Thủ Phủ Hacker Mũ Trắng Buôn Ma Thuột

Chương trình Đào tạo Hacker Mũ Trắng Việt Nam tại Thành phố Buôn Ma Thuột kết hợp du lịch. Khi đi là newbie - Khi về là HACKER MŨ TRẮNG !

Sayfalar

nbtscan - NETBIOS nameserver scanner

This is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares. It is based on the functionality of the standard Windows tool nbtstat, but it operates on a range of addresses instead of just one. I wrote this tool because the existing tools either didn't do what I wanted or ran only on the Windows platforms: mine runs on just about everything.NETBIOS is commonly...

DNSCrypt - A tool for securing communications between a client and a DNS resolver

dnscrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol and passing them to an upstream server.The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver.While not providing end-to-end security,...

FolderChangesView - Monitor files changes on Windows

FolderChangesView is a simple tool that monitors the folder or disk drive that you choose and lists every filename that is being modified, created, or deleted while the folder is being monitored. You can use FolderChangesView with any local disk drive or with a remote network share, as long as you have read permission to the selected folder.Download FolderChangesV...

VirusTotal Scanner - Desktop Tool to Perform Quick Anti-virus Scan using VirusTotal

VirusTotal Scanner is the desktop tool to quickly perform Anti-virus scan using VirusTotal.comVirusTotal.com is a free online scan service that analyzes suspicious files using 40+ Anti-virus applications. It facilitates the quick detection of viruses, worms, trojans, all kinds of malware and provides reliable results preventing any False Positive cases.'VirusTotal Scanner' is the desktop tool which helps you to quickly scan your file using VirusTotal...

Windows Domain Credentials Phishing Tool

While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn’t had time to wait for the user to enter his credentials and get it using a key logger so i created a fake windows domain login window to tried to force and trick the user to enter his password.There are several tools and techniques...

Pompem - Exploit Finder

Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security...UsageTo get the list of basic options and information about the project:python pompem.py -hExamples of use:python pompem.py -s Wordpresspython...

CrowdInspect - Scan of your running processes on Windows with Virus Total, WOT & MHR

CrowdInspect is a free professional grade tool for Microsoft Windows systems from CrowdStrike aimed to help alert you to the presence of malware that communicates over the network that may exist on your computer. It is a host-based real-time monitoring and recording tool utilizing multiple sources of information to detect untrusted or malicious network-active processes.The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.Beyond...

SEES (Social Enginnering Email Sender) - A Social Engineering Attack/Audit Tool for Spear Phishing

What is SEES? Most of the companies nowadays have their firewalls, threat monitoring and prevention security appliances setup. With these mechanisms in place, security precautions are taken and incidents are monitored. Inbound traffic being restricted, SEES on the other hand is developed for sending targeted phishing emails in order to carry sophisticated social engineering attacks/audits. SEES aims to increase the success rate of phishing attacks by sending emails to company users as if they are coming from the very same company’s domain. The...

iRET - iOS Reverse Engineering Toolkit

iOS Reverse Engineering Toolkit o iRet es un conjunto de herramientas que ayudan al auditor de seguridad a llevar a cabo tareas comunes de forma automática. Dichas tareas se enfocan en análisis e ingeniería inversa de aplicaciones iOS, plataforma móvil de Apple (iPhone/iPad).De entre las tareas que este toolkit es capaz de automatizar, tenemos:Binary Analysis (basado en otool)Keychain Analysis (keychain_dumper)Database Analysis (sqlite3)Log ViewerPlist...

URLCrazy - Test domain typos and variations to detect typo squatting, URL hijacking, phishing, and corporate espionage

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.Usage * Detect typo squatters profiting from typos on your domain name* Protect your brand by registering popular typos* Identify typo domain names that will receive traffic intended for another domain* Conduct phishing attacks during a penetration testFeatures* Generates 15 types of domain variants* Knows over 8000...

Nagios XI - The industry standard for IT infrastructure monitoring

Nagios XI is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined...

DNSQuerySniffer - DNS Queries Sniffer

DNSQuerySniffer is a network sniffer utility that shows the DNS queries sent on your system. For every DNS query, the following information is displayed: Host Name, Port Number, Query ID, Request Type (A, AAAA, NS, MX, and so on), Request Time, Response Time, Duration, Response Code, Number of records, and the content of the returned DNS records. You can easily export the DNS queries information to csv/tab-delimited/xml/html file, or copy...

MITMer - Automated Man-In-The-Middle Attack Tool

MITMer is a man-in-the-middle and phishing attack tool that steals the victim’s credentials of some web services like Facebook.Dependencies:python2scapypython2-nfqueueHow to:Run it as root. sudo python2 mitmer.pySelect a network interface.After scanning the network for available hosts, choose one as a victim or enter an IP address manually.Select one of the attack profiles or custom.If custom is selected, type the domain(s) you want in the “Query request” field, and type the domain (or IP address) of the server that the victim should be redirected...

Cpuminer - CPU miner for Litecoin and Bitcoin

cpuminer is a multi-threaded, highly optimized CPU miner for Litecoin, Bitcoin and other cryptocurrencies. Currently supported algorithms are SHA-256d and scrypt(1024, 1, 1).It supports the getwork mining protocol as well as the Stratum mining protocol, and can be used for both solo and pooled mining.Dependencies: libcurl http://curl.haxx.se/libcurl/ jansson http://www.digip.org/jansson/ (jansson is included in-tree)Basic *nix build instructions:...

[EMS] E-mail Spoofer

E-mail Spoofer is a tool designed for penetration testers who need to send phishing e-mails.It allows to send mails to a single recipient or a list, it supports plain text/html email formats, attachments, templates and more…FeaturesSupport for Plain text and HTMLE-mail TemplatesSpoofing Sender AddressSupport SMTP Authentication and SSLSingle or Multiple RecipientsHTML E-mail PreviewDownload ...

[JRT] Junkware Removal Tool

Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer.  A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue.  This tool will help you remove these types of programs.Junkware Removal Tool has the ability to remove the following types of programs:Ask ToolbarBabylonBlekkoClaro...

[AdwCleaner] Removal Tool for Adware, Toolbars and Hijacker

AdwCleaner is a free removal tool for :Adware (ads softwares)PUP/LPI (Potentially Undesirable Program)ToolbarsHijacker (Hijack of the browser's homepage)It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall".It's compatible with Windows XP, Vista, 7, 8, 8.1 in 32 & 64 bits.Download AdwClea...

[VideoCacheView] Play offline/Save .flv video files from Web browser cache

After watching a video in a Web site, you may want to save the video file into your local disk for playing it offline in the future. If the video file is stored in your browser's cache, this utility can help you to extract the video file from the cache and save it for watching it in the future. It automatically scans the entire cache of Internet Explorer, Mozilla-based Web browsers (Including Firefox), Opera, and Chrome, and then finds...

[Peepdf] PDF Analysis and Creation/Modification Tool

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions...

[PingInfoView] Ping monitor utility

PingInfoView is a small utility that allows you to easily ping multiple host names and IP addresses, and watch the result in one table. It automatically ping to all hosts every number of seconds that you specify, and displays the number of succeed and failed pings, as well as the average ping time. You can also save the ping result into text/html/xml file, or copy it to the clipboard.Download PingInfoV...

[ODA] Online Web Based Disassembler

ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes (part of binutils), ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex, and machine level instructions.ODA is an online Web Based Disassembler for when you don’t have time or space for a thick client.You can use it for...

[NetBScanner] NetBIOS Scanner

NetBScanner is a network scanner tool that scans all computers in the IP addresses range you choose, using NetBIOS protocol. For every computer located by this NetBIOS scanner, the following information is displayed: IP Address, Computer Name, Workgroup or Domain, MAC Address, and the company that manufactured the network adapter (determined according to the MAC address). NetBScanner also shows whether a computer is a Master Browser. You can...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP (Netgear Switch Discovery Protocol), which is implemented to support security tests on the commandline. It is not being bound to the delivered tools by Netgear.UsageDefine your interface and possible delay in the config.ini.# cat config.ini[NSDP]SourcePort = 63323 <--- nsdp sourceDestPort = 63324 <--- nsdp destInterface = eth0 <--- your...

[Ipdecap] Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols

 Ipdecap can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also remove IEEE 802.1Q (virtual lan) header. It reads packets from an pcap file, removes the encapsulation protocol, and writes them to another pcap file. Goals are: Extract encapsulated tcp flow to analyze them with conventional tcp tools (tcptrace, tcpflow, …)Reduce pcap files size by removing encapsulation protocolIpdecap was first written to analyze a strange tcp behavior encapsulated by ESP, without intervention on vpn endpoints.Download...

[SSLsplit] Transparent and scalable SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted.SSLsplit is intended to be useful for network forensics and penetration testing.SSLsplit supports...

[OpenedFilesView] View opened/locked files in your system (sharing violation issues)

OpenedFilesView displays the list of all opened files on your system. For each opened file, additional information is displayed: handle value, read/write/delete access, file position, the process that opened the file, and more... Optionally, you can also close one or more opened files, or close the process that opened these files.This utility is especially useful if you try to delete/move/open a file and you get one of the following error...

[DNmap] Distributed Nmap Framwork

DNmap is a distributed nmap framwork using a client/server architecture. The server reads the commands from a file and send them to each client. The client execute the nmap command and send the results back.Download DN...

[WiFi Password Remover v2.0] Free Wireless (WEP/WPA/WPA2) Password/Profile Removal Software

WiFi Password Remover is the Free software to quickly recover and remove Wireless account passwords stored on your system.For each recovered Wi-Fi account, it displays following details,WiFi Name (SSID) Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP)Password TypePassword in Hex formatPassword in clear textOnce recovered, you can either remove single or all of them with just a click. Before proceeding with deletion, you can also take a backup of...

[0verCheck] Script para comprobar si una dirección e-mail existe o no

Script para comprobar si una dirección de e-mail existe o es falsa. Admite listas de correo.Mi idea es extraer el dominio a partir del correo  y comprobar a través de los DNS cual es el servidor SMTP (mirando los registros MX). Una vez que sabemos el servidor SMTP procedemos a lanzar unos sockets para conectarnos a él y proceder a intentar mandarle un e-mail a la cuenta que queremos comprobar si es válida. Mirando los códigos de respuesta,...

[Blackhash] Audit Passwords Without Hashes

A traditional password audit typically involves extracting password hashes from systems and then sending those hashes to a third-party security auditor or an in-house security team. These security specialists have the knowledge and tools to effectively audit password hashes. They use password cracking software such as John the Ripper and Hashcat in an effort to uncover weak passwords.However, there are many risks associated with traditional password...

[Lynis 1.4.6] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information, installed packages and possible configuration errors.This software aims in assisting automated auditing, hardening, software patch management, vulnerability...

[Skipfish] Web Application Security Scanner

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. Key features:...

[DeviceIOView] View data transfer between a software and device driver

DeviceIOView allows you to watch the data transfer between a software or service and a device driver (DeviceIoControl calls). For each call to a device driver, the following information is displayed: Handle, Control Code, number of input bytes, number of output bytes, the name of the device handle, and all the input/output bytes, displayed as Hex dump.System RequirementsThis utility works on Windows 2000, Windows XP, Windows Server 2003, and Windows...

[SkypeLogView] Skype Log Viewer (.dbb and main.db files)

SkypeLogView reads the log files created by Skype application, and displays the details of incoming/outgoing calls, chat messages, and file transfers made by the specified Skype account. You can select one or more items from the logs list, and then copy them to the clipboard, or export them into text/html/csv/xml file.System RequirementsThis utility works on any version of Windows starting from Windows 2000 and up to Windows 8. You don't have...

[wig] WebApp Information Gatherer (Identify CMS)

wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files.OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of which package versions are include with different operating systems.The version detection is based on md5 checksums of statics files, regex and string matching. OS detection is based on headers and packages listed in the ‘server’ header. There’s a quite...

[WakeMeOnLan] Turn on computers on your network with Wake-on-LAN packet

This utility allows you to easily turn on one or more computers remotely by sending Wake-on-LAN (WOL) packet to the remote computers. When your computers are turned on, WakeMeOnLan allows you to scan your network, and collect the MAC addresses of all your computers, and save the computers list into a file. Later, when your computers are turned off or in standby mode, you can use the stored computers list to easily choose the computer you want...

[WiFiSlax v4.8] Distribución GNU/Linux LiveCD y LiveUSB diseñada para la auditoría wireless

Hoy en día es siempre necesario andar con un Linux live cd por cualquier tipo de inconveniente, y si necesitas hacer una auditoría wireless rápida nada mejor que tener a mano Wifislax. Wifislax es un live CD que, basado en el sistema operativo Linux, puede ser ejecutado sin necesidad de instalación directamente desde el CDROM o también desde el disco duro como LiveHD, además de poderse instalar en memorias USB o en disco duro. Wifislax es...

[Cisco Torch] Mass Scanning, Fingerprinting, and Exploitation Tool

Cisco Torch mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the tools availalbe on the market could not meet our needs.The main feature that makes Cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application...

[QuickSetDNS] Quickly change DNS servers of your Internet connection

QuickSetDNS is a simple tool that allows you to easily change the DNS servers that are used for your Internet connection. You can set the desired DNS servers from the user interface, by choosing from a list of DNS servers that you defined, or from command-line, without displaying any user interface.System RequirementsThis utility works on any version of Windows, starting from Windows 2000 and up to Windows 8. Both 32-bit and 64-bit systems are supported.Versions...