WPA WPA2 Phishing Tool: Linset

Linset is not a social engineering tool that is used to hack without bruteforce; it requires only two programs that are lighttpd and php5-cgi.

apt-get install lighttpd

apt-get install php5-cgi

After you unzip the download, place the linset folder found in the download into root. This folder contains a php file, a backup php and an alldata.txt. You cannot change the name of the linset folder or place it in another location unless you change the bash coding.

How it works

• Scan the networks.
• Select network.
• Capture handshake (can be used without handshake).
• We choose one of several web interfaces tailored for me (thanks to the collaboration of the users).
• Mounts one FakeAP imitating the original.
• A DHCP server is created on FakeAP.
• It creates a DNS server to redirect all requests to the Host.
• The web server with the selected interface is launched.
• The mechanism is launched to check the validity of the passwords that will be introduced.
• It de-authenticate all users of the network, hoping to connect to FakeAP and enter the password.
• The attack will stop after the correct password checking.

How to Use

$ git clone https://github.com/chunkingz/linsetmv1-2.git

$ cd linsetmv1-2

$ chmod a+x linsetmv1-2

$ mv linset /

$ ./linsetmv1-2


Download

                                                                    Download Now

Read more

by Malik korrich ~ mardi 27 septembre 2016 0 commentaires

Durvasav: Bruteforce Password Cracker

Durvasav bruteforce password cracker is a simple bruteforce password hash cracker program written in C language. It is a console program released under GNU GPL version 3 and runs on Windows. This tool is used to extract plain text from any standard hashes. It uses the OpenSSL library for generating hashes.

Durvasav allows us to compare thousands of hashes to a hash table at a time. It supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512 standard hashing algorithms. You can also produce hash tables of all these hashes for different character sets or generate wordlists for reverse hash lookup.

Features:

• Supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512.
• Uses fast OpenSSL library.
• Includes wide variety of character sets and a custom character set.
• Performs ‘pseudo’ operation.
• Hash table generation.
• Generates bruteforce password table.
• Import and compare hash tables containing thousands of hashes.
• Maximum password length of 12 characters (will increase it).
• Wordlist generation for all characters.
• Compatible with Windows 32bit and 64bit.

You can either choose from predefined character sets or a custom character set of your own.

• [0…9] – Numeric from 0-9.
• [a…z] – Small letters from a-z.
• [A…Z] – Capital letters from A-Z.
• [0…z] – 0-9 numeric and a-z alphabets.
• [0…Z] – 0-9 numeric and A-Z alphabets.
• [a…Z] – All small and capital letters.
• [0..a..Z] – All numbers, small letters and capital letters.
• [All] – All numbers, small letters, capital letters and all special characters.
• [Custom] – Select this if you want use a custom character set.

Download Now

Read more

by Malik korrich ~ 0 commentaires

Open Source OSINT Assistant: DataSploit

The various Open Source Intelligence (OSINT) tools used to capture data, gives the user all the relevant information about the domain / email / phone number / person, etc. It allows us to expand our attack/defense surface by collecting relevant information about the target.

DataSploit simply requires the minimum data (such as domain name, email ID, person name, etc. It is developed by using different programming languages that are popular among the field, that are Python, MongoDb and Django. Once the data is collected, firstly the noise is removed, after which data is correlated and after multiple iterations it is stored locally in a database which could be easily visualized on the UI provided. The sources provided are picked after complete analysis and are known to be providing reliable information.

Features:

• Performs automated OSINT on a domain / email / username / phone and find out relevant information from different sources.
• Useful for Pen-testers, Cyber Investigators, Product companies, defensive security professionals, etc.
• Correlates and collaborate the results, show them in a consolidated manner.
• Tries to find out credentials, api-keys, tokens, sub domains, domain history, legacy portals, etc. related to the target.
• Available as single consolidating tool as well as standalone scripts.
• Available in both GUI and Console.

Requirements:

• MongoDb, Django, Celery and RabbitMq
• Bunch of python libraries
• amqp==1.4.9
• anyjson==0.3.3
• BeautifulSoup==3.2.1
• beautifulsoup4==4.4.1
• billiard==3.3.0.23
• bs4==0.0.1
• celery==3.1.23
• clearbit==0.1.4
• config==0.3.9
• Django==1.9.8
• django-celery==3.1.17
• dnspython==1.14.0
• future==0.15.2
• idna==2.1
• json2html==1.0.1
• kombu==3.0.35
• lxml==3.6.0
• piplapis-python==5.1.0
• pyinotify==0.9.6
• pymongo==3.3.0
• python-Wappalyzer==0.2.2
• python-whois==0.6.2
• pytz==2016.6.1
• requests==2.10.0
• requests-file==1.4
• simplejson==3.8.2
• six==1.10.0
• tldextract==2.0.1
• tqdm==4.7.6
• termcolor

Download:

  Download Now 

Read more

by Malik korrich ~ mardi 20 septembre 2016 0 commentaires

Brutus: The Password Cracker

Brutus is one of the most powerful, fastest and most flexible remote passwords cracking tool available freely that you can get your hands on. Brutus password cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NNTP, and more. It is only available for Windows 9x, NT and 2000 and other versions of Windows.

Brutus was written originally to help me check routers etc. for default and common passwords.

Features

Brutus version AET2 is the current release and includes the following authentication types:

• HTTP (Basic Authentication)
• HTTP (HTML Form/CGI)
• POP3
• FTP
• SMB
• Telnet

Other types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.

The current release includes the following functionality:

• Multi-stage authentication engine
• 60 simultaneous target connections
• No username, single username and multiple username modes
• Password list, combo (user/password) list and configurable brute force modes
• Highly customizable authentication sequences
• Load and resume position
• Import and Export custom authentication types as BAD files seamlessly
• SOCKS proxy support for all authentication types
• User and password list generation and manipulation functionality
• HTML Form interpretation for HTML Form/CGI authentication types
• Error handling and recovery capability inc. resume after crash/failure.

Download Now

Read more

by Malik korrich ~ mercredi 24 août 2016 0 commentaires

UFONet - DDoS Botnet via Web Abuse

UFONet - is a free software tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet.

It abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

  UFONet runs on many platforms.  It requires Python (2.x.y) and the following libraries:

       python-pycurl - Python bindings to libcurl
       python-geoip  - Python bindings for the GeoIP IP-to-country resolver library

  On Debian-based systems (ex: Ubuntu), run:

       sudo apt-get install python-pycurl python-geoip

Attacking a target:

  Enter a target to attack with a number of rounds:

       ./ufonet -a http://target.com -r 10

On this example UFONet will attacks the target a number of 10 times for each 'zombie'. That means that if you have a list of 1.000 'zombies' it will launch 1.000 'zombies' x 10 rounds = 10.000 requests to the target.

Special attacks:

UFONet uses different ways to exploit 'Open Redirect' vulnerabilities. For example: You can use UFONet to stress database on target by requesting random valid strings like search queries:

     ./ufonet -a http://target.com --db "search.php?q="

Download and read more at ..

Read more

by Malik korrich ~ vendredi 19 août 2016 0 commentaires

Xerosploit: Advanced Man in the Middle Framework

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. 

Dependencies

• nmap
• hping3
• build-essential
• ruby-dev
• libpcap-dev
• libgmp3-dev
• tabulate
• terminaltables

Instalation

Dependencies will be automatically installed.

git clone https://github.com/LionSec/xerosploit
cd xerosploit && sudo python install.py
sudo xerosploit

features

• Port scanning
• Network mapping
• Dos attack
• Html code injection
• Javascript code injection
• Download intercaption and replacement
• Sniffing
• Dns spoofing
• Background audio reproduction
• Images replacement
• Drifnet
• Webpage defacement and more ...

Download and read more at:

Read more

by Malik korrich ~ lundi 8 août 2016 0 commentaires

OSTrICa - Open Source Threat Intelligence Collector

OSTrICa stands for Open Source Threat Intelligence Collector and is an Open Source plugin-oriented framework to collect and visualize Threat Intelligence Information. Furthermore, OSTrICa is also the Italian word for oyster: that's where the logo come from.

SOC analysts, incident responders, attack investigators or cyber-security analysts need to correlate IoCs (Indicator of Compromise), network traffic patterns and any other collected data in order to get a real advantage against cyber-enemies. This is where threat intelligence comes into play, but unfortunately, not all the companies have enough budget to spend on Threat Intelligence Platform and Programs (TIPP); this is the main motivation behind OSTrICa's development.

OSTrICa is a free and open source framework that allows everyone to automatically collect and visualize any sort of threat intelligence data harvested (IoCs), from open, internal and commercial sources using a plugin based architecture. The collected intelligence can be analysed by analysts but it can also be visualized in a graph format, suitable for link analysis. The visualized information can be filtered dynamically and can show, for example, connections between multiple malware based on remote connections, file names, mutex and so on so forth.

Download and read more at

Read more

by Malik korrich ~ dimanche 31 juillet 2016 0 commentaires

PytheM - Python penetration testing framework

PytheM is a python penetration testing framework. It has been developed in the hope that it will be useful and I don't take responsibility for any misapplication of it. Only runs on GNU/Linux OS.

Installation

• $sudo apt-get update
• $sudo apt-get install libasound-dev libjack-jackd2-dev portaudio19-dev python-pyaudio build-essential python-dev libnetfilter-queue-dev libespeak1 libffi-dev libssl-dev
• $sudo git clone https://github.com/m4n3dw0lf/PytheM/
• $cd PytheM
• $sudo pip install -r requirements.txt
• Now you are ready to rock:
• $sudo ./pythem

Examples

ARP spoofing - Man-in-the-middle HTTP

  pythem> set interface
  [+] Enter the interface: wlan0
  pythem> set gateway
  [+] Enter the gateway: 192.168.1.1
  pythem> arpspoof start
  [+] Setting the packet forwarding.
  [+] Iptables redefined.
  [+] ARP spoofing initialized.
  pythem> sniff
  [+] Enter the filter: http

Overthrow the DNS of LAN range/IP address

It can be quite useful overthrow the DNS to force the administrator to connect with his credentials to the HTTP server of the router to check what's happening while the sniffer 80 is running kk.

pythem> set interface wlan0
pythem> set gateway 192.168.1.1
pythem> arpspoof start
[*] Iptables redefined
[*] Setting the packet forwarding.
[+] ARP spoofing initialized.
pythem> dos mitmdrop
[+] Man-in-the-middle DNS drop initialized.
pythem> sniff http

Download and read more at:

Read more

by Malik korrich ~ samedi 30 juillet 2016 0 commentaires

RouterSploit - Router Exploitation Framework

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.

It consists of various modules that aids penetration testing operations:

• exploits - modules that take advantage of identified vulnerabilities
• creds - modules designed to test credentials against network services
• scanners - modules that check if target is vulnerable to any exploit

Installation

Requirements

• gnureadline (OSX only)
• requests
• paramiko
• beautifulsoup4
• pysnmp

Installation on Kali

git clone https://github.com/reverse-shell/routersploit
cd routersploit
./rsf.py

Installation on Ubuntu 16.04

sudo apt-get install python-dev python-pip libncurses5-dev git
git clone https://github.com/reverse-shell/routersploit
cd routersploit
pip install -r requirements.txt
./rsf.py

Installation on OSX

git clone https://github.com/reverse-shell/routersploit
cd routersploit
sudo easy_install pip
sudo pip install -r requirements.txt
./rsf.py

Update

Update RouterSploit Framework often. Project is under heavy development and new modules are shipped almost everyday.

cd routersploit
git pull

Usage

root@kalidev:~/git/routersploit# ./rsf.py 
 ______            _            _____       _       _ _
 | ___ \          | |          /  ___|     | |     (_) |
 | |_/ /___  _   _| |_ ___ _ __\ `--. _ __ | | ___  _| |_
 |    // _ \| | | | __/ _ \ '__|`--. \ '_ \| |/ _ \| | __|
 | |\ \ (_) | |_| | ||  __/ |  /\__/ / |_) | | (_) | | |_
 \_| \_\___/ \__,_|\__\___|_|  \____/| .__/|_|\___/|_|\__|
                                     | |
     Router Exploitation Framework   |_|

 Dev Team : Marcin Bury (lucyoa) & Mariusz Kupidura (fwkz)
 Codename : Wildest Dreams
 Version  : 1.0.0

rsf > 

1. Exploits

Pick the module

rsf > use exploits/
exploits/2wire/     exploits/asmax/     exploits/asus/      exploits/cisco/     exploits/dlink/     exploits/fortinet/  exploits/juniper/   exploits/linksys/   exploits/multi/     exploits/netgear/
rsf > use exploits/dlink/dir_300_600_rce
rsf (D-LINK DIR-300 & DIR-600 RCE) > 

You can use the tab key for completion.

Download and learn more..

Read more

by Malik korrich ~ mercredi 27 juillet 2016 0 commentaires

APT2: Automated Penetration Toolkit

Automated Penetration Toolkit can perform an NMap scan and import the scan results from Nexpose, Nessus and other scanning tools. The results are further used to launch exploit and enumeration modules.

All the results are stored to knowledge base of APT2 on localhost machine. The KB is accessible from within the application and allows the user to view the harvested results of an exploit module.

Setup:

On kali Linux install Python-Nmap library: pip installpython-nmap

Configuration:

To configure APT2 to run as you desire, edit the default.cfg file in root directory.

Current options include:
• metasploit
• nmap
• threading

Metasploit RPC API: 

APT2 can utuilize your host’s Metasploit RPC interface

NMAP:

Configure NMAP scan settings to include the target, scan type, scan port range, and scan flags. These settings can be configured while the program is running.

Threading:

Configure the number of the threads APT2 will use.

Run:

No Options:

python apt2 or ./apt2

With Configuration File

python apt2 -C

Import Nexpose, Nessus, or NMap XML

python apt2 -f

Specify Target Range to Start

python apt2 -f 192.168.1.0/24

Safe Level:

Safe levels indicate how safe a module is to run againsts a target. The scale runs from 1 to 5 with 5 being the safest. The default configuration uses a Safe Level of 4 but can be set with the -s or --safelevel command line flags.

Usage:

apt2.py [-h] [-C ] [-f [ [ ...]]]

               [--target] [--ip ] [-v] [-s SAFE_LEVEL] [-b]

               [--listmodules]

optional arguments:

  -h, --help            show this help message and exit

  -v, --verbosity       increase output verbosity

  -s SAFE_LEVEL, --safelevel SAFE_LEVEL

                        set min safe level for modules

  -b, --bypassmenu      bypass menu and run from command line arguments

inputs:

  -C       config file

  -f [ [ ...]]

                        one of more input files seperated by spaces

  --target              initial scan target(s)

advanced:

  --ip       defaults to ip of interface

misc:

  --listmodules         list out all current modules

Modules

-----------------------

LIST OF CURRENT MODULES

-----------------------

nmaploadxml               Load NMap XML File

hydrasmbpassword          Attempt to bruteforce SMB passwords

nullsessionrpcclient      Test for NULL Session

msf_snmpenumshares        Enumerate SMB Shares via LanManager OID Values

nmapbasescan              Standard NMap Scan

impacketsecretsdump       Test for NULL Session

msf_dumphashes            Gather hashes from MSF Sessions

msf_smbuserenum           Get List of Users From SMB

anonftp                   Test for Anonymous FTP

searchnfsshare            Search files on NFS Shares

crackPasswordHashJohnTR   Attempt to crack any password hashes

msf_vncnoneauth           Detect VNC Services with the None authentication type

nmapsslscan               NMap SSL Scan

nmapsmbsigning            NMap SMB-Signing Scan

responder                 Run Responder and watch for hashes

msf_openx11               Attempt Login To Open X11 Service

nmapvncbrute              NMap VNC Brute Scan

msf_gathersessioninfo     Get Info about any new sessions

nmapsmbshares             NMap SMB Share Scan

userenumrpcclient         Get List of Users From SMB

httpscreenshot            Get Screen Shot of Web Pages

httpserverversion         Get HTTP Server Version

nullsessionsmbclient      Test for NULL Session

openx11                   Attempt Login To Open X11 Servicei and Get Screenshot

msf_snmplogin             Attempt Login Using Common Community Strings

msf_snmpenumusers         Enumerate Local User Accounts Using LanManager/psProcessUsername OID Values

httpoptions               Get HTTP Options

nmapnfsshares             NMap NFS Share Scan

msf_javarmi               Attempt to Exploit A Java RMI Service

anonldap                  Test for Anonymous LDAP Searches

ssltestsslserver          Determine SSL protocols and ciphers

gethostname               Determine the hostname for each IP

sslsslscan                Determine SSL protocols and ciphers

nmapms08067scan           NMap MS08-067 Scan

msf_ms08_067              Attempt to exploit MS08-067

Download

Read more

by Malik korrich ~ lundi 25 juillet 2016 0 commentaires

DMitry: Deepmagic Information Gathering Tool

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C language.

DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The information are gathered with following methods:

• Perform an Internet Number whois lookup.
• Retrieve possible uptime data, system and server data.
• Perform a SubDomain search on a target host.
• Perform an E-Mail address search on a target host.
• Perform a TCP Portscan on the host target.
• A Modular program allowing user specified modules

Download and installation

DMitry can be downloaded by issuing following commands:

$ cd /data/src/
$ wget http://mor-pah.net/code/DMitry-1.3a.tar.gz

For installation, issue following commands:

$ tar xzvf DMitry-1.3a.tar.gz
$ cd DMitry-1.3a/
$ ./configure
$ make
$ sudo make install

Then optionally create a symbolic link to your /pentest/ directory:

$ mkdir -p /pentest/enumeration/dmitry/
$ ln -s /usr/local/bin/dmitry /pentest/enumeration/dmitry/dmitry

Use

help

DMitry help can be displayed by issuing:

$ dmitry --help

or, for a more complete documentation:

$ man dmitry

Read more

by Malik korrich ~ vendredi 22 juillet 2016 0 commentaires

Commix: Command Injection Exploiter

Commix a short form for Command Injection Exploiter is an environment that web developers, penetration testers and even security researchers can use to test web applications in order to find bugs or vulnerabilities.

Commix is written in python programming language. That helps to find vulnerabilities related to command injection attacks. In Command injection attack the goal is to execute arbitrary commands on the host operating system via a vulnerable application. These attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell.

The arbitrary commands will be executed on successful command injection attack through vulnerable application. The features available in Commix include a set of options for specifying which parameters should be injected and to append the injection payloads. User can also define data in POST request as well as employ injection payload suffix and prefix string to exploit the target.

Moreover, it supports base64 encoding for multiple injection techniques (eval-based, time based or file based).

Requirements 

Python version 2.6.x or 2.7.x is required for running this program.

Supported Platform

• Linux
• Mac OS X
• Windows (Experimental)

Installation 

Download commix by cloning the Git repository:

git clone https://github.com/stasinopoulos/commix.git commix

Commix comes packaged on the official repositories of the following Linux distributions:

• ArchAssault
• BlackArch
• Kali Linux
• BackBox
• Weakerthan

Commix also comes pre-installed, on the following penetration testing frameworks:

• The Penetration Testers Framework (PTF)
• CTF-Tools
• PentestBox
• PenBox
• Katoolin

Usage

To get a list of all options and switches use:

python commix.py -h

So, do you want to get some ideas on how to use commix? Have a quick look of all available options and switches here.

Download

Read more

by Malik korrich ~ lundi 18 juillet 2016 0 commentaires

5 Malware Scanners You Should Know About

For many years computers have been infected by malicious software, also known as “Malware”. It is specially designed to gain access or damage computer without the knowledge of owner. To protect user from any damage various anti-malware software have been developed.

Today we are going to discuss few best known anti-malware software that can be used to protect ourselves.

MalwareBytes’ Anti-Malware

MalwareBytes is Windows based anti-malware software. It scans the Windows for malicious software. Free version is available online with limited features and supports scheduled scan with paid version. The author of MalwareBytes claims to detect those malware that left undetectable by other anti malware scanners.

ClamAV

ClamAV is the most powerful open source malware scanner that provides integration with mail server and scans attached file for malware. It provides a flexible and scalable multi-threaded daemon, a command line scanner, and feature to update via Internet. Clam Anti Virus is based on a shared library and provides up to date virus database that you can use with your own software.

VirusTotal

VirusTotal is a web based anti malware scanner that analyzes submitted files for known viruses and malware. It is associated with many antivirus engines from different vendors and updates regularly with new signatures. It also alerts the antivirus vendors if the submitted file is not detected by their product.

SUPERAntiSpyware

SuperAntiSpyware is the best portable malware scanner that allows direct run from any USB drive without the need of installation that can be an issue on highly infected computer. The latest version is easily downloadable from the internet which saves trouble and time to update the software. The free version of SuperAntiSpyware does not include real time protection and update features.

EMCO Malware Destroyer

It is a malware scanning management tool to batch scans multiple computers for malware on a network without real time protection. EMCO’s free version provides only 1 scanning mode and allows scanning of single local and remote computer. It is quite fast because it checks infection based on the targeted definitions.

Many Cyber security professionals and individuals use these tools to scan for malicious software. Yet, there are many other scanners as well. 

Read more

by Malik korrich ~ dimanche 26 juin 2016 1 commentaires

10 Most Recommended Tools For Password Recovery

Whenever confidentiality and access levels are defined, password is used to give certain access to users. User protects their personal details with strong passwords. However, many password cracking tools have been created to crack the passwords.

There are many password cracking tools available for free and paid as well. Today we are going to discuss about some most recommended password cracking tools that security professionals uses.

Aircrack

It is used to recover wireless keys. It implements the best known cracking algorithms once enough encrypted packets are gathered. Aircrack is a suite of tools for 802.11 a/b/g WEP and WPA cracking. The suite comprises of many tools like airodump, aireplay, aircrack, airdecap for capturing wireless communications packets.

Cain and Abel

Cain and Abel is Windows-only password cracking tools that many cyber security professional uses to recover passwords. It sniffs the network, cracks encrypted password using dictionary. This tool is able to attack by brute force and cryptanalysis techniques and can also record VoIP communications, uncover cache passwords, revealing password boxes and analyzing routing protocols.

THC Hydra

Most cyber security professional choose THC hydra when they need to crack remote authentication service using brute force attack. It can perform rapid dictionary attack against more than 50 protocols, which includes http, ftp, https, smb and several databases.

Ophcrack

It’s a Windows password cracking tool, although it can be run on Linux, Windows and Mac also. It includes many features like LM and NTLM hash cracking, GUI, can load hashes from encrypted SAM recovered from Windows partition and a live CD version.

Medusa

Medusa is a tool that fast, modular, and massively parallel brute force logger. It supports many protocols like AFP, cvs, ftp, http, imap, SSH and other.

Fgdump 

Fgdump is the tool for extracting NTLM and LanMan password hashesfrom Windows. Fpdump attempts to disable antivirus software before initiating. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). It is also capable of displaying password histories if available.

L0phtCrack

L0phtCrack is a Windows based password cracking tool, which attempts cracking using hashes. Hashes can be obtained from stand-alone Windows workstation, network servers or active directories.  It also has various methods of generating passwords (dictionary, brute force, etc).

RainbowCrack

The RainbowCrack tool is a hash cracking tool that makes use of a large-scale time-memory trade-off. An ordinary brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. While, RainbowCrack uses a time-memory trade-off to do all the pre cracking-time computation and store the results in tables called "rainbow tables". It does take a long time to pre compute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the pre-computation is finished.

Brutus

Brutus is a free and Windows-only password cracker that uses dictionary against network services of remote system to recover password. It supports http, pop3, ftp, smb, telnet, imap and other protocols.

Wfuzz

Wfuzz is a brute forcing tool for Web Applications, cyber security professionals uses this tool for finding resources like directories, servlets, scripts, bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.) and brute forcing form parameters (user/password), fuzzing and more.

Password cracking tools are not limited to these only there are many other tools as well. Many cyber security professional recommends these tools to recover passwords.

Read more

by Malik korrich ~ samedi 25 juin 2016 0 commentaires

4 Best Port Scanners

Port scanners are the application that scans server or host for available ports that are used for communication. These applications are often used by network administrators and security specialist to verify security policies; attacker uses this application to find the running services on host and to exploit them.

Here we discussed 4 most popular and best port scanners widely used by network administrators and hackers.

Angry IP Scanner

The Angry IP scanner is a Java based application that discovers host through ping scan. It is cross platform, lightweight and very fast port scanner. It simply pings each host and gather information like hostname, MAC address, port scan etc. Additionally, it also contain features like, NetBIOS information (computer name, logged in user), web server detection etc.  It uses multi-threading to speed up scanning.

Superscan

Superscan is a free Windows based port scanner that only detects open TCP and UDP ports on the target computer. Superscan is used by both network administrator and hackers to determine which service is running on different ports and provide queries like ping, whois, ICMP, traceroute and host name lookups. This tool is not maintained, the latest release was in 2004.

NetScan Tools

NetScan is the application that scans the network based on user provided IP range. NetScan is the collection of more than 40 network utilities for windows, designed with easy to use interface. It includes port scanner, DNS tools, traceroute and other utilities.

Unicornscan

Unicornscan is asynchronous TCP and UDP scanner used by many network administrators all over the world. It includes asynchronous stateless TCP scanning with all variations of TCP flags, active passive remote OS and other hundreds of features. Unicornscan intended to provide a researcher a superior interface to stimulate response from TCP/IP enabled devices. Many used this tool as IP port scanner.

Read more

by Malik korrich ~ lundi 20 juin 2016 0 commentaires

OWTF: OWASP Offensive Web Testing Framework

OWTF is OWASP’s (Open Web Application Security Project) Offensive Web Testing Framework. This tool automates the manual and un-creative part of pen-testing. OWASP’s project OWTF is focused on penetration testing efficiency and alignment of security testing standards.

This framework will help pen-testers to:

1) View big picture and think out of the box.
2) More efficiently find and verify vulnerabilities.
3) Due to automation, gets more time to work on complex vulnerabilities.
4) Perform more fuzzing on apparently risky parts.

The tool is highly user friendly and can be used by anyone without developing skills. Although, understanding and experience will be required to further investigate and use the output.

Features

Resilience

It allows OWTF to store partial output when a tool crashes. It will store the output and allow pen-tester to monitor processes.

Flexibility 

It allows pausing the processes when network connection of host or victim goes down. You can resume them later, avoiding loosing data.

Easy to Use API

OWTF uses PostgreSQl on back-end, enabling pen-testers to handle all functions and options through APIs. Pen-tester can add new feature with less efforts.

OWTF supports many popular pen testing standards making it considerable by pen-testers and ethical hackers. Its responsive interface enable user to easily work on it without developing skills.

Prerequisites

There are few packages which are mandatory before you proceed
• Git client: sudo apt-get install git
• Python 2.7, installed by default in most systems
• Wget: sudo apt-get install wget

Manual installation of OWTF is nothing but cloning the repository and running the install script
git clone https://github.com/owtf/owtf.git

Read more

by Malik korrich ~ samedi 18 juin 2016 0 commentaires