... neuere Einträge
Monday, 26. September 2011
Findmyhash - Python
Am Monday, 26. Sep 2011 im Topic 'Source Code'
Cracking services supported
Schwett.com
Netmd5crack.com
MD5-Cracker.tk
tools.BenRamsey.com
md5.Gromweb.com
md5.HashCracking.com
victorov.su
md5.thekaine.de
tmto.org
md5-db.de
md5.my-addr.com
md5pass.info
md5decryption.com
md5crack.com
md5online.net
md5-decrypter.com
authsecu.com
hashcrack.com
objectif-securite.ch
c0llision.net
md5.rednoize.com
cmd5.org
cacin.net
ibeast.com
password-decrypt.com
bigtrapeze.com
hashchecker.com
md5hashcracker.appspot.com
passcracking.com
askcheck.com
cracker.fox21.at
crackfoo.nicenamecrew.com
joomlaaa.com
md5-lookup.com
sha1-lookup.com
sha-256.sha1-lookup.com
ripemd-lookup.com
md5.com.cn
md5.digitalsun.pl
md5.drasen.net
md5.myinfosec.net
md5.net
md5.noisette.ch
md5hood.com
stringfunction.com
xanadrel.99k.org
isc.sans.edu
bokehman.com
Download
http://code.google.com/p/findmyhash/downloads/list
Schwett.com
Netmd5crack.com
MD5-Cracker.tk
tools.BenRamsey.com
md5.Gromweb.com
md5.HashCracking.com
victorov.su
md5.thekaine.de
tmto.org
md5-db.de
md5.my-addr.com
md5pass.info
md5decryption.com
md5crack.com
md5online.net
md5-decrypter.com
authsecu.com
hashcrack.com
objectif-securite.ch
c0llision.net
md5.rednoize.com
cmd5.org
cacin.net
ibeast.com
password-decrypt.com
bigtrapeze.com
hashchecker.com
md5hashcracker.appspot.com
passcracking.com
askcheck.com
cracker.fox21.at
crackfoo.nicenamecrew.com
joomlaaa.com
md5-lookup.com
sha1-lookup.com
sha-256.sha1-lookup.com
ripemd-lookup.com
md5.com.cn
md5.digitalsun.pl
md5.drasen.net
md5.myinfosec.net
md5.net
md5.noisette.ch
md5hood.com
stringfunction.com
xanadrel.99k.org
isc.sans.edu
bokehman.com
Download
http://code.google.com/p/findmyhash/downloads/list
Friday, 23. September 2011
Script to audit web applications - Perl
Am Friday, 23. Sep 2011 im Topic 'Source Code'
Features and changes made in lilith
got rid of many many false positives (that’s good)
when SQL error is found, it now goes onto next var
improved (i hope) scanning engine
(anti) coldfusion support
better cookie handling and cookie tampering
omitted perl HTML::Form limitation
better verbose output
extensive logging
detects directory indexing
recursive URL dissection
cleaned up this pasta code
Download
http://michaelhendrickx.com/wp-content/uploads/2008/11/lilith-06atar.gz
got rid of many many false positives (that’s good)
when SQL error is found, it now goes onto next var
improved (i hope) scanning engine
(anti) coldfusion support
better cookie handling and cookie tampering
omitted perl HTML::Form limitation
better verbose output
extensive logging
detects directory indexing
recursive URL dissection
cleaned up this pasta code
Download
http://michaelhendrickx.com/wp-content/uploads/2008/11/lilith-06atar.gz
Tuesday, 30. August 2011
x64 XOR Shellcode Encoder / Loader - Perl
Am Tuesday, 30. Aug 2011 im Topic 'Source Code'
Read these first:
www.klake.org/~jt/encoder/
www.security-assessment.com/Presentations/BM_Brightstar_2004.ppt
These didnt do what I wanted, aka work on x64 etc, so I did a
_much_ more basic (using as/ld/objdump) one to do what I wanted...
Source
http://pastebin.com/jL5egjZe
by
lucifer
www.klake.org/~jt/encoder/
www.security-assessment.com/Presentations/BM_Brightstar_2004.ppt
These didnt do what I wanted, aka work on x64 etc, so I did a
_much_ more basic (using as/ld/objdump) one to do what I wanted...
Source
http://pastebin.com/jL5egjZe
by
lucifer
Monday, 29. August 2011
DDos via Google Plus Servers
Am Monday, 29. Aug 2011 im Topic 'Source Code'
The vulnerable pages are “/_/sharebox/linkpreview/“ and “gadgets/proxy?“
Is possible to request any file type, and G+ will download and show all the content. So, if you parallelize so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+. If anything, Google will notice [attack attempts] and probably blacklist you.
Source
http://pastebin.com/2uRGm9jY
by
R00T.ATI
Is possible to request any file type, and G+ will download and show all the content. So, if you parallelize so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+. If anything, Google will notice [attack attempts] and probably blacklist you.
Source
http://pastebin.com/2uRGm9jY
by
R00T.ATI
Sunday, 28. August 2011
Killapache - DDOS tool - Perl
Am Sunday, 28. Aug 2011 im Topic 'Source Code'
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.
Source
http://pastebin.com/9y9Atijn
Source
http://pastebin.com/9y9Atijn
Friday, 26. August 2011
Knock v1.5 - Subdomain Scanner - Python
Am Friday, 26. Aug 2011 im Topic 'Source Code'
Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text.
Usage
$ python knock.py
Rapid Scan
Scanning with internal wordlist:
$ python knock.py
Scanning with external wordlist:
$ python knock.py
Options
-zt Zone Transfer discovery:
$ python knock.py -zt
-dns Dns resolver:
$ python knock.py -dns
-wc Wildcard testing:
$ python knock.py -wc
-wc Wildcard bypass:
$ python knock.py -bw
Download
http://code.google.com/p/knock/downloads/list
Usage
$ python knock.py
Rapid Scan
Scanning with internal wordlist:
$ python knock.py
Scanning with external wordlist:
$ python knock.py
Options
-zt Zone Transfer discovery:
$ python knock.py -zt
-dns Dns resolver:
$ python knock.py -dns
-wc Wildcard testing:
$ python knock.py -wc
-wc Wildcard bypass:
$ python knock.py -bw
Download
http://code.google.com/p/knock/downloads/list
Sunday, 21. August 2011
Multiple CMS Hash Cracker - Perl
Am Sunday, 21. Aug 2011 im Topic 'Source Code'
Source
http://pastebin.com/Ny3WLPpu
http://pastebin.com/Ny3WLPpu
Monday, 15. August 2011
Devil shell 2.0 - PHP
Am Monday, 15. Aug 2011 im Topic 'Source Code'
* Front/Deface Page cretor without knowladge of HTML and user friendly
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
* Undetectable by Google Dork
* Back-Connect [Available in Paid Version]
* Database Dump [Automatic Dump available in Paid Version]
* SQL and Linux Command Run
* Front/Deface Page Creator
* Mail Bomber Testing
* DDoS attacker Testing
* Self kill
* Indiviusal Login's
Download
http://teamnuts.in/ugdevil.rar
Username: ugdevil
Password: 12345678
Tuesday, 2. August 2011
Anonware malware framework - C#
Am Tuesday, 2. Aug 2011 im Topic 'Source Code'
Source
http://pastebin.com/MFc4SY3S
download complete everything @
http://www.megaupload.com/?d=QKMY6HRW
UPDATE: GITHUB REPO AVAILABLE NOW! https://github.com/opendeveloper/anonware (^)_(^)
http://pastebin.com/MFc4SY3S
download complete everything @
http://www.megaupload.com/?d=QKMY6HRW
UPDATE: GITHUB REPO AVAILABLE NOW! https://github.com/opendeveloper/anonware (^)_(^)
Sunday, 31. July 2011
Downloader - Visual Basic
Am Sunday, 31. Jul 2011 im Topic 'Source Code'
Convert the EXE file to Base64 and upload it to a website. the downloader download it and save it as a text file. The downloader will then convert the Base64 text to binary, save it as an executable, and then execute it.
Download base64:
http://download.cnet.com/Base64-De-Encoder/3000-2247_4-10571789.html
Download base64:
http://download.cnet.com/Base64-De-Encoder/3000-2247_4-10571789.html
... ältere Einträge
