVd0t8bdYIAdZw9bM2WflkunL30xPMJov1/s320/nemesis+packet+logo.JPG" title="nemesis packet logo" width="320" /></a> </div> <div style="text-align: justify;"> <b>Nemesis</b> is a <i>command-line network packet crafting and injection</i> utility for UNIX-like and Windows systems. <b> Nemesis</b>, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis is perfect for automation and scripting. <br /> <b>Nemesis</b> can natively craft and inject ARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP packets. Using the IP and the Ethernet injection modes, almost any custom packet can be crafted and injected.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Tutorial ::</b> http://nemesis.sourceforge.net/docs.html </div> <div style="text-align: justify;"> <b>Download Here ::</b> <a href="http://prdownloads.sourceforge.net/nemesis/nemesis-1.4.tar.gz?download" target="_blank">Nemesis v1.4</a><b> </b>(for Linux)</div> <div style="text-align: justify;"> <b>                             </b>  <a href="http://prdownloads.sourceforge.net/nemesis/nemesis-1.4.zip?download" target="_blank">Nemesis v1.4</a> (for Windows) <b><br /></b></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://nemesis.sourceforge.net/ </div> </div>

Nemesis (Network Packet Cracking and Injection) :: Tools

  Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis , is w...

Read more »

FCrackZip (Zip Password Cracking) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: center;"> <div class="separator" style="clear: both; text-align: center;">   <img alt="fcrackzip logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSgel7QEhzvg3sjlQiAoh8uDfpB8zCOdfkeKjANEIMZV5Flxg_EVhORQW0dE5QrCc6S3T3RdemcSONyqIdkgEJSqJ-yx_MmROpq0WiwpV3rS0LQkGb-ptr1W_-dH6GQ7djvloRLbG6Ashn/s1600/fcrackzip.png" title="fcrackzip logo" /></div> </div> <div style="text-align: justify;"> <b>FCrackZip </b>is a <i>zip password cracking tool</i>. Naturally, programs are born out of an actual need. The situation with <b>fcrackzip</b> was no different... I'm not using zip very much, but recently I needed a password cracker. "Sure", I thought, "there are hundreds of them out there, I'll just gonna get one!". This wasn't so easy, in fact, none of the zipcrackers I found were able to find the passwords, either they didn't accept more than one zipfile, were awfully slow, or didn't do brute force attacks (which I needed). The worst thing was: no source!. Why is no source! such a bad thing? [insert big chapter about the free software spirit here, anyway people will never learn... You will find reasons why it's much better to provide source to your programs here, at opensource.org, and here, at the Free Software Foundation. Now, what are the features of fcrackzip? </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/GCeiVXfx8Do?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://oldhome.schmorp.de/marc/data/fcrackzip-bin-win32-0.3.zip">fcrackzip-bin-win32-0.3.zip</a> (for Windows)</div> <div style="text-align: justify;"> <b>                                </b><a href="http://oldhome.schmorp.de/marc/data/fcrackzip-1.0.tar.gz">fcrackzip-1.0.tar.gz</a> (for Linux)<b> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b> http://oldhome.schmorp.de/marc/fcrackzip.html</div> </div>

FCrackZip (Zip Password Cracking) :: Tools

  FCrackZip is a zip password cracking tool . Naturally, programs are born out of an actual need. The situation with fcrackzip was n...

Read more »

Technitium MAC Address Changer v6 :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ47skucHv9TDKOy230WWlfwDQTF8q0PqYuCCWtvWnfz7nQW8a2bbu5-LhtA4-2tbqphHlj_WUnV8yuHREC_nJk3lMwTYqqALDdDf9lACIyW5jAROKt-Tupy-hsWkfR-91v7vIcgvYIbuJ/s1600/mac-address-changer-screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="mac address changer screenshot" border="0" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ47skucHv9TDKOy230WWlfwDQTF8q0PqYuCCWtvWnfz7nQW8a2bbu5-LhtA4-2tbqphHlj_WUnV8yuHREC_nJk3lMwTYqqALDdDf9lACIyW5jAROKt-Tupy-hsWkfR-91v7vIcgvYIbuJ/s320/mac-address-changer-screenshot.png" title="mac address changer screenshot" width="320" /></a></div> <div class="Verdana" style="text-align: justify;"> <span style="font-size: small;">Technitium MAC Address Changer allows you to change (spoof) Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box.</span></div> <div style="text-align: justify;"> </div> <div class="Verdana" style="text-align: justify;"> <span style="font-size: small;">There are some famous, commercial tools available in the market for USD 39.99 to as much as USD 2499!, but Technitium MAC Address Changer is available for FREE. We don't charge for just changing a registry value! Also knowing how this works doesn't require extensive research as some commercial tool providers claim! Read how it works (below) for more details.</span></div> <div class="Verdana" style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/TOBJabKOaaI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="Verdana" style="text-align: justify;"> </div> <div class="Verdana" style="text-align: justify;"> </div> <div class="Verdana" style="text-align: justify;"> <br /> <b><span style="font-size: small;">Download Here :: </span></b><span style="font-size: small;"><a href="http://go.technitium.com/fwlink/?id=13" target="_blank">Technitium MAC Address Changer v6</a></span></div> <div class="Verdana" style="text-align: justify;"> <span style="font-size: small;"><b>Official Website :: </b>http://www.technitium.com </span></div> </div>

Technitium MAC Address Changer v6 :: Tools

Technitium MAC Address Changer allows you to change (spoof) Media Access Control (MAC) Address of your Network Interface ...

Read more »

Ncrack (High-speed Network Authentication Cracking Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="ncrack logo" border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTZ3lIMmsg2bXFQ3EfDcXfWLUJYog8aMnAtiIuV7NgIFh5oFH9Cs8lIdCCaS_kVyWFjG3wzkScAgwHcpPTnk5dnBtQS-drog-Hs0joSkX89M1wR7jfrG6DXK-qbBc19tSAKwdvG0eWaygL/s320/ncrack_logo.png" title="ncrack logo" width="284" /></div> <div style="text-align: justify;"> <b>Ncrack</b> is a <i>High-speed Network Authentication Cracking Tool</i>. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on <b>Ncrack</b> when auditing their clients. <b>Ncrack</b> was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts. </div> <div style="text-align: justify;"> <b>Ncrack's</b> features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet. </div> <div style="text-align: justify;"> <b>Ncrack</b> was started as a "<i>Google Summer of Code"</i> Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool and can be downloaded from the section below. Be sure to read the Ncrack man page to fully understand Ncrack usage. If you are a developer and want to write your own Ncrack modules, studying the Ncrack Developer's Guide would be the first step. </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/bmldcBOxyvc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b> Download Here ::</b> <a href="http://nmap.org/ncrack/dist/ncrack-0.4ALPHA-setup.exe">ncrack-0.4ALPHA-setup.exe</a><b> (</b>for Windows)</div> <div style="text-align: justify;">                                <a href="http://nmap.org/ncrack/dist/ncrack-0.4ALPHA.tar.gz">ncrack-0.4ALPHA.tar.gz</a> (for Linux) </div> <div style="text-align: justify;"> <b>Official Website ::</b> http://nmap.org/ncrack/ </div> </div>

Ncrack (High-speed Network Authentication Cracking Tool) :: Tools

Ncrack is a High-speed Network Authentication Cracking Tool . It was built to help companies secure their networks by proactively test...

Read more »

VAST (VIPER Assessment Security Tools) :: Distribution

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;">  <img alt="VAST Linux Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzXoQr64-bFgc0IjRQl4rz17tbSJQ_Vj22HSQlOjJddv5DmqTlVr61mqn2Nc35eFezk41f0Qf5npwsgbat_ixW8ONQdn4qOP1IsVzK931BWqtLc_4On2aZJNExbH13r7z6QqDHexFIWVrj/s1600/vast+linux+logo.png" title="VAST Linux Logo" /></div> <div style="text-align: justify;"> <b>VAST</b> is a <i>VIPER Assessment Security Tools Linux security distribution</i>. <b>VAST</b> is a Linux-based security distribution specifically designed for <b>Pentesting VoIP and UC networks.</b> It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment. With VAST, a security consultant has every tool necessary to carry out a successful onsite or remote penetration test or vulnerability assessment against a UC network. VAST is built on Mint Linux 13 and includes all of the open source VIPER Lab tools, in addition to some other network pentest tools.</div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/j3gKnMAMLbs?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://sourceforge.net/projects/vipervast/files/VAST3.1/vast.iso/download" target="_blank">VAST Distribution</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://vipervast.sourceforge.net/ </div> </div>

VAST (VIPER Assessment Security Tools) :: Distribution

  VAST is a VIPER Assessment Security Tools Linux security distribution . VAST is a Linux-based security distribution specifically des...

Read more »

Kippo (Medium Interaction SSH honeypot) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="honeypot logo" border="0" height="147" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrUVnK5ckDMkuVIbcWb8PF91rmwlb202CsV5COPsOlOiB9OW8Kf3estPjnnsJ6541JweeCI7JeDX-vx7oaPW0hMvub34spaMUEdGh-MXyBI-z7LolJEQMxbiOP3YbNt9dKiStrduzDLTvT/s200/honeypot_icon.jpg" title="honeypot logo" width="200" /></div> <div style="text-align: justify;"> <b>Kippo</b> is a <i>medium interaction SSH honeypot</i> designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: large;">Features</span></div> <div style="text-align: justify;"> Some interesting features: </div> <ul style="text-align: justify;"> <li>Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included </li> <li>Possibility of adding fake file contents so the attacker can 'cat' files such as /etc/passwd. Only minimal file contents are included </li> <li>Session logs stored in an UML compatible format for easy replay with original timings </li> <li>Just like Kojoney, Kippo saves files downloaded with wget for later inspection </li> <li>Trickery; ssh pretends to connect somewhere, exit doesn't really exit, etc </li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/7ACOXgeX3ik?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://kippo.googlecode.com/files/kippo-0.8.tar.gz" target="_blank">Kippo v0.8.tar.gz</a></div> <div style="text-align: justify;"> <b>Source :: </b> http://code.google.com/p/kippo/</div> </div>

Kippo (Medium Interaction SSH honeypot) :: Tools

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction pe...

Read more »

Matriux :: Distribution

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="matriux logo" border="0" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGH_1dFXf9r-j5uQethVAQgIkPIJ2hfg9mwn-W0QQjsCn3x3c_a08dudXKpu78Qgq5YKkw8dMH0fONfrk-pSGsdTH5G0YCUrcVuUrFzrow68QtcE95vndH__UwV-6WqLAnM04pTzV7-d7g/s320/matriux+logo.jpg" title="matriux logo" width="320" /></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> The <b>Matriux</b> is a phenomenon that was waiting to happen. It is a <i> fully featured security distribution </i>based on Debian consisting of a powerful bunch of more than <b>300 open source</b> and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.</div> <div style="text-align: justify;"> With <b>Matriux</b>, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hardisk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.</div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: center;"> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/W6BgzpN9Co0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/HpG6NZyT5xk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b><b>Authentification</b></b></div> <div style="text-align: center;"> Username: <b>root</b><br /> Username: <b>matriux</b><br /> Username: <b>tiger</b><br /> Password: <b>toor</b></div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://linuxfreedom.com/matriux/Matriux_Leandros20130923.iso" target="_blank">Matriux Leandros ISO</a> </div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.matriux.com/ </div> </div>

Matriux :: Distribution

The Matriux is a phenomenon that was waiting to happen. It is a fully featured security distribution based on Debian consisting of a...

Read more »

Katana (Security Suite) :: Distribution

<div dir="ltr" style="text-align: left;" trbidi="on"> <br /> <div class="separator" style="clear: both; text-align: center;"> <img alt="katana logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMSbSG85pmi-m_F-HR3S76YmZ7XvVAJdDrFeEMUAgFWeZWQNuv-XTVp5kdZ44ePTBqagWCfIm-OttLK5TI832kqhbREco9fx8m3PzahkLoGW_nLEfrl26n5OIz2tYbkM9H3sVo787-erIb/s1600/katana+logo.png" title="katana logo" /></div> <div style="text-align: justify;"> <b>Katana</b> is a portable multi-boot security suite which brings together many of today's best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Abel, and many more. </div> <div style="text-align: justify;"> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/q4pV0fJMOjM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b><br /></b> <b>Download Here :: </b><a href="http://public.acetolyne.net/katana-v2.0.rar" target="_blank">Katana v2.0</a><br /> <b>Official Website ::</b> http://www.hackfromacave.com/katana.html</div> <div style="text-align: justify;"> </div> </div>

Katana (Security Suite) :: Distribution

Katana is a portable multi-boot security suite which brings together many of today's best security distributions and portable app...

Read more »

AppUse (Android Penetest Platform Unified Standalone Environment) :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="AppUse Logo Toolwar" border="0" height="83" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAGd8j-mE-M4Gmc0wQX2ZY7qpYdv95XXv4NpOzK9WLTHwYqqFV8nnfozdqxXwDM2PNNsHequwQfXkRNV_q-R9pGjLcTjhUeWZ0rqyhycnqLPeKsd_XvMc0gDSFoBWQA_Zfa-tNuu36nUjh/s320/AppUse+logo.png" title="AppUse Logo Toolwar" width="320" /></div> <div style="text-align: justify;"> <span style="text-align: justify;"><b>AppUse</b> is a <i>Android Penetest Platform Unified Standalone Environment</i>. <b>AppSec Labs</b> recently developed the </span><b style="text-align: justify;">AppUse Virtual Machine</b><span style="text-align: justify;">. This system is a unique, </span><b style="text-align: justify;">free</b><span style="text-align: justify;">, platform for mobile application security testing in the android environment, and it includes unique custom-made tools created by AppSec Labs.</span></div> <div style="text-align: justify;"> The system is a blessing to security teams, who from now on can easily perform security tests on Android applications. It was created as a virtual machine targeted for penetration testing teams who are interested in a convenient, personalized platform for android application security testing, for catching security problems and analysis of the application traffic.</div> <div style="text-align: justify;"> Now, in order to test Android applications, all you will need is to download <b>AppUse Virtual Machine</b>, activate it, load your application and test it.</div> <div style="text-align: justify;"> There is no need for installation of simulators and testing tools, no need for SSL certificates of the proxy software, everything comes straight out of the box pre-installed and configured for an ideal user experience.</div> <div style="text-align: justify;"> Security experts who have seen the machine were very excited, calling it the next ‘BackTrack’ (a famous system for testing security problems), specifically adjusted for android application security testing.</div> <div style="text-align: justify;"> <b>AppUse VM</b> closes gaps in the world of security, now there is a special and customized testing environment for android applications; an environment like this has not been available until today, certainly not with the rich format offered today by <b>AppUse VM</b>.</div> <div style="text-align: justify;"> This machine is intended for the daily use of security testers everywhere for Android applications, and is a must-have tool for any security person.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="text-align: justify;"><b>Tutorial File :: </b><a href="https://appsec-labs.com/AppUse_guide" target="_blank">Click Here </a></span></div> <div style="text-align: justify;"> <b><span style="text-align: justify;">Download Here :: </span></b><span style="text-align: justify;"><a href="http://sourceforge.net/projects/appuse-android-pentest/files/AppUse%201.6_release.rar/download" target="_blank">AppUse-1.6.rar</a></span><b><span style="text-align: justify;"><br /> </span></b></div> <div style="text-align: justify;"> <span style="text-align: justify;"><b>Official Website :: </b>https://appsec-labs.com/ </span></div> </div>

AppUse (Android Penetest Platform Unified Standalone Environment) :: Framework

AppUse is a Android Penetest Platform Unified Standalone Environment . AppSec Labs recently developed the AppUse Virtual Machine . Thi...

Read more »

Belch (Binary Protocol Pen-Testing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="binary penetration toolwar" border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghScz4peffH3Ja7mGFWJDPwhNDV6F4dfiL3mFvd9W2fuHuDBj4LvJqkwRydZCF__q-Jqq-K6-2OXS-TClsJUkaXYlrCPp9PFm8VAOBw9kSfvH6lN6y8ylw5xcy5epYUTDvXIBCmCMXlHKl/s400/binary+penetration+toolwar.jpg" title="binary penetration toolwar" width="400" /></div> <span style="font-family: inherit;"><b>Belch</b> is a B<i>inary Protocol Pen-Testing Tool.</i> It is used to aid in automation of testing AMF and Java-Serialization applications.</span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"> </span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><b>Belch</b> performs on the fly transformation of binary data to human readable XML format. It was tested successfully against AMF version 3 and Java Serialization applications. Belch can be used as a translation peer for any Automatic scanner integrating automatic testing to the binary communication. Belch has been tested with various scanners such as BurpSuite, Accunetix, AppScan, Sqlmap etc.</span></div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/6wiCy3yZvl4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b><span style="font-family: inherit;">Download Here ::</span></b><span style="font-family: inherit;"> <a href="https://www.appsec-labs.com/system/files/Belch_1.0.13.zip" target="_blank">Belch 1.0.13 (Windows)</a></span><b><span style="font-family: inherit;"> </span></b></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><b>Official Website :: </b>https://appsec-labs.com/ </span></div> </div>

Belch (Binary Protocol Pen-Testing) :: Tools

Belch is a B inary Protocol Pen-Testing Tool. It is used to aid in automation of testing AMF and Java-Serialization applications. ...

Read more »

SSL Vulnerability Analyzer :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH12DB6_ms3O3s1_td8BwM7StWC_nv4S2ExjursWZTouuu445awygxmJEjwkFBQ0YsXbsZFoHvtP3lH0D5vlc-ZXpPbRGp9kb5moG1o_dK7LjMhPelK6CgYkRdbRcbRtGtRxmmoQ5qcQGU/s1600/ssl+vulnerability+analyzer+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="SSL Vulnerability Analyzer toolwar" border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH12DB6_ms3O3s1_td8BwM7StWC_nv4S2ExjursWZTouuu445awygxmJEjwkFBQ0YsXbsZFoHvtP3lH0D5vlc-ZXpPbRGp9kb5moG1o_dK7LjMhPelK6CgYkRdbRcbRtGtRxmmoQ5qcQGU/s320/ssl+vulnerability+analyzer+toolwar.png" title="SSL Vulnerability Analyzer toolwar" width="264" /></a></div> <div style="text-align: justify;"> The <b>SSL Vulnerabilities Analyzer</b> is designed for website owners and security testers. The tool takes a domain and/or IP address, tests the encryptions and algorithms supported by them and analyzes the results in a graphic form, reporting problematic encryption methods.</div> <div style="text-align: justify;"> PS, the browser may warn you about a danger file, but it's because that the zip file contains an installation file.</div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Help/Tutorial :: </b><a href="https://appsec-labs.com/SSL_Analyzer/help" target="_blank">Click Here</a> </div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="https://appsec-labs.com/sites/default/files/d/tools/SSL_Vulnerabilities_analyzer/SSL_Analyzer_v1.1.zip" target="_blank">SSL Vulnerability Analyzer</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>https://appsec-labs.com/ </div> </div>

SSL Vulnerability Analyzer :: Tools

The SSL Vulnerabilities Analyzer is designed for website owners and security testers. The tool takes a domain and/or IP address, tes...

Read more »

ReFrameworker :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoFnuAWV-aVgL3wC50yN4F7GTHTD8Tef37-UNLYiFkWuY2DrdUN4uwjtJp3QTQBTH22ELF59dCN8zgJ7lkNFEtWfkQ0judpnIw7w4W2E3QqWMy0eOW59qoSXpMVVffNuWtRgZi0yLKlM9w/s1600/ReFrameworker+logo+toolwar.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="reframeworker logo toolwar" border="0" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoFnuAWV-aVgL3wC50yN4F7GTHTD8Tef37-UNLYiFkWuY2DrdUN4uwjtJp3QTQBTH22ELF59dCN8zgJ7lkNFEtWfkQ0judpnIw7w4W2E3QqWMy0eOW59qoSXpMVVffNuWtRgZi0yLKlM9w/s320/ReFrameworker+logo+toolwar.jpg" title="reframeworker logo toolwar" width="320" /></a></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;"><b>ReFrameworker</b> is a general purpose <i>Framework modifier</i>, used to <i>reconstruct framework Runtimes</i> by creating modified versions from the original implementation that was provided by the framework vendor. ReFrameworker performs the required steps of runtime manipulation by tampering with the binaries containing the framework's classes, in order to produce modified binaries that can replace the original ones. It was developed to experiment with and demonstrate deployment of MCR (Managed Code Rootkits) code into a given framework. Among its features: - Performs all the required steps needed for modifying framework binaries (disassemble, code injection, reassemble, precompiled images cleaning, etc.) - Fast development and deployment of a modified behavior into a given framework - Auto generated deployers - Modules: a separation between general purpose "building blocks" that can be injected into any given binary, allowing the users to create small pieces of code that can be later combined to form a specific injection task. - Can be easily adapted to support multiple frameworks by minimal configuration (currently comes preconfigured for the .NET framework) - Comes with many "preconfigured" proof-of-concept attacks (implemented as modules) that demonstrate its usage that can be easily extended to perform many other things. ReFrameworker, as a general purpose framework modification tool, can be used in other contexts besides security such as customizing frameworks for performance tuning, Runtime tweaking, virtual patching, hardening, and probably other usages - It all depends on what it is instructed to do.</span></span></span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;"><br /></span></span></span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;"><b>Tutorial File ::</b> <a href="https://appsec-labs.com/system/files/Managed%20Code%20Rootkits%20presentation%20%28SOURCE%202010%29.pdf" target="_blank">Click Here</a></span></span></span></div> <div style="text-align: justify;"> <b><span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;">Download Here :: </span></span></span></b><span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;"><a href="https://appsec-labs.com/system/files/ReFrameworker_V1.1.zip" target="_blank">ReFrameworker v1.1.zip</a>  <b>(</b>Windows)<b> </b></span></span></span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><span style="text-align: justify;"><b>Official Website :: </b>https://appsec-labs.com/ </span></span></span></div> </div>

ReFrameworker :: Framework

ReFrameworker is a general purpose Framework modifier , used to reconstruct framework Runtimes by creating modified versions from th...

Read more »

Zero Wine (Malware Analysis) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Zero Wine logo" border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKL4PHE7CkDUT7pPvSFJMm5r70V2xQi_hLrm7B7PiD6pS0DDJTaFdR4n9CcE36te1JtS-LSLEHh5uXVzXNVQ0yoFD2Uag_XG1M7e_QeQPmNwqCrDT2zeFkz30q_Y2pDPyePzOksXhym3bR/s400/zerowine+logo.png" title="Zero Wine logo" width="400" /></div> <div class="Textbody" style="text-align: justify;"> <b>Zero Wine </b>is a tool for <i>Malware Behavior Analysis.</i> <b>Zero wine</b> is an open source (GPL v2) research project to dynamically analyze the behavior of malware. Zero wine just runs the malware using WINE in a safe virtual sandbox (in an isolated environment) collecting information about the APIs called by the program. </div> <div class="Textbody" style="text-align: justify;"> The output generated by wine (using the debug environment variable WINEDEBUG) are the API calls used by the malware (and the values used by it, of course). With this information, analyzing malware's behavior turns out to be very easy. </div> <div class="Textbody" style="text-align: justify;"> <b>Zero wine</b> is distributed as one QEMU virtual machine image with a Debian operating system installed. The image contains software to upload and analyze malware and to generate reports based on the information gathered (this software is stored in /home/malware/zerowine). </div> <div class="Textbody" style="text-align: justify;"> Running the distributed virtual machine with the correct command line options (use the supplied startup shell script to run the virtual machine) provides a web based (web server is written in python) graphical interface to upload malware to be analyzed (a CGI written, also, in python).</div> <div class="Textbody" style="text-align: justify;"> When a new malware is uploaded, it is copied to the directory<i> /tmp/vir/MD5_OF_THE_FILE,</i> them, the previous created WINE environment (WINEPREFIX if you prefer) is removed and a backup system is untared (the backup system is /home/malware/backup/backup.tar.gz). After this operation, the malware is executed using the shell script malware_launcher.sh (the file is stored in the folder /home/malware/bin).</div> <div class="Textbody" style="text-align: justify;"> <span style="font-weight: bold;">NOTE:</span> The current system is subject to change as it doesn't allow the analysis of more than one malware at a time. In the future, every time you upload a new malware file it will be added to a queue for later analysis and a new WINEPREFIX specific to run this malware will be created.</div> <div class="Textbody" style="text-align: justify;"> <br /></div> <div class="Textbody" style="text-align: justify;"> <b>Download Here :: </b><a href="http://sourceforge.net/projects/zerowine/files/latest/download" target="_blank">Zero Wine 2.0.0.tar.bz2</a></div> <div class="Textbody" style="text-align: justify;"> <b>Tutorial / Official Website :: </b> http://zerowine.sourceforge.net/</div> </div>

Zero Wine (Malware Analysis) :: Tools

Zero Wine is a tool for Malware Behavior Analysis. Zero wine is an open source (GPL v2) research project to dynamically analyze the b...

Read more »

Malheur (Automatic Analysis of Malware Behavior) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <img alt="Malheur Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNYaQVbdOpGxMX0IyRR5o5yFrLFh615Tr9uwYiY4Q2EirUJUl_W-ePiFVBpcotviuNqU532PahMPgwtLUXwa6BIcd-l5vvv4-ii4c1X34WzQg1WIG455HICfHdxFvuWI1YEJ1JGAE3BxfN/s1600/malheur_logo.png" title="Malheur Logo" /></div> <div style="text-align: justify;"> <b>Malheur</b> is a tool for the <i>Automatic Analysis of Malware Behavior</i> (program behavior recorded from malicious software in a sandbox environment). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. <b> Malheur</b> allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Analysis of malware behavior?</b></div> <div style="text-align: justify;"> <b>Malheur</b> builds on the concept of <i>dynamic analysis</i>: Malware binaries are collected in the wild and executed in a sandbox, where their behavior is monitored during run-time. The execution of each malware binary results in a report of recorded behavior. Malheur analyzes these reports for discovery and discrimination of malware classes using <i>machine learning</i>. </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> Malheur can be applied to recorded behavior of various format, as long as monitored events are separated by delimiter symbols, for example as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox and Joebox. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Tutorial ::</b> http://www.mlsec.org/malheur/examples.html </div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://www.mlsec.org/malheur/files/malheur-0.5.3.tar.gz" target="_blank">Malhuer-0.5.3</a> (Linux)</div> <div style="text-align: justify;"> <b>Official Website ::</b> http://www.mlsec.org/</div> </div>

Malheur (Automatic Analysis of Malware Behavior) :: Tools

Malheur is a tool for the Automatic Analysis of Malware Behavior (program behavior recorded from malicious software in a sandbox...

Read more »

Polyvaccine (Polymorphic Detection Engine) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="http logo toolwar" border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7Ssb4iktrAq-1DF0nSISPStIk_c880oa92Afo9cJfj4vr1GAGb65APEC0Efd4mJ9Ra_FRt84OkcM3cr48QO7tIb_zq3ABSlag7v7UH3Prm8dS-h5bLjN_8WoXu_DdbNNgrSbRz5l8TfuA/s320/http+logo+toolwar.jpg" title="http logo toolwar" width="320" /></div> <div style="text-align: justify;"> <b>Polyvaccine </b>is a <i>Polymorphic Detection Engine </i><b>Polyvaccine </b>is a detection software that enables protection to HTTP or SIP servers from unknown binary attacks, such as polymorphic exploit attacks, and DDoS at application layer. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Polyvaccine is supports the next platforms:</b> </div> <div style="text-align: justify;"> Linux x86_32(deprecated) x86_64 Freebsd x86_64 (beta) Polyvaccine have the next main characteristics: </div> <div style="text-align: justify;"> Don't need signature updates. The main three task(detection, protection, filtering) could be placed distributed on several nodes The architecture is fully distributed (using dbus as main orb). The integration with other subsystems such as logger, firewalls and so on is easy just by using simple python scripts. Don't have support for Sql-injection, just any type of binary attacks. Don't try to replace the functions of a NIDS. The management task are negligible. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Help ::</b> http://code.google.com/p/polyvaccine/w/list</div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://polyvaccine.googlecode.com/files/polyvaccine-0.5.tar.gz" target="_blank">Polyvaccine-0.5.tar.gz</a></div> <div style="text-align: justify;"> <b>Source ::</b> http://code.google.com/p/polyvaccine/</div> </div>

Polyvaccine (Polymorphic Detection Engine) :: Tools

Polyvaccine is a Polymorphic Detection Engine Polyvaccine is a detection software that enables protection to HTTP or SIP servers from u...

Read more »

Binwalk (Firmware Analysis) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTXPxLlteMztj2Pmu9IhQaN2Z-tdNzwNtJZAVDNVqivfNOO7tUt04p-YHorznXewjDeGZR2IZsW2xY8xXbVMw6uTlEQ_OmgoPtQabgMyZtGPj2b9Y11K7zr1EOiQ6W-JktNgpuZVBWKU3D/s1600/lgdtv_entropy.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="218" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTXPxLlteMztj2Pmu9IhQaN2Z-tdNzwNtJZAVDNVqivfNOO7tUt04p-YHorznXewjDeGZR2IZsW2xY8xXbVMw6uTlEQ_OmgoPtQabgMyZtGPj2b9Y11K7zr1EOiQ6W-JktNgpuZVBWKU3D/s400/lgdtv_entropy.png" width="400" /></a></div> <b>Binwalk</b> is a <i>firmware analysis tool</i> designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. </div> <div style="text-align: justify;"> <b>Binwalk</b> supports various types of analysis useful for inspecting and reverse engineering firmware, including: </div> <ul style="text-align: justify;"> <li>Embedded file identification and extraction </li> <li>Executable code identification </li> <li>Type casting </li> <li>Entropy analysis and graphing </li> <li>Heuristic data analysis </li> <li>"Smart" strings analysis </li> </ul> <div style="text-align: justify;"> <b>Binwalk's</b> file signatures are (mostly) compatible with the magic signatures used by the Unix file utility, and include customized/improved signatures for files that are commonly found in firmware images such as compressed/archived files, firmware headers, kernels, bootloaders, filesystems, etc. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Tutorial ::</b> http://code.google.com/p/binwalk/wiki/Usage</div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://binwalk.googlecode.com/files/binwalk-1.2.1.tar.gz" target="_blank">Binwalk-1.2.1.tar.gz</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.devttys0.com/</div> </div>

Binwalk (Firmware Analysis) :: Tools

Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and o...

Read more »

WAppEx (Web Application Exploiter) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjy69Bs634VQydTJdv0uGtFpQKr3ts7eZw6ppQEaiyIybkyhkxNo7FP1mBlS7oZ-MTfnVkAX0YqJg5yifhrgQ90taO_P751HCiUSd3hrXBXP1-qD46VxnlmEySD4yRYu_eyy_XS5xdzAJwO/s1600/wappex+screenshot+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="WAppEx Screenshot ToolWar" border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjy69Bs634VQydTJdv0uGtFpQKr3ts7eZw6ppQEaiyIybkyhkxNo7FP1mBlS7oZ-MTfnVkAX0YqJg5yifhrgQ90taO_P751HCiUSd3hrXBXP1-qD46VxnlmEySD4yRYu_eyy_XS5xdzAJwO/s400/wappex+screenshot+toolwar.png" title="WAppEx Screenshot ToolWar" width="400" /></a></div> <div style="text-align: justify;"> <b>WAppEx</b> is an integrated <i>Web Application security</i> assessment and exploitation platform designed with the whole spectrum of security professionals to web application hobbyists in mind. It suggests a security assessment model which revolves around an extensible exploit database. Further, it complements the power with various tools required to perform all stages of a web application attack.</div> <div style="text-align: justify;"> The Exploit Database contains the all the logic associated with trivial fingerprinting, exploitation techniques, and payloads that address a wide range of web application vulnerabilities with the emphasis being on high-risk and zero-day vulnerabilities.</div> <div style="text-align: justify;"> Some of the vulnerabilities already bundled within the Exploit Database include Local File Disclosure (LFD), Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL Injection (SQLI), Remote OS Command Execution (RCE), and Server-side Code Injection (SCI). WAppEx can detect these vulnerabilities in a target, take full advantage of it, and through neatly designed payload codes get as much access to the exploited target as possible in as short a time as possible. Some of the payloads included within the database are various reverse shells, arbitrary code execution, command execution, arbitrary file upload…</div> <div style="text-align: justify;"> Since all the attack logic rests in the form of scripts within the Exploit Database, it is easily extensible, flexible and updatable through community servers. Users, too, can add mature, sophisticated exploits and payloads in the same fashion. The database grows on a daily basis, and our dedicated team of research and development are working non-stop to maintain the richest, most up-to-date aggregate of exploits. The number of exploits is soon bound to surpass hundreds. Meanwhile, users can share their own created exploits and payloads with the community and contribute to this growing momentum.</div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/6IXFN5fTvNk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here :: </b><a href="http://itsecteam.com/counter/?files=WAppEx/WAppEx2.0.exe" target="_blank">WAppEx 2.0.exe</a></div> <div style="text-align: justify;"> <b>Official Website :: </b>http://www.itsecteam.com/ </div> </div>

WAppEx (Web Application Exploiter) :: Tools

WAppEx is an integrated Web Application security assessment and exploitation platform designed with the whole spectrum of security p...

Read more »

HexInject (Packet Injector and Sniffer) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzK_BWuo2OLgYHxEDEesWWuhQmgxt1u0PEIyEohkdj3RWfavzjVtjH2twPtDOXnHhiV2X7msomnkjgMAhBLW39M01tbrSi1xfPu88vKCzBBcCCz2gl8yWWG-H5RLVu-JR_T68rHRTMs3pc/s1600/hexinject+screenshot+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="hexinject screenshot toolwar" border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzK_BWuo2OLgYHxEDEesWWuhQmgxt1u0PEIyEohkdj3RWfavzjVtjH2twPtDOXnHhiV2X7msomnkjgMAhBLW39M01tbrSi1xfPu88vKCzBBcCCz2gl8yWWG-H5RLVu-JR_T68rHRTMs3pc/s320/hexinject+screenshot+toolwar.png" title="hexinject screenshot toolwar" width="294" /></a></div> <div style="text-align: justify;"> <b>HexInject</b> is a very versatile <b>Packet Injector and Sniffer</b>, that provide a command-line framework for raw network access.<br /> <br /> It's designed to <b>work together</b> with others command-line utilities, and for this reason it facilitates the creation of powerful shell scripts capable of reading, intercepting and modifying network traffic in a transparent manner.</div> <div style="text-align: justify;"> <b>HexInject</b> has now reached version <b>1.5</b> (<i>Feb 21 2013</i>) and a few changes have been made. In particular the <i>features have been redistributed</i> between <b>multiple tools</b>, following the unix philosophy.</div> <ul style="text-align: justify;"> <li><b>hexinject</b> remains the main sniffer and injector.<br /> </li> <li><b>prettypacket</b> disassembles raw packets (received on its standard input) and print their field. It can also print example packets (useful if you want to know the structure of an header).<br /> </li> <li> <b>hex2raw</b> converts hexstring (the textual format used by hexinject) to raw data, and vice-versa. A basic xxd tool.<br /> </li> <li><b>packets.tcl</b> is an experimental packet forger, written in TCL. It uses a simple packet representation format based on <b>APD</b> (http://wiki.hping.org/26). The output of the tool can be <i>piped to hexinject raw inject mode</i>.</li> </ul> <b>Download Here :: </b><a href="http://sourceforge.net/projects/hexinject/files/hexinject-1.5/hexinject-1.5.tar.gz/download" target="_blank">HexInject v1.5.tar.gz</a><br /> <b>Guide :: </b>http://hexinject.sourceforge.net/hexinject_introduction.pdf  <br /> <b>Source ::</b> http://hexinject.sourceforge.net/</div>

HexInject (Packet Injector and Sniffer) :: Tools

HexInject is a very versatile Packet Injector and Sniffer , that provide a command-line framework for raw network access. ...

Read more »

Wifislax (Wireless Security and Forensic) :: Distribution

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="wifislax logo toolwar" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjF4P8a1KMCdkVYaPLGKUNXWKY5r3RBA-jVAQk9ZIyE-tZcQERTe91zNkfqs0cpT_VP1Q7348n4Q94pxQl26E0ZF1jgopk13oNTCA0WbhaOoeuBcukeJmNEsZDBOZNYsyOXQ-ewywl45zSr/s1600/wifislax+logo+toolwar.png" title="wifislax logo toolwar" /></div> <div style="text-align: justify;"> Wifislax is a Slackware-based live CD containing a variety of security and forensics tools. The distribution's main claim to fame is the integration of various unofficial network drivers into the Linux kernel, thus providing out-of-the-box support for a large number of wired and wireless network cards. </div> <div style="text-align: justify;"> <a href="http://distrowatch.com/wifislax"></a> Wifislax 4.6, an updated build of the Slackware-based live CD with a collection of security and forensics tools, has been released. This is mostly a maintenance release to fix a serious bug in Reaver, a WiFi passphrase brute-force attack utility, the use of which resulted in segmentation fault in the previous release of Wifislax. The Linux kernel has been updated to version 3.6.11 with a number of new drivers to support tablets, touchscreen devices, multi-function printers, etc. The KDE desktop has been upgraded to version 4.10.5 and an option to boot into a lighter Xfce desktop remains available. Other package upgrades include Firefox 22.0, OpenJDK 7u25 and Wireshark 1.10.0, as well as the latest version of the Flash browser plugin. A number of new programs, such as nano and texinfo, have been added. The release announcement which contains a full changelog is in Spanish only, but the distribution itself can boot into either Spanish or English localisation of the KDE or Xfce desktops. </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/KOy6JmoxlYM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download Here ::</b> <a href="http://www.downloadwireless.net/isos-fase-testing/wifislax-current/wifislax-4.7-22092013.iso" target="_blank">Wifislax 4.7 ISO</a></div> <div style="text-align: justify;"> <b>Official Website ::</b> http://www.wifislax.com/</div> </div>

Wifislax (Wireless Security and Forensic) :: Distribution

Wifislax is a Slackware-based live CD containing a variety of security and forensics tools. The distribution's main claim to fame i...

Read more »

OWASP Bricks (Web Application Security Learning Platform) :: Framework

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="owasp bricks logo toolwar" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxsW3jxRxCdfOllufBaZ0_uBwcmN-L7j2Fru8xOc1lTFeRLUMkcvyN_lnUYOrjG-Cv-Kr7b_qYk_j1a9LcRAikKyTgFkdJ9FQiNFFmJxMlrHdzndXtyTN6QhxPsCgBWGFX6oyy1lcxLLeR/s200/owasp+bricks+logo+toolwar.png" title="owasp bricks logo toolwar" width="199" /></div> <div style="text-align: justify;"> <b>OWASP Bricks</b> is a <i>Web application security learning platform</i> built on PHP and MySQL. <b>Bricks</b> is a deliberately vulnerable web application built on PHP and MySQL. The project focuses on variations of commonly seen application security vulnerabilities and exploits. Each 'brick' has some sort of vulnerability which can be exploited using tools (Mantra and ZAP). The mission is to 'break the bricks' and thus learn the various aspects of web application security.<br /> <br /> <b>Bricks</b> is a web application security learning platform built on PHP and MySQL. The project focuses on variations of commonly seen application security issues. Each 'Brick' has some sort of security issue which can be leveraged manually or using automated software tools. The mission is to 'Break the Bricks' and thus learn the various aspects of web application security.<br /> <br /> <b>Bricks</b> is a completely free and open source project brought to you by OWASP. The complete documentation and instruction videos can also be accessed or downloaded for free. Bricks are classified into three different sections: login pages, file upload pages and content pages.</div> <b></b><br /> <b></b><br /> <b></b><br /> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/j5I0wPvQxTg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/mCo6ajvBv50?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>D</b><b>ownload Here :: </b><a href="http://sourceforge.net/projects/owaspbricks/files/Atrai%20-%201.8/OWASP%20Bricks%20-%20Atrai.zip/download" target="_blank">OWASP Bricks v1.8</a><br /> <b>Official Website :: </b>http://sechow.com/<b><br /></b></div>

OWASP Bricks (Web Application Security Learning Platform) :: Framework

OWASP Bricks is a Web application security learning platform built on PHP and MySQL. Bricks is a deliberately vulnerable web applicat...

Read more »