Do Not Track Plus is a free online privacy tool that makes it easy for anyone to see when they are being tracked online and stop being profiled by social networks, large advertisers, and data collection companies, including Google and Facebook.

Features of Do Not Track Plus

Stop advertisers from knowing everything they do online, including site visits, shopping interests, hobbies, clicks, and geographic location
See how they’re being tracked on millions of websites
Block a growing list of 580 different tracking technologies and more than 200 tracking companies
Improve web page load times by up to 4x
Block social tracking while still being able to voluntarily use social-sharing buttons, a feature that’s exclusive to DNT+
Keep a running count of who’s tracking them with DNT+’s block counter
Browse in true privacy, far beyond what built-in “private browsing modes” offer.

Download
http://www.donottrackplus.com/downloading.php?utm_campaign=http://www.net-security.org/secworld.php?id=12380&utm_source=organic

Browser forensic tool, is a software that will search in all kind of browser history (even archived) in a few seconds.It will retrieve URLS and Title with the chosen keywords of all matching search.You can use default example profiles or create yours, with thematic search.

Download
http://unremote.org/downloads/BrowserForensicTool.zip

Hydra is best for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.

Download
http://www.thc.org/releases/hydra-7.2-src.tar.gz

It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP.

Download
http://www.nullsecurity.net/tools/trixd00r-0.0.1.tar.gz

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.

Download
http://www.apache.org/dyn/closer.cgi/shiro/1.2.0/shiro-root-1.2.0-source-release.zip

Info
http://shiro.apache.org/10-minute-tutorial.html

RogueKiller is a free small program that analyzes the system for rogue software. It works in this regard similar to Fake Antivirus Remover, a program which we have reviewed in the past here on Ghacks. The program scans known rogueware locations, including running processes, the Windows Registry, drivers, the hosts file and the master boot record.
We need to close all other programs running on the system before you start the program. First thing that you may want to do then is to scan the system. Just press 1 on the keyboard and hit enter afterwards to run the scan.

Download
http://www.sur-la-toile.com/RogueKiller/

UniOFuzz version 0.1.2-beta - the universal fuzzing tool for browsers, web services, files, programs and network services/ports

Download
http://www.nullsecurity.net/tools/uniofuzz.py

Homepage
http://www.nullsecurity.net/tools.html

A cross-platform Java based Facebook social engineering framework, sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information,photos and friend list to a local folder. Extensible module interfaces and built-in modules for advanced social engineering tricks.

The tool that you can use is FBPwn, this tool will try several attack on FB directly from a user account so it will do the following:

Dump friend list
Add all victim friends
Dump all users album pictures
Dump profile information
Dump photos ( this mean profile pictures)
Check friends request
Dump victim wall (here including poke)
Clone the profiles


Download
http://code.google.com/p/fbpwn/downloads/list

SomarSoft's DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.

Download
http://www.systemtools.com/download/dumpacl.zip

Patator is a multi-purpose brute-forcer, written in pyton language, with a modular design and a flexible usage. Can be modified and rewritten as per our environment requirement. Patator is licensed GPLv2.

Download
https://code.google.com/p/patator/downloads/list

Modules supported:

ftp_login : Brute-force FTP
ssh_login : Brute-force SSH
telnet_login : Brute-force Telnet
smtp_login : Brute-force SMTP
smtp_vrfy : Enumerate valid users using the SMTP VRFY command
smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
http_fuzz : Brute-force HTTP/HTTPS
pop_passd : Brute-force poppassd (not POP3)
ldap_login : Brute-force LDAP
smb_login : Brute-force SMB
mssql_login : Brute-force MSSQL
oracle_login : Brute-force Oracle
mysql_login : Brute-force MySQL
pgsql_login : Brute-force PostgreSQL
vnc_login : Brute-force VNC
dns_forward : Forward lookup subdomains
dns_reverse : Reverse lookup subnets
snmp_login : Brute-force SNMPv1/2 and SNMPv3
unzip_pass : Brute-force the password of encrypted ZIP files
keystore_pass: Brute-force the password of Java keystore files