DEF CON 19 DVD content on media.defcon.org. two .iso images, one is the original DVD distributed at the show, and the other contains all the same content, but with the updated slide decks from the speakers. Download them at the following links:


https://media.defcon.org/dc-19/defcon-19-dvd-original.iso (~1.6 GB)

https://media.defcon.org/dc-19/defcon-19-dvd-updated.iso (~1.7 GB)

Google up inurl:wp-content/1/ [Warning: just google it up, don't visit any of the site in the search results. They are full of activeX viruses!].

What you see is a list of sites that were hacked through the latest WordPress Vulnerability that allows to insert spam into your blog.

Source

http://smackdown.blogsblogsblogs.com/2008/03/23/new-wordpress-233-exploitvulnerability-adds-spam-directory-wp-content1/

Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules.

Download
http://exploitpack.com/download-framework

This software will crack the MD5, SHA1,NTLM(Windows Password) hash codes. No need to install. Supports All platforms(windows XP/7,Linux,..).

How to run the software?

Download the .zip file and extract.
Extract the zip file.
Open the Terminal or command prompt.
Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal.
Type this command "java -jar HashCodeCracker.jar".
Now the application will run.

Download
http://sourceforge.net/projects/crackerpassword/files/Version%201.2/HashCodeCracker.zip/download
http://code.google.com/p/password-cracker/downloads/list

PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.

The injected DLL installs hooks and creates a socket in guest operating system for a callback connection that is then used for input/output redirection.

PuttyHijack does not kill the current connection, and will cleanly uninject if the socket or process is stopped. Leaves no race for further analysis.

Download
http://www.insomniasec.com/tools/PuttyHijackV1.0.rar

How does above mentioned code works in killapache.

killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.

Download
http://pastebin.com/gWB76qmj

DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows machine since Windows 2000.
This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.

Download
http://www.darkcomet-rat.com/process_download.php?id=7


DarkComet RAT Remover

DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs.

Download
http://darkcomet-rat.com/downloads/DarkCometRemover.zip

DarkComet Analysis
http://resources.infosecinstitute.com/darkcomet-analysis-syria/

Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones. Kaspersky's SecureList blog has a report of a malicious QR code on a web site which when scanned directs the user to a URL; the linked site doesn't have a file matching the name in the URL, but it does redirect the browser to another site where the file jimm.apk is downloaded. The file is a trojanised version of the Jimm mobile ICQ client, infected with Trojan-SMS.AndroidOS.Jifake.f which sends a number of SMS messages to a $6 a message premium rate service.

Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.

Kaspersky’s Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).

Whisker is an advanced CGI vulnerability scanner. It is scriptable and has many good features, such as querying for system type and basing scans on the information gathered (ie, determining between IIS and Apache webservers)

Download
ftp://ftp.usa.openbsd.org/pub/OpenBSD/distfiles//whisker-2.1.tar.gz

Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and other

Download
http://narod.yandex.ru/disk/22405899001/powerfuzzer_v1_beta_patched_binary_installer_complete.exe

squeeza is a tool that helps exploit SQL injection vulnerabilities in broken web applications. Its functionality is split into creating data on the database (by executing commands, copying in files, issuing new SQL queries) and extracting that data through various channels (dns, timing, http error messages)

Download
http://www.sensepost.com/cms/resources/labs/tools/pentest/squeeza/squeeza-0.22.tar.gz

The HP application security solution includes tools for automating and managing application security testing, including static testing of source code in development and dynamic testing of applications running in QA or production. These tools enable you to protect your data, systems, and information from attack by building application security into development and then testing continuously for vulnerabilities. They also help you achieve and demonstrate compliance with government and industry regulations. Now part of the HP IT Performance Suite.

Download
https://download.hpsmartupdate.com/webinspect/WebInspectSetupPrereq.exe

Priv3 protects your privacy by blocking trackers, but still shows social snippets like Facebook Comments, +1, like buttons so you don’t miss any content. Once you interact with the social snippet, it reloads the cookies and tracking starts again, so unless and until you interact with the snippet, the addon keeps blocking the trackers.

Download
http://priv3.icsi.berkeley.edu/

Download PDF
http://dl.packetstormsecurity.net/papers/general/Android.pdf

JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X. It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers), the user's anonymity stays protected even against the providers (operators) of the anonymous IP address.


Download
http://anonymous-proxy-servers.net/en/jondo.html

Download PDDF
http://dl.packetstormsecurity.net/papers/general/busting-windows.pdf

VULNERABILITY DESCRIPTION

Several parameters (searchword, extension, asset, author ) in Joomla!
Core components are not properly sanitized upon submission to the
/index.php url, which allows attacker to conduct Cross Site Scripting
attack. This may allow an attacker to create a specially crafted URL
that would execute arbitrary script code in a victim's browser.

Source
http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.7.0-stable%5D_cross_site_scripting%28XSS%29

Click here "http://jowdones.com/download/security/TTi_MR_32-64bit_ML.7z" to download Trend Micro Titanium Internet Security Multilingual Installer Size 77 MB.
During installation, select “Trial Version”, then accept the terms and conditions.
This is a special build that will automatically activate your subscription for 1 year. No serial/license is required to activate your subscription

The Zscaler Likejacking Prevention keeps you safe from Facebook scams that hide widgets such as ‘Like’ buttons on third party pages, using a technique known as clickjacking. With Likejacking, attackers exploit the Facebook Like button and other Facebook widgets, to spread spam and propagate scams by tricking users into advertising the malicious content via their own Facebook profiles.

Download
http://www.zscaler.com/research/plugins/firefox/likejacking/zscaler-likejaking-prevention-latest.xpi

CSET is a desktop software tool that guides users through a step-by-step process to assess their control system and information technology network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cybersecurity posture of the organization's enterprise and industrial control cyber systems. The tool derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

Download
http://us-cert.gov/control_systems/csetdownload.html

iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files.

Download
http://iscanner.isecur1ty.org/download/iscanner.tar.gz

TransformTool currently supports the following transformations:
HTML Encode/Decode
XML Escape/Unescape
URL Encode/Decode
URL Encode Unicode
URL Encode/Decode raw bytes
Base 64 Encode/Decode
HEX Encode/Decode
Charsets (ASCII, Latin-1, UTF-8, UTF-16)
Deflate/Inflate
GZip/GUnzip
Common hash functions (MD5, SHA-1, SHA-256, SHA-384, SHA-512, RIPEMD-160)

Download
http://transformtool.codeplex.com/releases/view/73662