... neuere Einträge
Monday, 15. August 2011
Drive-by Cache - Drive-by download
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
1. Brief overview of drive-by downloads
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#section-1-drive-by-download
2. Drive by cache
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#drive-by-cache
3. Real-world example
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#example
4. Complete codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#complete-exploit-codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#section-1-drive-by-download
2. Drive by cache
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#drive-by-cache
3. Real-world example
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#example
4. Complete codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#complete-exploit-codes
Browser to Browser File Sharing
Am Monday, 15. Aug 2011 im Topic 'News'
Features of Files Over Miles include:
High Speed
Ability to send large files
Encryption (128 bit AES)
Works with any browser with Adobe Flash Player 10.
http://www.filesovermiles.com/
High Speed
Ability to send large files
Encryption (128 bit AES)
Works with any browser with Adobe Flash Player 10.
http://www.filesovermiles.com/
Send Anonymous Email
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
Send Free SMS
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
http://smsti.in/send-free-sms/
http://seasms.com/#type
http://spicesms.com/sendsms.php
http://www.bollywoodmotion.com/free-long-sms-india.html
http://seasms.com/#type
http://spicesms.com/sendsms.php
http://www.bollywoodmotion.com/free-long-sms-india.html
Send Free Fax
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
http://sendfreefax.net
http://www.freefax.com/ff_snd.html
http://www.eztel.com/freefax/sendfax.html
http://www.popfax.com
http://www.freefax.com/ff_snd.html
http://www.eztel.com/freefax/sendfax.html
http://www.popfax.com
How to make a QR code
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
Goto http://qrcode.kaywa.com
Select the content type as you wish . if you want to add a Url on QR code select url and add your URL
and Press on the size if you want to make Size Small , medium or Large then Press the Generate Button. Download the QR code image on Computer.
Decrypt a QR Code:
Goto http://zxing.org/w/decode.jspx
Click Browse and Uplod the picture to the website and you can decrypt it and there are many other methods to decrypt QR code .The Device which to Decrypt QR code are QR barcode readers and camera phones with QR CODE Reader Application on it .
Select the content type as you wish . if you want to add a Url on QR code select url and add your URL
and Press on the size if you want to make Size Small , medium or Large then Press the Generate Button. Download the QR code image on Computer.
Decrypt a QR Code:
Goto http://zxing.org/w/decode.jspx
Click Browse and Uplod the picture to the website and you can decrypt it and there are many other methods to decrypt QR code .The Device which to Decrypt QR code are QR barcode readers and camera phones with QR CODE Reader Application on it .
Devil shell 2.0 - PHP
Am Monday, 15. Aug 2011 im Topic 'Source Code'
* Front/Deface Page cretor without knowladge of HTML and user friendly
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
Matriux Krypton
Am Monday, 15. Aug 2011 im Topic 'Pentest'
With Matriux, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hardisk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.
Download
http://www.matriux.com/index.php?page=download
Download
http://www.matriux.com/index.php?page=download
Thursday, 11. August 2011
FireCAT 2.0
Am Thursday, 11. Aug 2011 im Topic 'Web Security'
FireCAT (Firefox Catalog of Auditing exTensions) is a mindmap collection of the most efficient and useful Firefox extensions oriented application security auditing and assessment. FireCAT is not a replacement of other security utilities and software as well as fuzzers, proxies and application vulnerabilities scanners.
Download
http://www.firecat.fr/download.html
Download
http://www.firecat.fr/download.html
Anonymous and secure web surfing
Am Thursday, 11. Aug 2011 im Topic 'Web Security'
JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X. It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers), the user's anonymity stays protected even against the providers (operators) of the anonymous IP address.
Download
http://anonymous-proxy-servers.net/en/software.html
Download
http://anonymous-proxy-servers.net/en/software.html
Wednesday, 10. August 2011
5 SQLi Scanners - Online
Am Wednesday, 10. Aug 2011 im Topic 'Pentest'
http://www.be007.gigfa.com/scanner/scanner.php
http://www.sunmagazin.com/tools/hack/SQLI-Scan
http://scanner.drie88.tk
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
http://www.sunmagazin.com/tools/hack/SQLI-Scan
http://scanner.drie88.tk
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
DefCon 19 - all Presentations from the Defcon
Am Wednesday, 10. Aug 2011 im Topic 'News'
Defcon 19 presentations available for download, Go check out the presentations from this year’s defcon conference here: http://good.net/dl/k4r3lj/DEFCON19/
Tuesday, 9. August 2011
Schwarze Sonne RAT 2.0 Alpha 2
Am Tuesday, 9. Aug 2011 im Topic 'Remote Administration Tool'
Schwarze Sonne RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows up windows7
Download
https://code.google.com/p/schwarzesonenrat/downloads/list
Download
https://code.google.com/p/schwarzesonenrat/downloads/list
YARA v1.6
Am Tuesday, 9. Aug 2011 im Topic 'Malware Search'
YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. Let's see an example:
Download
http://code.google.com/p/yara-project/downloads/list
Download
http://code.google.com/p/yara-project/downloads/list
Moshi Moshi - VoIP bot - Python
Am Tuesday, 9. Aug 2011 im Topic 'Tools'
Moshi Moshi is a VoIP Bot written in Python that uses SIP as VoIP Protocol, Text-to-speech engines for Output, and DTMF Tones for Input. It is part of a talk ("Sounds Like Botnet") given at DEF CON 19 and BSidesLV 2011 on VoIP Botnets by Itzik Kotler and Iftach (Ian) Amit.
Download
http://code.google.com/p/moshimoshi/downloads/detail?name=moshimoshi_poc.tar.gz&can=2&q=
Download
http://code.google.com/p/moshimoshi/downloads/detail?name=moshimoshi_poc.tar.gz&can=2&q=
SANS Investigate Forensic Toolkit (SIFT) Workstation v.2.1
Am Tuesday, 9. Aug 2011 im Topic 'Computer Forensics'
An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. The free SIFT toolkit, that can match any modern forensic tool suite, is also featured in SANS' Advanced Computer Forensic Analysis and Incident Response course (FOR 508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.
Download
http://computer-forensics.sans.org/community/downloads
The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.
Download
http://computer-forensics.sans.org/community/downloads
Wfuzz v.2.0 - Linux
Am Tuesday, 9. Aug 2011 im Topic 'Web Security'
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.
Download
http://code.google.com/p/wfuzz/downloads/list
Download
http://code.google.com/p/wfuzz/downloads/list
Thursday, 4. August 2011
Analysis of black hat hackers
Am Thursday, 4. Aug 2011 im Topic 'News'
This paper aims to give an overall up-to-update review, evaluation and analysis of the underground scene of black hat hackers and/or cyber criminals.
Source PDF
http://www.exploit-db.com/download_pdf/17334/
Source PDF
http://www.exploit-db.com/download_pdf/17334/
Winners of the Pwnie Award
Am Thursday, 4. Aug 2011 im Topic 'News'
The winners of the Pwnie Awards were announced at a ceremony in Las Vegas on Aug 3rd, 2011.
Source
http://pwnies.com/winners/
Source
http://pwnies.com/winners/
Agnitio Security Code Review
Am Thursday, 4. Aug 2011 im Topic 'Tools'
A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.
Download
http://sourceforge.net/projects/agnitiotool/files/
Download
http://sourceforge.net/projects/agnitiotool/files/
Microsoft BlueHat Security contest - $250,000
Am Thursday, 4. Aug 2011 im Topic 'Jobs'
Microsoft today launched a $250,000 contest for researchers who develop defensive security technologies that deal with entire classes of exploits. The total cash awards for Microsoft's "BlueHat Prize" contest easily dwarfs any bug bounty that's been given by rivals. The company announced the contest as this year's Black Hat security conference got under way today in Las Vegas.
More Details here
https://www.microsoft.com/security/bluehatprize/
see rules and regulations
https://www.microsoft.com/security/bluehatprize/rules.aspx
More Details here
https://www.microsoft.com/security/bluehatprize/
see rules and regulations
https://www.microsoft.com/security/bluehatprize/rules.aspx
Mini PHP Shell 27.9 V2
Am Thursday, 4. Aug 2011 im Topic 'Tools'
Features : Encoder , Processes , FTP-Brute-Forcer , Server-Information , SQL-Manager and etc.
Download
http://www.megaupload.com/?d=DRHS3AV9
Download
http://www.megaupload.com/?d=DRHS3AV9
The Social-Engineer Toolkit
Am Thursday, 4. Aug 2011 im Topic 'Pentest'
The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
Download
http://www.secmaniac.com/download/
Download
http://www.secmaniac.com/download/
The Social-Engineer Toolkit v3.0 Codename "#WeThrowBaseballs" from David Kennedy on Vimeo.
JD-GUI - Java Decompiler
Am Thursday, 4. Aug 2011 im Topic 'Tools'
JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. JD-GUI is free for non-commercial use. This means that JD-GUI shall not be included or embedded into commercial software products. Nevertheless, this project may be freely used for personal needs in a commercial or non-commercial environments.
Download
http://java.decompiler.free.fr/jd-gui/downloads/jd-gui-0.3.3.windows.zip
http://java.decompiler.free.fr/jd-gui/downloads/jd-gui-0.3.3.linux.i686.tar.gz
Download
http://java.decompiler.free.fr/jd-gui/downloads/jd-gui-0.3.3.windows.zip
http://java.decompiler.free.fr/jd-gui/downloads/jd-gui-0.3.3.linux.i686.tar.gz
CAT v.1
Am Thursday, 4. Aug 2011 im Topic 'Web Security'
CAT provides the ability to test a web application for all types of vulnerabilities from SQL injection to reverse proxy bypass. It allows for traffic between a web browser and a web server to be intercepted and altered. Requests can then be repeated within CAT allowing for all aspects of the request to be altered. Requests can be fuzzed using a range of different fuzzing algorithms including brute forcing, injection attacks and scripted attacks; it also provides a facility to fuzz forms with CSRF tokens. Authorisation within an application can easily be checked using two synchronised web sessions from one user type to another
Download
http://www.contextis.com/resources/tools/cat/download/
Download
http://www.contextis.com/resources/tools/cat/download/
malware analysis - eset.com PDF
Am Thursday, 4. Aug 2011 im Topic 'Tutorials'
... ältere Einträge