Thủ Phủ Hacker Mũ Trắng Buôn Ma Thuột

Chương trình Đào tạo Hacker Mũ Trắng Việt Nam tại Thành phố Buôn Ma Thuột kết hợp du lịch. Khi đi là newbie - Khi về là HACKER MŨ TRẮNG !

Hacking Và Penetration Test Với Metasploit

Chương trình huấn luyện sử dụng Metasploit Framework để Tấn Công Thử Nghiệm hay Hacking của Security365.

Tài Liệu Computer Forensic Của C50

Tài liệu học tập về Truy Tìm Chứng Cứ Số (CHFI) do Security365 biên soạn phục vụ cho công tác đào tạo tại C50.

Sinh Viên Với Hacking Và Bảo Mật Thông Tin

Cuộc thi sinh viên cới Hacking. Với các thử thách tấn công trang web dành cho sinh viên trên nền Hackademic Challenge.

Tấn Công Và Phòng Thủ Với BackTrack / Kali Linux

Khóa học tấn công và phòng thủ với bộ công cụ chuyên nghiệp của các Hacker là BackTrack và Kali LINUX dựa trên nội dung Offensive Security

Sayfalar

Bugtraq-II Beta 32 bits Release


Features
Bugtraq system offers the most comprehensive distribution, optimal, and stable with automated services manager in real time. This distribution based on the 3.2 and 3.4 kernel PAE has a huge range of penetration, forensic and laboratory tools. Bugtraq is available with XFCE, Gnome and KDE based on Ubuntu, Debian and OpenSuse. The systems are available in 11 different languages.

Tools
One of the novelties of bugtraq is its wide range of tools in different branches. We can find mobile forensic tools, malware testing laboratories, tools of the Bugtraq-Community, audit tools for GSM, wireless, bluetooth and RFID, integrated Windows tools, tools focused on ipv6, and typical pentesting and forensics tools that should not miss in Bugtraq-II.


Install
You can install our distribution from a Live DVD or USB drive. Depending on your desktop environment, the features vary. The minimum requirements are based on XFCE.

  • 1GHz x86 processor & 512 MB of system memory
  • 15 GB of disk space for installation

Download Bugtraq-II Beta 32 bits

System requirements
  • 1GHz x86 processor
  • 512 MB of system memory (RAM)
  • 15 GB of disk space for installation
  • Graphics card capable of 800x600 resolution
  • DVD-ROM drive or USB port

Download Bugtraq 2 Black Widow Xubuntu available in 11 languages
 MD5: 94e997802dd9286da7acb6faba4b7f34

[SAMHAIN 3.0.9] File Integrity Checker / Host-Based Intrusion Detection System


The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.

Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.

Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans. 


[Stegano 0.4] Python Steganography Module



Stéganô is a Python Steganography module.

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Consequently, functions provided by Stéganô only hide message, without encryption. Indeed steganography is often used with cryptography.


The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. If you are interested in cryptography have a look at my project pySecret.

Requirements


Tutorial


Methods of hiding

For the moment, Stéganô implements these methods of hiding:
  • using the red portion of a pixel to hide ASCII messages;
  • using the Least Significant Bit (LSB) technique;
  • using the LSB technique with sets based on generators (Sieve for Eratosthenes, Fermat, Mersenne numbers, etc.);
  • using the description field of the image (JPEG).
Moreover some methods of steganalysis are provided:
  • steganalysis of LSB encoding in color images;
  • statistical steganalysis.


License

Stéganô is under GPL v3 license.

Download

[HoneyDrive Desktop] Máquina virtual con varias aplicaciones para correr nuestro propio Honeypot


HoneyDrive Desktop es una máquina virtual con varias aplicaciones preparadas que nos permite de una forma sencilla y rápida correr nuestro propio honeypot.

Corre con Xubuntu Desktop 12.04 32 bits y contiene entre otras, las siguientes aplicaciones:

  • Servidor LAMP con phpMyAdmin
  • Kippo SSH, Kippo-Graph y Kippo2MySQL
  • Dionaea Malware + phpLiteAdmin
  • Honeyd + Honeyd2MySQL y Honeyd-Viz
  • LaBrea, Tiny Honeypot, IIS Emulator, INetSim y SimH
  • Varias utilidades para el análisis de malware, PDFs, etc


La imagen ocupa 2.7 Gb y la puedes descargar desde aquí. Para instalarlo sólo tienes que importar el fichero dentro de tu programa favorito de virtualización. Recomendado Virtual Box.

[AnonTwi 1.0] Twittea Anónimanente


AnonTwi es un software gratuito diseñado para navegar anónimamente en las redes sociales. Es compatible con Identi.ca y Twitter.com. Puedes aprovechar la aleatorización de proxy, enviar datos falsos geolocalización, y más.

+ Cifrado AES + HMAC-SHA1 en Tweets y Mensajes Directos --> [Más Info]
      + Secure Sockets Layer (SSL) para interactuar con la API
+ Proxy Socks (por ejemplo, para conectar a la red TOR)
+ Valores aleatórios para las cabeceras HTTP
+ Enviar mensajes largos que divide de forma automática
+ Descifrado automático a partir de urls de tweets o código cifrado
+ Copia de seguridad de mensajes a disco (máx: 3200)
+ Enviar falsas geolocalizaciones
+ Borrar datos y cerrar cuenta (suicidarse)
+ Ver los Trending Topics globales
+ Soporte UTF-8 + Unicode (chino, árabe, símbolos, etc)
+ Multiplataforma: GNU/Linux, MacOS, Win32
+ Resultados con colores
+ Generar herramientas y módulos
+ Interfaz visual GTK+
+ Un bot de irc


Y otras muchas más opciones que puedes ver detalladas aquí                                                  

hg clone http://hg.code.sf.net/p/anontwi/code anontwi-code

Descargar AnonTwi 1.0


[SQLSentinel] OpenSource tool for sql injection security testing


SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can generate a pdf report which contains the url vuln found and the url crawled. 

Please remember that SQLSentinel is not an exploiting tool. It can only finds url Vulnerabilities.



[BeEF] Fake Browser Update Exploitation


How to use BeEF Framework for fake browser update exploitation.

Fake Browser Update : - In BeEF Framework there is a new feature available in social-engineering called Clippy using this feature we are sending the fake Update notification and if user click on that so obviously he is going to install that exe and other side you will get the meterpreter session. Very easy to perform but very good for social-engineering.

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.


Windows Autologin Password Dumper & Manager

Windows Autologin Password is the free command-line tool to quickly dump and manage the Windows Automatic Logon Password.



Automatic Logon is one of the useful feature in Windows which allows you to login to system automatically without entering the password everytime. This tool helps you to easily dump the current Autologon password as well as quickly change the Autologon settings with just one command.
Here is the complete list of things that you can do with it,

  • Dump the Windows Auto Logon User & Password
  • Enable the Windows Auto Logon
  • Specify your Username & Password for Windows Auto Logon.
  • Disable the Windows Auto Logon

Once you set the Auto Logon username & password, you have to restart and next time you will be logged in automatically.
It is simple & easy to use tool. Also being a command-line based tool makes it perfect for automation.

'Windows Autologin Password' works on both both 32 bit & 64 bit versions and tested successfully on all Windows Platforms starting from Windows XP to latest version, Windows 8.      

Web: http://securityxploded.com/windows-autologin-password.php
Download  [Windows Autologin Password Dumper & Manager]

[SQL Fingerprint] Christmas Release


Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions and/or privileges on Microsoft SQL Server to succeed. 

Instead, ESF.pl uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version. ESF.pl also applies a sophisticated Scoring Algorithm Mechanism (Powered by Exploit Next Generation++ Technology), which is a much more reliable technique to determine the Microsoft SQL Server version. It is a tool intended to be used by: 




This version is a completely rewritten version in Perl, making ESF.pl much more portable than the previous binary

version (Win32), and its original purpose is to be used as a tool to perform automated penetration test. This version also includes the followingMicrosoft SQL Server versions to its fingerprint database:  

        • Microsoft SQL Server 2012 SP1 (CU1)
• Microsoft SQL Server 2012 SP1
• Microsoft SQL Server 2012 SP1 CTP4
• Microsoft SQL Server 2012 SP1 CTP3
• Microsoft SQL Server 2012 SP0 (CU4)
• Microsoft SQL Server 2012 SP0 (MS12-070)
• Microsoft SQL Server 2012 SP0 (CU3)
• Microsoft SQL Server 2012 SP0 (CU2)
• Microsoft SQL Server 2012 SP0 (CU1)
• Microsoft SQL Server 2012 SP0 (MS12-070)
• Microsoft SQL Server 2012 SP0 (KB2685308)
• Microsoft SQL Server 2012 RTM

Download: http://code.google.com
Source: http://adf.ly/146C04

[Hydra v 7.4] Fast Network cracker



One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.


Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.


Change Log

  • New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
  • Added support for win8 and win2012 server to the RDP module
  • Better target distribution if -M is used
  • Added colored output (needs libcurses)
  • Better library detection for current Cygwin and OS X
  • Fixed the -W option
  • Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
  • Fixed HTTP Form module false positive when no answer was received from the server
  • Fixed SMB module return code for invalid hours logon and LM auth disabled
  • Fixed http-{get|post-form} from xhydra
  • Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
  • Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
  • Added debug mode option to usage (thanks to Anold Black)


[WiFi Password Decryptor] Free Wireless Password Recovery Software


WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system.

It automatically recovers all type of Wireless Keys/Passwords (WEP/WPA/WPA2 etc) stored by Windows Wireless Configuration Manager.
For each recovered WiFi account, it displays following information
  • WiFi Name (SSID)
  • Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP)
  • Password Type
  • Password in clear text
After the successful recovery you can save the password list to HTML/XML/TEXT file. You can also right click on any of the displayed account and quickly copy the password.
Under the hood, 'WiFi Password Decryptor' uses System Service method (instead of injecting into LSASS.exe) to decrypt the WiFi passwords. This makes it more safer and reliable. Also it makes us to have just single EXE to work on both 32-bit & 64-bit platforms.

It has been successfully tested on Windows Vista and higher operating systems including Windows 8.

How to Use?

WiFiPasswordDecryptor is easy to use with its simple GUI interface. 

Here are the brief usage details
  • Launch WiFiPasswordDecryptor on your system
  • Next click on 'Start Recovery' button and all stored WiFi account passwords will be recovered & displayed as shown in screenshot 1 below.
  • You can right click on any of the displayed account to quickly copy the password
  • Also can generated detailed password recovery report in HTML/XML/Text format by clicking on 'Export' button and then select the type of file from the drop down box of 'Save File Dialog'.
Note that you need to have administrative privileges to run this tool.

Limitations

This tool can recover the WiFi Passwords configured by Windows Wirelss Configuration Manager only. Also it does not work on older operating systems like Windows XP, 2003.It works well with Vista & all the higher versions.
Screenshots

Here are the screenshots of WiFiPasswordDecryptor
Screenshot 1: WiFi Password Decryptor showing all the Recovered WiFi account Passwords.
WiFiPasswordDecryptor showing recovered passwords


Screenshot 2: Detailed HTML report of all the recovered WiFi account Passwords
WiFiPasswordDecryptor

Download WiFi Password Decryptor

[ScanPlanner] Scanner Nmap Online


ScanPlanner is the easiest, fastest way to run NMAP scans and tests from the web. Schedule and track your network scans and vulnerability tests with our intuitive online interface.

WEB: http://scanplanner.com/

[jSQL Injection] Java based automated SQL injection tool


jSQLi is java based free SQL Injection Tool. It is very easy for user to retrieve database information from a vulnerable web server.

SQL Injection features:

  • GET, POST, header, cookie methods
  • normal, error based, blind, time based algorithms
  • automatic best algorithms detection
  • data retrieving progression
  • proxy setting
  • evasion
  • for now supports MySQL

Download it from here:
http://adf.ly/14645Y

[Nmap 6.25] 85 new NSE scripts

Download+Nmap+6.25After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 .

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
Updates:
  • integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissions and corrections
  • better IPv6 traceroute support
  • new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X
  • added support for Unix domain sockets
  • 85 new NSE scripts
  • 12 new protocol libraries
  • Windows 8 improvements
  • targets-sniffer is now capable of sniffing IPv6 addresses
  • a number of bugs affecting the software's security, stability and productiveness fixed.
Download Nmap 6.25