... neuere Einträge
Wednesday, 17. August 2011
Faceniff - Web sniff - Android
Am Wednesday, 17. Aug 2011 im Topic 'Android'
Metasploit And Armitage - News
Am Wednesday, 17. Aug 2011 im Topic 'Tutorials'
Metasploit 4.0
Metasploit 4.1
Metasploit 4.1
Metasploit And Armitage Training - (1-6)
Am Wednesday, 17. Aug 2011 im Topic 'Tutorials'
1
http://vimeo.com/26638955
2
http://vimeo.com/26943860
3
http://vimeo.com/26639228
4
http://vimeo.com/26652073
5
http://vimeo.com/26639622
6
http://vimeo.com/26677580
by
Raphael Mudge
http://vimeo.com/26638955
2
http://vimeo.com/26943860
3
http://vimeo.com/26639228
4
http://vimeo.com/26652073
5
http://vimeo.com/26639622
6
http://vimeo.com/26677580
by
Raphael Mudge
Samsung hires Android hacker ‘Cyanogen’
Am Wednesday, 17. Aug 2011 im Topic 'News'
Kondik is best known as the creator of the CyanogenMod for Android, an after market customised firmware bringing new features and functionality to the Android platform
LDAP & XPATH
Am Wednesday, 17. Aug 2011 im Topic 'Pentest'
Blind LDAP Injection Exploitation Tool
Sample application showing practical approach how to exploit Blind LDAP Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only.
Download:
http://code.google.com/p/ldap-blind-explorer/downloads/list
Blind XPath Injection Exploitation Tool
Sample application showing practical approach how to exploit Blind XPath Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only.
Download:
http://code.google.com/p/xpath-blind-explorer/downloads/list
Sample application showing practical approach how to exploit Blind LDAP Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only.
Download:
http://code.google.com/p/ldap-blind-explorer/downloads/list
Blind XPath Injection Exploitation Tool
Sample application showing practical approach how to exploit Blind XPath Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only.
Download:
http://code.google.com/p/xpath-blind-explorer/downloads/list
Easy Install BackTrack 5 "Persistent" to USB
Am Wednesday, 17. Aug 2011 im Topic 'Tutorials'
What is persistence?
http://www.linuxliveusb.com/help/guide/step3
1 choose usb key
2 choose iso
3 choose much space you want for persistence
4 klik create
5 wait till done
6 enjoy your persistent usb key
Download
http://www.linuxliveusb.com/
http://www.linuxliveusb.com/help/guide/step3
1 choose usb key
2 choose iso
3 choose much space you want for persistence
4 klik create
5 wait till done
6 enjoy your persistent usb key
Download
http://www.linuxliveusb.com/
Tuesday, 16. August 2011
Online Malware Scanners
Am Tuesday, 16. Aug 2011 im Topic 'Malware Search'
PDF Analyzer allows you to view PDF objects as hex/text, also provides PDF dissector and inspector engines and scanning for known exploits.
http://www.malwaretracker.com/pdf.php
Sunbelt Sandbox is an approach to automatically analyze malware which is based on behavior analysis. Malware samples are executed for a finite time in a simulated environment, where all system calls are closely monitored.
http://mwanalysis.org
GFI’s sunbelt online sandbox engine.
http://www.sunbeltsecurity.com/sandbox/
URLVoid allows users to scan a website address with multiple scanning engines such as Google Diagnostic, McAfee SiteAdvisor, Norton SafeWeb, MyWOT to facilitate the detection of possible dangerous websites.
http://www.urlvoid.com
Symantec’s reputation service Norton Safe Web.
http://safeweb.norton.com
The AVG LinkScanner Drop Zone lets you check the safety of individual web pages you are about to visit, also will examine the web page in real time to see whether it’s hiding any suspicious downloads.
http://www.avg.com.au/resources/web-page-scanner/
Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files.
http://wepawet.iseclab.org
Joebox Sandbox.
http://www.joebox.org/samples.php
With VirusTotal, send a file and see the detection according the AV vendors.
http://www.virustotal.com
Novirusthanks is a ree service that allows users to upload and scan a file with multiple Antivirus engines. Users can also analyze a website url or a remote file with the option Scan Web Address.
http://www.novirusthanks.org/service/multi-engine-antivirus-scanner/
Jotti’s malware scan is a free online service that enables you to scan suspicious files with several anti-virus programs. Scanners used are Linux versions; detection differences with Windows versions of the same scanners may occur due to implementation differences. There is a 20MB limit per file. Keep in mind that no security solution offers 100% protection, not even when it uses several anti-virus engines (for example, this scan service).
http://virusscan.jotti.org/en
Anubis is a service for analyzing malware.
http://anubis.iseclab.org
Comodo’s online file analysis tool.
http://camas.comodo.com
McAfee SiteAdvisor test websites for spyware, spam and scams so you can search, surf and shop more safely.
http://www.siteadvisor.com
Ether provides Malware Analysis via Hardware Virtualization Extensions.
http://ether.gtisc.gatech.edu/web_unpack/
ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.
http://www.threatexpert.com/submit.aspx
IPVoid allows users to scan an IP Address with multiple scanning services to facilitate the detection of IP Addresses that have committed malicious activity and to check if a website is hosted in a compromised server, used for spam, phishing or to host malicious content.
http://www.ipvoid.com
Netscty’s malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers.
http://netscty.com/malware-tool
JSUnpack Online – Online version of the stand-alone tool jsunpack.
http://jsunpack.jeek.org/dec/go
CWSandbox is online service that runs file you submit through automated sandbox analysis.
http://www.rarst.net/web/cwsandbox/
Upload files that you suspect are malicious or infected by malicious components for instant analysis by Norman SandBox.
http://www.norman.com/security_center/security_tools/submit_file
http://www.malwaretracker.com/pdf.php
Sunbelt Sandbox is an approach to automatically analyze malware which is based on behavior analysis. Malware samples are executed for a finite time in a simulated environment, where all system calls are closely monitored.
http://mwanalysis.org
GFI’s sunbelt online sandbox engine.
http://www.sunbeltsecurity.com/sandbox/
URLVoid allows users to scan a website address with multiple scanning engines such as Google Diagnostic, McAfee SiteAdvisor, Norton SafeWeb, MyWOT to facilitate the detection of possible dangerous websites.
http://www.urlvoid.com
Symantec’s reputation service Norton Safe Web.
http://safeweb.norton.com
The AVG LinkScanner Drop Zone lets you check the safety of individual web pages you are about to visit, also will examine the web page in real time to see whether it’s hiding any suspicious downloads.
http://www.avg.com.au/resources/web-page-scanner/
Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files.
http://wepawet.iseclab.org
Joebox Sandbox.
http://www.joebox.org/samples.php
With VirusTotal, send a file and see the detection according the AV vendors.
http://www.virustotal.com
Novirusthanks is a ree service that allows users to upload and scan a file with multiple Antivirus engines. Users can also analyze a website url or a remote file with the option Scan Web Address.
http://www.novirusthanks.org/service/multi-engine-antivirus-scanner/
Jotti’s malware scan is a free online service that enables you to scan suspicious files with several anti-virus programs. Scanners used are Linux versions; detection differences with Windows versions of the same scanners may occur due to implementation differences. There is a 20MB limit per file. Keep in mind that no security solution offers 100% protection, not even when it uses several anti-virus engines (for example, this scan service).
http://virusscan.jotti.org/en
Anubis is a service for analyzing malware.
http://anubis.iseclab.org
Comodo’s online file analysis tool.
http://camas.comodo.com
McAfee SiteAdvisor test websites for spyware, spam and scams so you can search, surf and shop more safely.
http://www.siteadvisor.com
Ether provides Malware Analysis via Hardware Virtualization Extensions.
http://ether.gtisc.gatech.edu/web_unpack/
ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.
http://www.threatexpert.com/submit.aspx
IPVoid allows users to scan an IP Address with multiple scanning services to facilitate the detection of IP Addresses that have committed malicious activity and to check if a website is hosted in a compromised server, used for spam, phishing or to host malicious content.
http://www.ipvoid.com
Netscty’s malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers.
http://netscty.com/malware-tool
JSUnpack Online – Online version of the stand-alone tool jsunpack.
http://jsunpack.jeek.org/dec/go
CWSandbox is online service that runs file you submit through automated sandbox analysis.
http://www.rarst.net/web/cwsandbox/
Upload files that you suspect are malicious or infected by malicious components for instant analysis by Norman SandBox.
http://www.norman.com/security_center/security_tools/submit_file
SAP J2EE Engine - Vulnerabilities
Am Tuesday, 16. Aug 2011 im Topic 'Tutorials'
Presentation “A crushing blow at the heart of SAP J2EE Engine” from BlackHat USA 2011
Download
http://erpscan.com/wp-content/uploads/2011/08/A_crushing_blow_at_the_heart_of_SAP_J2EE_Engine.pdf
Whitepaper “Architecture and program vulnerabilities in SAP’s J2EE engine” from BlackHat USA 2011
Download
http://erpscan.com/wp-content/uploads/2011/08/A-crushing-blow-at-the-heart-SAP-J2EE-engine_whitepaper.pdf
Download
http://erpscan.com/wp-content/uploads/2011/08/A_crushing_blow_at_the_heart_of_SAP_J2EE_Engine.pdf
Whitepaper “Architecture and program vulnerabilities in SAP’s J2EE engine” from BlackHat USA 2011
Download
http://erpscan.com/wp-content/uploads/2011/08/A-crushing-blow-at-the-heart-SAP-J2EE-engine_whitepaper.pdf
SSDownloader v2.0
Am Tuesday, 16. Aug 2011 im Topic 'Tools'
SSDownloader is an easy-to-use tool which allows you to download up to 50 major security applications in just a few clicks.
If you're setting up a new PC, for instance, then normally you might visit the websites of your favourite security vendors, locate the tools you need and download each one individually.
Download
http://sourceforge.net/projects/ssdownloader/files/SSDownloader.exe/download
If you're setting up a new PC, for instance, then normally you might visit the websites of your favourite security vendors, locate the tools you need and download each one individually.
Download
http://sourceforge.net/projects/ssdownloader/files/SSDownloader.exe/download
Monday, 15. August 2011
Drive-by Cache - Drive-by download
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
1. Brief overview of drive-by downloads
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#section-1-drive-by-download
2. Drive by cache
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#drive-by-cache
3. Real-world example
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#example
4. Complete codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#complete-exploit-codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#section-1-drive-by-download
2. Drive by cache
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#drive-by-cache
3. Real-world example
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#example
4. Complete codes
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html#complete-exploit-codes
Browser to Browser File Sharing
Am Monday, 15. Aug 2011 im Topic 'News'
Features of Files Over Miles include:
High Speed
Ability to send large files
Encryption (128 bit AES)
Works with any browser with Adobe Flash Player 10.
http://www.filesovermiles.com/
High Speed
Ability to send large files
Encryption (128 bit AES)
Works with any browser with Adobe Flash Player 10.
http://www.filesovermiles.com/
Send Anonymous Email
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
Send Free SMS
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
http://smsti.in/send-free-sms/
http://seasms.com/#type
http://spicesms.com/sendsms.php
http://www.bollywoodmotion.com/free-long-sms-india.html
http://seasms.com/#type
http://spicesms.com/sendsms.php
http://www.bollywoodmotion.com/free-long-sms-india.html
Send Free Fax
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
http://sendfreefax.net
http://www.freefax.com/ff_snd.html
http://www.eztel.com/freefax/sendfax.html
http://www.popfax.com
http://www.freefax.com/ff_snd.html
http://www.eztel.com/freefax/sendfax.html
http://www.popfax.com
How to make a QR code
Am Monday, 15. Aug 2011 im Topic 'Tutorials'
Goto http://qrcode.kaywa.com
Select the content type as you wish . if you want to add a Url on QR code select url and add your URL
and Press on the size if you want to make Size Small , medium or Large then Press the Generate Button. Download the QR code image on Computer.
Decrypt a QR Code:
Goto http://zxing.org/w/decode.jspx
Click Browse and Uplod the picture to the website and you can decrypt it and there are many other methods to decrypt QR code .The Device which to Decrypt QR code are QR barcode readers and camera phones with QR CODE Reader Application on it .
Select the content type as you wish . if you want to add a Url on QR code select url and add your URL
and Press on the size if you want to make Size Small , medium or Large then Press the Generate Button. Download the QR code image on Computer.
Decrypt a QR Code:
Goto http://zxing.org/w/decode.jspx
Click Browse and Uplod the picture to the website and you can decrypt it and there are many other methods to decrypt QR code .The Device which to Decrypt QR code are QR barcode readers and camera phones with QR CODE Reader Application on it .
Devil shell 2.0 - PHP
Am Monday, 15. Aug 2011 im Topic 'Source Code'
* Front/Deface Page cretor without knowladge of HTML and user friendly
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
Matriux Krypton
Am Monday, 15. Aug 2011 im Topic 'Pentest'
With Matriux, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hardisk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.
Download
http://www.matriux.com/index.php?page=download
Download
http://www.matriux.com/index.php?page=download
Thursday, 11. August 2011
FireCAT 2.0
Am Thursday, 11. Aug 2011 im Topic 'Web Security'
FireCAT (Firefox Catalog of Auditing exTensions) is a mindmap collection of the most efficient and useful Firefox extensions oriented application security auditing and assessment. FireCAT is not a replacement of other security utilities and software as well as fuzzers, proxies and application vulnerabilities scanners.
Download
http://www.firecat.fr/download.html
Download
http://www.firecat.fr/download.html
Anonymous and secure web surfing
Am Thursday, 11. Aug 2011 im Topic 'Web Security'
JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X. It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers), the user's anonymity stays protected even against the providers (operators) of the anonymous IP address.
Download
http://anonymous-proxy-servers.net/en/software.html
Download
http://anonymous-proxy-servers.net/en/software.html
Wednesday, 10. August 2011
5 SQLi Scanners - Online
Am Wednesday, 10. Aug 2011 im Topic 'Pentest'
http://www.be007.gigfa.com/scanner/scanner.php
http://www.sunmagazin.com/tools/hack/SQLI-Scan
http://scanner.drie88.tk
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
http://www.sunmagazin.com/tools/hack/SQLI-Scan
http://scanner.drie88.tk
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
DefCon 19 - all Presentations from the Defcon
Am Wednesday, 10. Aug 2011 im Topic 'News'
Defcon 19 presentations available for download, Go check out the presentations from this year’s defcon conference here: http://good.net/dl/k4r3lj/DEFCON19/
... ältere Einträge
