[DLink Password Decryptor] Tool to recover the Login Password of D-Link modem/router

5:01 AM DLink Password Decryptor, EN, Password, Password Decryptor, Recovery, Windows

DLink Password Decryptor is a free desktop tool to instantly recover the Login Password of D-Link modem/router.

If you have lost login authentication password of your D-link modem and you have backup configuration file then you can use this tool to quickly get back your password.

It supports dual mode of password recovery. You can either enter the encrypted D-link password directly or specify the D-Link Modem's backup configuration file. In second case, it will automatically detect the login password from config file and decrypt it instantly.

Note that it is tested with limited number of D-link modems including latest model DSL-2750U. Hence it may or may not work with other models.

This is very handy tool for all Network Administrators as well as penetration testers.

It is successfully tested on both 32 bit & 64 bit windows systems starting from Windows XP to Windows 8

Screenshots

Screenshot 1: DLink Password Decryptor is showing the recovered Password from the encrypted D-Link Login Password

Screenshot 2: Showing Password recovered from the D-Link backup configuration file.

Download DLink Password Decryptor v1.0
License : Freeware
Platform : Windows XP, 2003, Vista, Windows 7, Windows 8

[Capsa packet Sniffer] Herramienta Portable para Análisis de Red

5:38 PM Analysis, Capsa, ES, Network, Portable, Sniffer, Windows

Capsa es una Herramienta Portable para Análisis de Red gratuito para que los administradores de red puedan supervisar, diagnosticar y solucionar sus problemas en network. La versión gratuita del analizador viene con toneladas de características, y es lo suficientemente buena para se uso doméstico, así como su uso en la pequeña empresa.

Con Capsa Sniffer puedes monitorear y capturar los datos de red de 50 direcciones IP.

Características de Capsa :

Detalle de tráfico de todos los equipos.
Control de ancho de banda (para encontrar los equipos que están viendo vídeos en línea).
Diagnóstico de Red para identificar problemas en la red.
La registro de actividad del Netwok (para la grabación de mensajería instantánea y correo web).
Red de monitoreo del comportamiento.

Download Capsa packet Sniffer

[HoneyProxy] A man-in-the-middle SSL Proxy & Traffic Analyzer

5:28 PM Analysis, EN, HoneyProxy, Linux, Mac, Man-in-the-Middle, SSL, Windows

HoneyProxy is a lightweight tool that allows live HTTP(S) traffic inspection and analysis.

It focuses on features that are useful for malware analysis and network forensics.

Features

Analyze HTTP(S) traffic on the fly
Filter and highlight traffic, regex support included.
Report Generation for saved flows, including a live JS editor.
Save HTTP conversations for later analysis
Make scripted changes with Python, e.g. remove Cache Header.
based on and compatible to mitmproxy.
cross-platform (Windows, OSX and Linux)
SSL interception certs generated on the fly

Looking for more? Check out our GitHub wiki!

Quick Start

Download the latest release or pick a development snapshot.

Install all dependencies: pip install pyOpenSSL pyasn1 Twisted Autobahn
Windows users: Install the binaries for pyOpenSSL and Twisted manually (or compile yourself).
Ubuntu / Debian users: Install twisted as a package (sudo apt-get install python-twisted). If you get errors, check this page.

Start HoneyProxy with python honeyproxy.py or python honeyproxy.py --help.
If you don't use a modern browser, a kitten will die. We support both Firefox and Chrome!
Most command line parameters are documented in the mitmproxy docs.

[PunkSPIDER] Búsqueda Masiva de Vulnerabilidades en Aplicaciones Web

5:56 PM ES, Linux, PunkSPIDER, Scan, Scanner

Alejandro Caceres, CTO de Hyperion Gray, presentó en la conferencia ShmooCon 2013 un interesante proyecto llamado PunkSPIDER. Se trata de una arquitectura basada en clusters Apache Hadoop para un escaner distribuido capaz de realizar miles de escaneos de vulnerabilidades web al día y poner a disposición de cualquiera sus resultados. Es decir, PunkSPIDER es un gran motor global de búsqueda de vulnerabilidades en aplicaciones web.

El objetivo de este proyecto es llamar la atención acerca de la pobre seguridad de las aplicaciones web en general. Con sólo escribir la URL puede ayudar a cualquier organización a conocer si su portal público tiene vulnerabilidades críticas que necesitan ser corregidas de inmediato.

Por supuesto, PunkSPIDER puede generar también cierta controversia porque, como muchas herramientas, puede ser utilizada para fines maliciosos, es decir, para conocer y explotar vulnerabilidades de aplicaciones web ajenas. Si bien recordemos que los escaneos son bastante automatizados y generalistas y cualquier atacante podría hacerlos previamente de forma similar en las fases previas a la intrusión...

Puedes descargar el código fuente, donar en Kickstarter y/o contactar con punkspider@hyperiongray.com si deseas colaborar con el proyecto.

Buscador: http://punkspider.hyperiongray.com/

Sobre PunkSPIDER: http://www.hyperiongray.com/index.php/punk-topmenu/about-punkspider

Fuente: http://www.hackplayers.com/

[Hash Kracker Console] Tool to find out the password from the Hash

5:35 PM Brute-force, Cracking, EN, Hash Cracker, Hash Kracker, MD5, SHA1, SHA256, SHA384, SHA512, Windows

Hash Kracker Console is the all-in-one command-line tool to find out the password from the Hash.

Currently it supports password recovery from following popular Hash types

MD5
SHA1
SHA256
SHA384
SHA512

Also it offers 4 types of Password Recovery methods based on the complexity of password

Dictionary Crack
Hybrid Crack
Brute-force Crack
Pattern based Brute-force Crack

Being a command-line makes it faster and easy for automation. It is fully portable tool and includes installer also.

It works on wide range of platforms starting from Windows XP to Windows 8.

Download Hash Kracker Console v1.0
More

[oclHashcat-lite v0.15] Worlds fastest NTLM, MD5, SHA1, SHA256 and Descrypt Cracker

7:52 PM Brute-force, Cracking, EN, Hash Cracker, Linux, MD5, NTLM, oclHashcat-lite, SHA1, SHA256, Windows

Features

Worlds fastest NTLM, MD5, SHA1, SHA256 and descrypt cracker
Free
Multi-GPU (up to 128 gpus)
Multi-OS (Linux & Windows native binaries)
Multi-Platform (OpenCL & CUDA support)
Multi-Algo (see below)
Low resource utilization, you can still watch movies or play games while cracking
Focuses one-shot, lightweight hashes
Supports mixed GPU types
Supports markov attack
Supports mask attack
Supports distributed cracking
Supports pause / resume while cracking
Supports sessions
Supports restore
Supports hex-salt
Supports hex-charset
Integrated thermal watchdog
... and much more

Algorithms

MD5
md5($pass.$salt)
Joomla
SHA1
nsldap, SHA-1(Base64), Netscape LDAP SHA
sha1($pass.$salt)
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
Oracle 11g
MSSQL(2000)
MSSQL(2005)
MySQL
MD4
md4($pass.$salt)
NTLM
Domain Cached Credentials, mscash
SHA256
sha256($pass.$salt)
descrypt, DES(Unix), Traditional DES
SHA512
sha512($pass.$salt)
Cisco-PIX MD5
Double MD5
vBulletin < v3.8.5
vBulletin > v3.8.5
IPB2+, MyBB1.2+
LM
Oracle 7-10g, DES(Oracle)
SHA-3(Keccak)
Half MD5
NetNTLMv1-VANILLA / NetNTLMv1+ESS
NetNTLMv2
Cisco-IOS SHA256

Download here: http://adf.ly/145xZ2

type: driver

file: host programs
desc: added support for AMD ADL v5.0 library

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1-VANILLA / NetNTLMv1+ESS
trac: #51
trac: #96

type: feature
file: hashcat-cli
desc: added mode -m 5600 = NetNTLMv2
trac: #56

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so that it accepts only 16 byte input, see next change why
trac: #89

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so it can crack middle and right portions, too (not just left)
trac: #89

type: bug
file: kernels
desc: fixed bug in NVidia version had to switch back to bitness-depending kernels

type: bug
file: kernels
desc: fixed bug in NVidia version writing to constant memory from kernel isnt allowed

type: bug
file: hashcat-cli
desc: fixed bug in benchmark-mode, do not run MD5 again at end

type: bug
file: hashcat-cli
desc: fixed bug in benchmark-mode, Memory stepping when doing a benchmark
trac: #57

[oclHashcat-plus v0.14] Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker

7:48 PM Brute-force, Cracking, EN, Hash Cracker, Linux, oclHashcat-plus, Windows, WPA, WPA2

Features

Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker
Worlds first and only GPGPU based rule engine
Free
Multi-GPU (up to 128 gpus)
Multi-Hash (up to 15 million hashes)
Multi-OS (Linux & Windows native binaries)
Multi-Platform (OpenCL & CUDA support)
Multi-Algo (see below)
Low resource utilization, you can still watch movies or play games while cracking
Focuses highly iterated modern hashes
Focuses single dictionary based attacks
Supports mask attack
Supports distributed cracking
Supports pause / resume while cracking
Supports sessions
Supports restore
Supports reading words from file
Supports reading words from stdin
Supports hex-salt
Supports hex-charset
Integrated thermal watchdog
30+ Algorithms implemented with performance in mind
... and much more

Attack-Modes

Straight ^*
Combination
Brute-force
Hybrid dict + mask
Hybrid mask + dict

Download here: http://adf.ly/145xV8

type: driver
file: host programs
desc: added support for AMD ADL v5.0 library

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1-VANILLA / NetNTLMv1+ESS
trac: #51
trac: #96

type: feature
file: hashcat-cli
desc: added mode -m 5600 = NetNTLMv2
trac: #56

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so that it accepts only 16 byte input, see next change why
trac: #89

type: feature
file: kernels
desc: modified -m 5100 = Half MD5 so it can crack middle and right portions, too (not just left)
trac: #89

type: bug
file: kernels
desc: fixed bug in NVidia version had to switch back to bitness-depending kernels

type: bug
file: kernels
desc: fixed bug in NVidia version writing to constant memory from kernel isnt allowed

[Hashcat v0.44] Advanced Password Recovery

7:43 PM Brute-force, Cracking, EN, Hash Cracker, Hashcat, Linux, Password, Recovery, Windows

Features

Multi-Threaded
Free
Multi-Hash (up to 24 million hashes)
Multi-OS (Linux, Windows and OSX native binaries)
Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, ...)
SSE2 accelerated
All Attack-Modes except Brute-Force and Permutation can be extended by rules
Very fast Rule-engine
Rules compatible with JTR and PasswordsPro
Possible to resume or limit session
Automatically recognizes recovered hashes from outfile at startup
Can automatically generate random rules
Load saltlist from external file and then use them in a Brute-Force Attack variant
Able to work in an distributed environment
Specify multiple wordlists or multiple directories of wordlists
Number of threads can be configured
Threads run on lowest priority
Supports hex-charset
Supports hex-salt
30+ Algorithms implemented with performance in mind
... and much more

Attack-Modes

Straight ^*
Combination ^*
Toggle-Case
Brute-Force
Permutation
Table-Lookup

Download here: http://adf.ly/143xLq

type: feature

file: hashcat-cli
desc: added mode -m 9999 = Plaintext
trac: #45

type: feature
file: hashcat-cli
desc: added mode -m 5500 = NetNTLMv1 + ESS
trac: #96

type: feature
file: kernels
desc: added -m 5700 = Cisco-IOS SHA256
cred: philsmd

type: change
file: hashcat-cli
desc: changed the hash-format for NetNTLMv1 and NetNTLMv2 to .lc format
cred: #98

type: bug
file: hashcat-cli
desc: fixed bug in 32 bit version, did not crack -m 1800 sha512crypt
trac: #92

type: bug
file: hashcat-cli
desc: fixed bug in NetNTLMv2 parser
trac: #95

[Juniper Password Decryptor] Tool to Decode and Recover Juniper $9$ Passwords

4:12 PM Decode, EN, Juniper, Password, Recovery, Windows

Juniper Password Decryptor is a free desktop tool to instantly decode and recover Juniper $9$ Passwords.

Juniper Router allows you to configure 2 types of passwords,

Juniper $1$ Password: Here MD5 hash of the password is stored. It starts with $1$ and requires brute-force technique to recover the password
Juniper $9$ Password: These passwords are encoded using Juniper's private encryption algorithm. Password hash starts with $9$ text & can be decrypted instantly.

You can use Juniper Password Decryptor tool to quickly decrypt these Juniper $9$ passwords.

It supports dual mode of password recovery. You can either enter the encrypted Juniper $9$ password directly or specify the Juniper router configuration file. In second case, it will automatically detect the $9$ password from config file and decrypt it instantly.

This is very handy tool for all Administrators as well as penetration testers.
It is successfully tested on both 32 bit & 64 bit windows systems starting from Windows XP to Windows 8.

Screenshots

Screenshot 1: Juniper Password Decryptor is showing the recovered Password from the encrypted Juniper $9$ Password

Screenshot 2: Showing Password recovered from the Juniper configuration file.

Download Juniper Password Decryptor v1.0
License : Freeware
Platform : Windows XP, 2003, Vista, Windows 7, Windows 8

[Dexter] A Free Tool for Mobile (Android) Malware Analysis

3:33 PM Analysis, Android, Dexter, EN, Malware

Bluebox Labs just released Dexter, a free tool which wants to help information security professionals and malware analysts to analyze Android mobile applications in order to find malware and vulnerabilities.

Dexter combines manual and automatic static program analysis to provide a better understanding of an Android application. Since the original application source code is not required, Dexter is useful during third party binary application analyses and malware reverse engineering.

The following core features are provided to the analyst:

App statistics and direct access to all program entry points
Package graph visualization
Class and inheritance diagrams
Class decompilation
Method bytecode graph visualization
A relational query language and text search feature
APK file browser
Coloring, tagging and commenting on package, class, method and even basic block layer
String listing including code cross reference resolution
Automated semantic annotation of program elements
Integrated multi-user support for collaboration

More info Here.

[WhatWeb] Scanner para Fingerprinting de una Web

3:29 PM ES, Fingerprint, Fingerprinting, Linux, Scan, Scanner, Script, WhatWeb

WhatWeb es una herramienta que nos permite realizar Fingerprinting de una web.

WhatWeb tiene la particularidad de identificar webs que están realizadas con alguno de los CMS más populares como WordPress, Joomla!, phpBB o Drupal, además permite identificar versiones de librerías JavaScript, Geolocalización de dominios, identificación de etiquetas HTML, Servidores Web y más de 900 plugins para extender su funcionalidad.

A los que nunca utilizaron esta herramienta y quieren comenzar a entrar en las etapas de reconocimiento y fingerprinting, sus primeros pasos sin es utilizar WhatWeb.

Descarga WhatWeb
Repositorio en GitHub
Web del Autor
The WhatWeb Wiki

[Converter v0.7] Analyzing and Deobfuscating Malicious Scripts

7:58 PM Analysis, Converter, Deobfuscating, EN, Windows

Malicious Java applets have been making news for awhile so I thought I would update Converter to include some new features to help with deobfuscating them.

This is a list of changes made to this version:

+ Replaced Binary-to/from-Text with Binary-to/from-Hex to make it more useful

+ Added Filter > “Keep Hex” to only keep hex characters

+ Added Format > “Mixed Octal to Hex” to convert a mixture of text and octal to hex

+ Added Format > “Sort Text” to sort a string

+ Added Format > “Hex Format – CSV” separates hex values with a comma

+ Added Tools > “String Builder” to keep values between quotes

+ Modified “Dec-to-Hex” and “Dec-to-Octal” to handle negative integers

+ Added “copy output to input” option to Secret Decoder Ring

+ Added ability to import first KB (or all) of data to Key Search/Convert

+ Eliminated extra fields in Key Search/Convert screen

+ Made expression capability in Key Search/Convert and Convert Binary File a little more robust (added Extra > “Expressions Help”)

Here’s a look at some of the features in action…

This applet used binary strings to hide its actions:

Just paste it in and the Binary-to-Hex feature will split on every eight characters and convert them to hex. You can choose the Output Format using the dropdown at the bottom.

Here we see an applet concatenating several variables together before it deobfuscates it:

Using the “String Builder” feature…

Just paste the section in and Converter will concatenate everything between the quotes together. Make sure the beginning and ending quotes are present.

This applet is using a mix of text and octal characters:

The “Mixed Octal to Hex” feature…

Will convert the string (including escaped characters) to hex.

This applet is using an array of positive and negative integers:

Converter now converts decimal to hex properly.

This particular applet takes this concatenated string and deobfuscates it by running through a decoder routine three times:

The Secret Decoder Ring now allows you to copy the output to the input field so you can decode it any number of times without having to manually copy/paste each time.

Finally, you can see the changes made to the Key Search/Convert screen. I tried to make the expressions as flexible as possible.

Download Converter v0.7
Official website: http://www.kahusecurity.com/

[JoomlaScan v1.5] Scanner para encontrar vulnerabilidades en Joomla

7:41 PM ES, joomla, JoomlaScan, Linux, Mac, Scan, Scanner, Windows

En esta nueva actualización de JoomlaScan se reconoce la versión 3.1.0-beta1 de Joomla! pasando por las últimas de 2.5.x y las primeras de 3.0.x

Desde que apareció la versión 2.5 la identificación de la versión de Joomla! se reduce a consultar un archivo, concretamente http://tu.joomla.com/administrator/manifest/files/joomla.xml donde podemos localizar la versión exacta:

Aunque bien es cierto que en versiones anteriores ha podido ser un quebradero de cabeza, teniendo que analizar la existencia y/o contenido de diferentes ficheros, que aparecen y desaparecen en nuevas revisiones, todo ello previo estudio de los repositorios de Joomla!.

Aprovechando los retoques, he actualizado también algunos exploits nuevos, obteniendo los enlaces de http://www.exploit-db.com y http://www.securityfocus.com

Para descargarlo: http://adf.ly/1461Oy

O si ya lo tienes instalado:

$ perl joomlascan.pl -update

Web del Autor: http://blog.pepelux.org/

[L517] Simple WordList Generator for Windows

9:03 AM EN, L517, Windows, Wordlists

L517 is a word-list generator for the Windows Operating System.

I wrote L517 to be the only word-list generator and editor I would ever need. L517 is small (considering what it does), it is fast (considering it's a Windows app), and it is lightweight (when not loading astronomically large lists). A user-friendly GUI requires no memorization of command-line arguments!

L517 contains hundreds of options for generating a large, personalized, and/or generic wordlist. With L517, you can generate phone numbers, dates, or every possible password with only a few clicks of the keyboard; all the while, filtering unwanted passwords.

Changes

v0.8 : Language support for French, German, and Spanish; available in HELP menu.
v0.7 : Customizable 'leetspeak' case mutations.
v0.6 : Paste (Ctrl+V) in the EDIT menu; various bug fixes.
v0.5 : Corrected case bugs.
v0.4 : Fixed RICHTX32.OCX error; Removed RichTextControl from project -- replaced with built-in Microsoft Word API's for .doc files.
v0.3 : New 'phone number' generation option; Generate based on charset; Two new cases; Split files every # of items.
v0.2 : 'Analyzer' option; Fixed bugs; More help documentation.
v0.1 : First public release

Download L517

[SET v4.7] The Social-Engineer Toolkit

5:22 PM EN, Linux, SET, Social-Engineer, Toolkit

The Social-Engineer Toolkit (SET) version 4.7 codename “Headshot” has been released. This version of SET introduces the ability to specify multi-powershell injection which allows you to specify as many ports as you want and SET will automatically inject PowerShell onto the system on all of the reverse ports outbound. What’s nice with this technique is it never touches disk and also uses already white listed processes. So it should never trigger anything like anti-virus or whitelisting/blacklisting tools. In addition to multi-powershell injector, there are a total of 30 new features and a large rewrite of how SET handles passing information within different modules.

Change log for version 4.7

removed a prompt that would come up when using the powershell injection technique, port.options is now written in prep.py versus a second prompt with information that was already provided
began an extremely large project of centralizing the SET config file by moving all of the options to the set.options file under src/program_junk
moved all port.options to the central routine file set.options
moved all ipaddr.file to the central routine file set.options
changed spacing on when launching the SET web server
changed the wording to reflect what operating systems this was tested on versus browsers
removed an un-needed print option1 within smtp_web that was reflecting a message back to user
added the updated java bean jmx exploit that was updated in Metasploit
added ability to specify a username list for the SQL brute forcing, can either specify sa, other usernames, or a filename with usernames in it
added new feature called multi-powershell-injection – configurable in the set config options, allows you to use powershell to do multiple injection points and ports. Useful in egress situations where you don’t know which port will be allowed outbound.
enabled multi-pyinjection through java applet attack vector, it is configured through set config
removed check for static powershell commands, will load regardless – if not installed user will not know regardless – better if path variables aren’t the same
fixed a bug that would cause linux and osx payloads to be selected even when disabled
fixed a bug that would cause the meta_config file to be empty if selecting powershell injection
added automatic check for Kali Linux to detect the default moved Metasploit path
removed a tail comma from the new multi injector which was causing it to error out
added new core routine check_ports(filename, ports) which will do a compare to see if a file already contains a metasploit LPORT (removes duplicates)
added new check to remove duplicates into multi powershell injection
made the new powershell injection technique compliant with the multi pyinjector – both payloads work together now
added encrypted and obfsucated jar files to SET, will automatically push new repos to git everyday.
rewrote the java jar file to handle multiple powershell alphanumeric shellcode points injected into applet.
added signed and unsigned jar files to the java applet attack vector
removed create_payload.py from saving files in src/html and instead in the proper folders src/program_junk
fixed a payload duplication issue in create_payload.py, will now check to see if port is there
removed a pefile check unless backdoored executable is in use
turned digital signature stealing from a pefile to off in the set_config file
converted all src/html/msf.exe to src/program_junk/ and fixed an issue where the applet would not load properly

It can also be downloaded through github using the following command:
git clone http://adf.ly/1461HR

[Password Sniffer Console] Password Sniffing Tool to capture Email, Web and FTP login passwords

5:18 PM EN, Password, Password Sniffer Console, Sniffer, Windows

Password Sniffer Console is the all-in-one command-line based Password Sniffing Tool to capture Email, Web and FTP login passwords passing through the network.

It automatically detects the login packets on network for various protocols and instantly decodes the passwords.

Here is the list of supported protocols,

HTTP (BASIC authentication)
FTP
POP3
IMAP
SMTP

In addition to recovering your own lost passwords, you can use this tool in following scenarios,

Run it on Gateway System where all of your network's traffic pass through.
In MITM Attack, run it on middle system to capture the Passwords from target system.
On Multi-user System, run it under Administrator account to silently capture passwords for all the users.

It includes Installer which installs the Winpcap, network capture driver required for sniffing. ForWindows 8, first you have to manually install Winpcap driver (in Windows 7 Compatibility mode) and then run our installer to install only Password Sniffer Console.

It works on both 32-bit & 64-bit platforms starting from Windows XP to Windows 8.

Download Password Sniffer Console

[SCIP] Indentify, Enumerate & Execute Invisible ASP.net Controls

5:40 AM ASP.net, EN, Linux, Mac, OWASP, SCIP, Windows

SCIP is an OWASP ZAP extension designed to assess the security of ASP.net and Mono applications, while abusing platform specific behaviors and misconfigurations.

The extension currently supports the following features:

Identify the existence of invisible, commented and disabled server side web controls in ASP.net – passively (!). Identify which ASP.net security configuration is active in each page (EventValidation, MAC), and in which cases the invisible controls are exploitable – passively (!)

Enumerate the names of invisible controls using built-in customizable dictionaries with ASP.net naming conventions. Rebuild the event validation whenever possible (MAC=off)

Execute invisible controls when either one of the security features is turned OFF, or when there is a server-side callback implementation flaw. Execute disabled controls and commented out controls regardless of security Support additional manual techniques for executing controls despite the security features.

The extension can be obtained from the project's website or from ZAP's built-in marketplace feature:

Download SCIP

[SSLyze v0.6] SSL Server Configuration Scanning Tool

11:38 AM EN, Linux, Python, Scan, Scanner, SSL, SSLyze, Windows

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

Features

SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
Performance testing: session resumption and TLS tickets support
Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
Server certificate validation
Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
Client certificate support for servers performing mutual authentication
Scan results can be written to an XML file for further processing

New in v0.6:

Added support for Server Name Indication; see –sni
Partial results are returned when the server requires client authentication but no client certificate was provided
Preliminary IPv6 support
Various bug fixes and better support of client authentication and HTTPS tunneling

You can download SSLyze v0.6 here:

Linux/OSX – sslyze-0.6_src.zip
Windows 7/Python 32-bit – sslyze-0.6_Windows7_Python32.zip
Windows 7/Python 64-bit – sslyze-0.6_Windows7_Python64.zip

Or read more here.

[Evasi0n] Quitar el jailbreak en el iPhone/iPod touch/iPad

4:03 PM ES, Evasi0n, iPad, iPhone, iPod, Jailbreak, Linux, Mac, Windows

El jailbreak no es necesariamente ilegal (al menos no en Estados Unidos), pero sin lugar a dudas es una práctica mal vista por Apple. Si quieres llevar tu dispositivo móvil a un taller de reparación, entonces deberás quitar primero el jailbreak.

Los evad3rs (autores de la herramienta de jailbreak untethered evasi0n) han dicho que el jailbreak no afecta de ningún modo a los iPhones – por ejemplo, no provoca un mayor consumo de batería ni otras cosas parecidas.

Sin embargo, el jailbreak habilita algunas funciones que finalmente podrían llevar a ciertos comportamientos no deseados por parte del terminal. Y si algún día tienes que llevar el iPhone, iPod touch o iPad a un taller de reparaciones, lo más probable es que Apple te niegue la garantía si descubre que tienes jailbreak.

En este caso, deberás quitar el jailbreak. Para hacerlo, sigue el consejo de los evad3rs:

“Si algún día decides que quieres deshacer el jailbreak, puedes conectar tu dispositivo al ordenador, hacer una copia de seguridad completa con iTunes, pinchar sobre 'restaurar' en iTunes para borrar el dispositivo y cargar la copia de seguridad cuando lo pida. Todas tus aplicaciones de App Store y otros datos se conservarán, como de costumbre”.

Evasi0n

[SHA256 Salted Hash Kracker]Tool to Crack your Salted SHA256 Hash

5:27 PM Brute-force, EN, Password, Recovery, SHA256, SHA256 Salted Hash Kracker, Windows

SHA256 Salted Hash Kracker is the free tool to crack and recover your lost password from the salted SHA256 hash.

These days most websites and applications use salt based SHA256 hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'SHA256 Salted Hash Kracker' will help you to recover your lost password from salted SHA256 hash.

It uses dictionary based cracking method which makes the cracking operation simple and easier. By default small dictionary file is included but you can find good collection of password dictionaries (also called wordlist) here & here.

Though it supports only Dictinary Crack method, you can easily use tools like Crunch, Cupp to generate brute-force based or any custom password list file and then use it with 'SHA256 Salted Hash Kracker'.

It also allow you to specify the salt position either in the beginning of password [ sha256(salt+password)] or at the end of the password [sha256(password+salt)]. In case you want to perform normal SHA256 hash cracking without the salt then just leave the Salt field blank.

It works on both 32-bit & 64-bit Windows platforms starting from Windows XP to Windows 8.

Download SHA256 Salted Hash Kracker

[JSQL v0.3] Java Tool for Automatic Database Injection

9:21 AM EN, java, jSQL, Linux, Mac, SQLi, Windows

jSQL Injection is a lightweight application used to find database information from a distant server.

jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).

Version 0.2 features:

GET, POST, header, cookie methods
normal, error based, blind, time based algorithms
automatic best algorithm selection
thread control (start/pause/resume/stop)
expose URL calls
simple evasion
data retrieving progression bar
proxy setting
supports MySQL

Next release v0.3 will include:
+ distant file reading [sqli]
+ webshell deposit [sqli]
+ terminal to run webshell commands [gui]
+ configuration backup [gui]
+ Updates checking [gui]
+ user interface tweaks [gui]

Next work:
+ distant table writing [sqli]
+ distant file writing [sqli]
+ reverse tcp shell deposit [sqli]
+ right elevation [sqli]
+ speed increase (non encoding pass): 50% faster [sqli]
+ control all running tasks in a tab [gui]
# speed test comparison with other injection tools [dev]
# automatic code testing (JUnit) [dev]
# wiki pages [site]

https://code.google.com/p/jsql-injection/

Download JSQL v0.3

[Pentoo 2013.0 RC1.1] Security-Focused live CD based on Gentoo

9:02 AM Distro, EN, Linux, Pentoo

Pentoo is a security-focused live CD based on Gentoo It's basically a Gentoo install with lots of customized tools, customized kernel, and much more.

Pentoo 2013.0 RC1.1 features :

Changes saving
CUDA/OpenCL Enhanced cracking software

John the ripper
Hashcat Suite of tools

Kernel 3.7.5 and all needed patches for injection
XFCE 4.10
All the latest tools and a responsive development team!

Here is a non-exhaustive list of the features currently included :

Hardened Kernel with aufs patches
Backported Wifi stack from latest stable kernel release
Module loading support ala slax
Changes saving on usb stick
XFCE4 wm
Cuda/OPENCL cracking support with development tools
System updates if you got it finally installed

Download Pentoo 2013.0 RC1.1

[Snort 2.9.4.1] Network Intrusion Detection System

4:12 PM EN, Linux, Mac, NIPS, Snort, Windows

Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) . Snort having the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching.

Snort 2.9.4.1 Network intrusion detection system

The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans. Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection.

Improvements in Snort 2.9.4.1

Updated File processing for partial HTTP content and MIME attachments.
Addition of new config option max_attribute_services_per_host and improve memory usage within attribute table.
Handle excessive overlaps in frag3.
Stream API updates to return session key for a session.
Reduce false positives for TCP window slam events.
Updates to provide better encoding for TCP packets generated for respond and react.
Disable non-Ethernet decoders by default for performance reasons. If needed, use --enable-non-ether-decoders with configure.

Download Snort 2.9.4.1

[SSL Certificate Downloader] Command-line Tool to grab SSL Certificate from Server Remotely

4:03 PM EN, SSL, SSL Certificate Downloader, Windows

SSL Cert Downloader is a free command-line tool to grab SSL certificate from server remotely.

It can be used to download certificate from any of the SSL enabled services including

HTTPS (443)
LDAPS (636)
SMTPS (465)
POPS (995)
IMAPS (993)

You can either specify IP address or host name of the server. Also you can enter any custom port which makes it useful when SSL service is running on non-standard port.

Once the certificate is downloaded from the server it will be saved to the specified file. Later you can just double click on the saved file to view the SSL certificate.

It is very easy to use and being a command-line tool makes it easy for automation through scripting.

It is fully portable and works on all platforms starting from Windows XP to Windows 8.

Download SSL Cert Downloader v1.0

[Ghost Phisher Tool] Fake DNS Server, Fake DHCP Server and Fake HTTP server

8:39 AM EN, Fake DHCP, Fake DNS, Fake HTTP, Linux, Video

Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honeypot, could be used to service DHCP request , DNS requests or phishing attacks

Requirements:

python,
python-qt4,
dhcp3-server,
ettercap-gtk

http://adf.ly/145t5I

[Hook Analyser v2.4] Application (and Malware) Analysis tool

2:23 PM Analysis, EN, Hook Analyser, Malware, Windows

Application (and Malware) Analysis tool. Hook Analyser is a hook tool which could be potentially helpful in reversing application and analysing malwares.

Changelog v2.4

Hook Analyser can now analyse DLLs. (Part of the Static Malware Analysis Module)
The deep trace functionality has been improved significantly, and now it supports searching (and logging) for traces such as Shellcodes, Filenames, WinSockets, Compiler Traces etc.(Part of the Static Malware Analysis Module)
Exe extractor – This is one of the feature which is useful for incident handlers, essentially allows dumping of executables from process/s, which could then be analysed using Hook Analyser, Malware Analyser or other tools for anomalies check. (New module added)
The static malware analysis has been further improved, and new features have been added. I will let you explore this.(Part of the Static Malware Analysis Module)
Minor bug fixes.

More Information:

http://hookanalyser.blogspot.com

Download Hook Analyser v2.4

[Weevely] PHP Stealth Tiny Web Shell

8:26 AM EN, Linux, Mac, PHP, Shell, Weevely, Windows

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Weevely is currently included in Backtrack and Backbox and all the major Linux distributions oriented for penetration testing.

More than 30 modules to automatize administration and post exploitation tasks:

Execute commands and browse remote filesystem, even with PHP security restriction
Audit common server misconfigurations
Run SQL console pivoting on target machine
Proxy your HTTP traffic through target
Mount target filesystem to local mount point
Simple file transfer from and to target
Spawn reverse and direct TCP shells
Bruteforce SQL accounts through target system
Run port scans from target machine
And so on..

Sayfalar

Features

Quick Start

Features

Algorithms

Features

Attack-Modes

Attack-Modes

Changes

Social Profiles

Tổng số lượt xem trang

Người theo dõi

Translate

Xem Nhiều Nhất

Labels

Blog Archive

Blog Archive

Blogger news

Banner 2