[Revenssis] Mobile Penetration Testing Suite

Fully featured network, wireless and web app pentesting suite for SmartphonesNicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute,...

Read More

[NetShareMonitor] Network File Share Monitoring Software

Net Share Monitor is the free software to Monitor your Shared Files from unknown users in the network. Whenever any remote user accesses your Shared Files, NetShareMonitor alerts you by blinking the icon in the systray or making the alert sound. For each connection, it shows the IP address, user name & shared files being accessed by the remote host.In addition to this, your can also monitor your system from hackers (Null Session...

Read More

[WindowsAndroid] Ejecuta Android desde Windows

WindowsAndroid (no se han quebrado la cabeza con el nombre) ejecuta Android nativamente usando el kernel de Windows (funcional en Windows Vista, 7 y 8). Como desventaja, usa Android 4.0.3 (Ice Cream Sandwich), aunque los desarrolladores ya están trabajando para traerlo con las versiones más recientes del sistema operativo de Google. ¿Y que ventajas aporta WindowsAndroid frente a usar VirtualBox con Android, por ejemplo? Al ejecutarse WindowsAndroid...

Read More

[PentBox] Suite de Pentesting

Pentbox es una Suite que contiene herramientas para pentesting, entre sus herramientas podemos destacar las siguientes:1.- Herramientas de Criptográfia.2.- Herramientas de Redes.3.- Herramientas Extra.Esta suite de seguridad informática esta disponible tanto para plataforma Windows, Freebsd, Linux, Osx, entre otros.Contiene herramientas de las cuales se puede aprovechar mucho, una de las herramientas que mas me llamó la atención fue la herramienta...

Read More

Los Mejores Antivirus Gratuitos para Android

Comencemos por el principio: no existen virus para Android. Un virus es un software que actúa autónomamente, instalándose y propagándose sin permiso ni conocimiento del usuario. Además, Android está basado en Linux, o sea, en UNIX, y por lo que se sabe hasta ahora no existen virus para UNIX. Ahora bien, lo que sí existe es malware es decir, aplicaciones maliciosas que con la apariencia de una aplicación inofensiva rastrea nuestro dispositivo...

Read More

[Overlook Fing] Escaneo de equipos con tu Android

Overlook Fing, es sin duda una de las mejores aplicaciones que conozco y que todo el que se dedique a auditar redes debería de tener en su equipo.La aplicación nos ayudará en las redes Wireless a escanear la red, servicios, puertos e incluso poder usar WAKE ON LAN.La aplicación la podemos encontrar en el Play Store de Android.Una vez instalada nos conectamos a nuestra red inalámbrica y le damos a ecanear.Como veis en la imagen , ha podido sacar...

Read More

[The Volatility Framework] An advanced memory forensics framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities...

Read More

[NTFS Permissions Reporter] Display Windows User Access Rights

If you are working as a standalone user on a system running one of the latest flavors of the Microsoft Windows operating system, you do not really have much need to assess and verify user permissions on the system. If a PC is shared by many, and maybe even multiple users with administration rights, things may change significantly, as access rights become more difficulty to assess.The free edition of NTFS Permissions Reporter scans one or multiple...

Read More

[Zeus] Registry Analysis Using Volatility Framework

How to analysis a registry from the memory using Volatility Framework.In this video I’m using Zeus Memory for registry analysis, and l will show F-secure top10 malware registry launchpoints. Not all but some of themDownload Zeus Memory : http://malwarecookbook.googlecode.com/svn-history/r26/trunk/17/1/zeus.vmem.zipMost trojans, worms, backdoors, and such make sure they will be run after a reboot by introducing autorun keys and values into the Windows registry. Some of these registry locations are better documented than others and some...

Read More

[WS_FTP Password Decryptor] Recover FTP login passwords stored by WS_FTP

WS_FTP Password Decryptor is the FREE software to instantly recover FTP login passwords stored by WS_FTP - one of the popular FTP client application.WS_FTP stores the password for all the past FTP sessions in the "ws_ftp.ini" file so that user don't have to enter it every time. WS_FTP Password Decryptor makes it easy to quickly scan & decrypt all these encrypted FTP login passwords.  It presents both GUI as well as command...

Read More

[Watcher v1.5.6] Web Security Testing Tool and Passive Vulnerability Scanner

Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance...

Read More

36 Windows Tools For Penetration Testing

Most penetration testers are using either a Mac or a Linux-based platform in order to perform their penetration testing activities.However it is always a good practice to have and a Windows virtual machine with some tools ready to be used for the engagement.The reason for this is that although Windows cannot be used as a main platform for penetration testing some of the utilities and tools can still help us to extract information from our windows...

Read More

[OWASP HTTP Post Tool] DoS Apache Webserver Attack

This Tutorials shows, how you can easily take out an Apache Webserver with one HTTP POST Tool using a std. slow DSL Connection.This is NO Slowloris Attack!Limitations of HTTP GET DDOS attack:- Does not work on IIS web servers or webservers with timeout limits for HTTP headers.- Easily defensible using popular load balancers,such as F5 and Cisco, reverse proxies andcertain Apache modules, such as mod_antiloris.- Anti-DDOS systems may use "delayedbinding"/"TCP Splicing" to defend against HTTPGET attacks.Why HTTP POST DDOS attack works- This attack...

Read More

[SpyBHORemover] Advanced tool to explore and remove Malicious BHO's from your system

SpyBHORemover (formerly BHORemover) is the advanced tool to explore and remove Malicious BHO's from your system. BHO stands for 'Browser Helper Objects' which are plugins written for 'Internet Explorer' to enhance its capabilities. Often this feature is being misused by many spyware programs to monitor user's browsing habits and to steal the users credentials silently. Also some of the BHO's slow down...

Read More