Leaderboard

Description: In 2011, SQL injections became front page news as ever more high profile companies were victims of automated SQL injection attacks. Responders spent countless hours looking at values in log files like "0x31303235343830303536" trying to figure out what was being exfiltrated by whom. Incident response costs skyrocketed while the cost of attacking fell. This presentation will debut SQL ReInjector, a tool for the rapid assessment of logs from SQL injection attacks to determine what data was exfiltrated. When responding to an SQL injection attack, responders have to determine what was exfiltrated by manually parsing the web server logs from the victimized host. This is a time consuming process that requires a significant amount of a responder’s time. Moreover, manual replay of the SQL injection does not account for system level discrepancies in how queries are executed by the system â€" running SQL against a SQL server directly doesn’t account for the behavior of any intermediary systems â€" e.g. any application layer logic or nuances in how the web application and database server interact. SQL ReInjector uses the log files from the machine that has been subject to a SQL injection attack to replay the attack against the server (or a virtualized forensic image thereof) and captures the data returned by the SQL injection web site requests, reducing the amount of time responders have to spend looking at web server logs and allows for responders to recreate the data exfiltrated through a SQL injection attack. Jason A. Novak is an Assistant Director of Digital Forensics in Stroz Friedberg's Chicago office. At Stroz Friedberg, Mr. Novak has been lead examiner in a wide range of cases involving digital forensics, incident response, application testing, source code analysis, and data analytics, and has developed numerous tools to expedite the firm's analysis and response capabilities. The proprietary tools developed by Mr. Novak have included: an anti-money laundering data analytics platform and tools to process electronically stored information to respond to forensic and electronic discovery requests. As a co-writer of the Google Street View report, Mr. Novak analyzed the source code to gstumbler, the WiFi device geolocation application used by Google as part of the Street View project, and documented its structure and functionality in a publicly released report; Mr. Novak has responded to inquiries about the report from domestic and foreign regulators. Twitter: @strozfriedberg STROZ FRIEDBERG LLC | Digital Risk Management & Investigations Andrea (Drea) London is a Digital Forensic Examiner in Stroz Friedberg's Dallas office. At Stroz Friedberg, Ms. London acquires and examines digital evidence from laptops, desktops and mobile phones in support of legal proceedings, criminal matters, and/or corporate investigations. Additionally she is responsible for implementing large-scale, end-to-end electronic discovery for both civil and criminal litigation. Ms. London previously held positions at Arsenal Security Group and IBM’s Internet Security Systems Emergency Response Team. At Arsenal, Ms. London was an integral part of the company’s immediate response team for worldwide cyber security incidents. During this time she completed and has maintained certification as a Payment Application Qualified Security Assessor (PA QSA), Payment Card Industry (PCI QSA), and PCI Forensic Investigators (PFI), one of the first appointed by the PCI Council. At IBM, she acted as an official Quality Incident Response Assessor (QIRA) reporting PCI breaches to major card brands. Prior to her work for IBM, Ms. London was with the Air Force Office of Special Investigations (AFOSI), where she was one of two Airmen chosen for special duty assignment at the Defense Cyber Crime Center, and where she was tasked with testing and evaluating forensic software and hardware for the Center. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Source: Sql Reinjector - Automated Exfiltrated Data Identification

actualizat ..http://i.troll.ws/3c65b601.png download : http://tinyurl.com/bne5m6s pass. level-23.biz

w7 32 ok com anotador no funciona acho xp sp2 ok xp sp3 ok los outros OS no testado no lo tenho server xtrem File Info Report Date: 15.01.2013 12:01:17 Link To Scan: http://elementscanner.net//?RE=33015...4b3fd58ce898e0 File Name:xtrem 2.3.exe File Size: 706644 bytes MD5 Hash: a0f8f41007bc171434f571d1b68a3d1b SHA1 Hash: cfaa292edf276760ee1d29647d84cf0f570f144d Status: Clean Total Results: 0/35 AVG Free-Clean. ArcaVir-Clean. Avast 5-Clean. AntiVir (Avira)-Clean. BitDefender-Clean. VirusBuster Internet Security-Clean. Clam Antivirus-Clean. COMODO Internet Security-Clean. Dr.Web-Clean. eTrust-Vet-Clean. F-PROT Antivirus-Clean. F-Secure Internet Security-Clean. G Data-Clean. IKARUS Security-Clean. Kaspersky Antivirus-Clean. McAfee-Clean. MS Security Essentials-Clean. ESET NOD32-Clean. Norman-Clean. Norton Antivirus-Clean. Panda Security-Clean. A-Squared-Clean. Quick Heal Antivirus-Clean. Solo Antivirus-Clean. Sophos-Clean. Trend Micro Internet Security-Clean. VBA32 Antivirus-Clean. Vexira Antivirus-Clean. Zoner AntiVirus-Clean. Ad-Aware-Clean. BullGuard-Clean. Immunet Antivirus-Clean. K7 Ultimate-Clean. NANO Antivirus-Clean. VIPRE-Clean. server syp net File Info Report Date: 15.01.2013 12:01:37 Link To Scan: http://elementscanner.net//?RE=f53f5...2396cef290ee0a File Name:syp net 2.5.exe File Size: 929364 bytes MD5 Hash: 5eb40b462c1528c9c1b37b1066808c4d SHA1 Hash: c1eccf26b836115017dfccedb3430704ce989fc6 Status: Clean Total Results: 0/35 AVG Free-Clean. ArcaVir-Clean. Avast 5-Clean. AntiVir (Avira)-Clean. BitDefender-Clean. VirusBuster Internet Security-Clean. Clam Antivirus-Clean. COMODO Internet Security-Clean. Dr.Web-Clean. eTrust-Vet-Clean. F-PROT Antivirus-Clean. F-Secure Internet Security-Clean. G Data-Clean. IKARUS Security-Clean. Kaspersky Antivirus-Clean. McAfee-Clean. MS Security Essentials-Clean. ESET NOD32-Clean. Norman-Clean. Norton Antivirus-Clean. Panda Security-Clean. A-Squared-Clean. Quick Heal Antivirus-Clean. Solo Antivirus-Clean. Sophos-Clean. Trend Micro Internet Security-Clean. VBA32 Antivirus-Clean. Vexira Antivirus-Clean. Zoner AntiVirus-Clean. Ad-Aware-Clean. BullGuard-Clean. Immunet Antivirus-Clean. K7 Ultimate-Clean. NANO Antivirus-Clean. VIPRE-Clean. Binary/Reverse/3des (ECB)123 3nIWHN5JwG6Ybn8V2TJkUKy9XzfXucwLhgBoLaFLnC3sW2OTkI Hbt8DPcYr2WjdWg4a0OupAD6ip5a+prN2YaWS+9MnnOkZ/BOHgJnHiRZQ= Download crypter.rar from Sendspace.com - send big files the easy way

//removed

Remote Administration Tools/Trojans 1. Cerberus 1.03.4 BETA 2. Turkojan 4 GOLD 3. Apocalypse 1.4.4 4. Spy-Net 2.6 5. Pro Rat v1.9 6. Poison Ivy 2.3.2 7. Bandook Rat v1.35 8. Bifrost v1.0 9. CyberGate v.1.01.0 10. Lost Door v4.2 LIGHT 11. Beast 2.07 12. Shark v3.0.0 13. Sub7 v2.2 14. Pain RAT v0.1 15. xHacker Pro v3.0 16. Seed v1.1 17. Optix Pro v1.33 18. Darkmoon v4.11 19. CIA v1.3 20. Y3k RAT v1.0 21. MiniMo RAT v0.7 22. NetDevil v1.0 23. Deeper RAT v1.0 24. Schwarze Sonne RAT 0.1 Public Beta 2 25. Schwarze Sonne RAT 0.7 26. Schwarze Sonne RAT 0.8 27. Schwarze_Sonne_0.5_Beta 28. Schwarze Sonne RAT 0.2 Beta 29. [bUGFIX]SS-RAT 0.4 Final 30. A32s (fifth) RAT 31. Arctic R.A.T. 0.0.1 Alpha 32. CyberGate v1.02.0 33. CyberGate v1.03.0 34. CyberGate v1.04.8 35. CyberGate_v1.01.8 36. CyberGate-v1.00.0 37. Daleth RAT 1.0(ss rat src) 38. DarkComet2RC1 39. DarkComet2RC5 40. DarkComet-RAT 2.0 Final 41. DarkComet-RAT 2.0 Final RC2 42. DarkComet-RAT 2.0 LAST BETA 43. DarkComet-RAT 2.0b3 44. DarkComet-RAT 2.0b 2 45. Deeper 1.0 Beta10 - Fix1 46. Deeper_1.0_Beta8 47. Deeper_1.0_Beta9 48. DRAT 2009 V4.0 Build 1201 49. DRAT 2009 V4.2 Build 1216 50. Golden Phoenix Rat 0.2 52. GraphicBooting RAT Beta v0.3 53. Lost Door V2.2 Stable Public edition 54. Lost Door v4.3.1 55. miniRAT 0.6 Beta 56. NovaLite_final5 57. Pocket RAT 58. Spy-Net 2.7 59. SS-RAT 0.5 Final 60. SS-RAT 0.6 Final_bugfix 61. SS-RAT 0.6 Public Beta 62. Vanguard 63. Venomous Ivy 64. VorteX RAT 65. Xtreme RAT v1.0 66. Remote Administrator (Radmin) v3.1 Cracked 75. MofoTro 76. Arabian-Attacker v1.2.2 77. Arabian-Attacker v1.4.0 78. Archelaus Beta 79. Arctic R.A.T. 0.0.1 Alpha 80. Arctic R.A.T. 0.1 81. Char0n 82. Erebus v1.0.2 Private Cracked 83. Nytro Rat + Source Code -- Binders: 1. UniProject Binder 2. Sh!t Multi Binder 3. bl0b Binder + Unique Stub Generator 4. Sadaf Binder 5. vBinder 6. KBW Binder 7. SaLiXeM Binder 8. YAB Binder V2.01 9. EES Binder V1.0 10. Albertino Binder 11. Rapid Binder v 1.0[ultimate Files To Bind] - 100 % FUD 12. BlackHole Binder 13. F.B.I. Binder 14. Predator 1.6 15. PureBiND3R by d3will 16. Schniedelwutz Binder 1.0 17. Simple Binder by Stonedinfect 18. sp1r1tus Binder 1.0 19. Tool-Store Binder 1.0 20. Tool-Store Toasty Binder 1.0 21. Yet Another Binder 2.0 -- Crypters 1. Carb0n Crypter v1.8 2. Fly Crypter v2.2 + Unique Stub Generator 0.6 3. JCrypter 4. Triloko Crypter 5. Halloween Crypter 6. Deh Crypter 7. Hatrex Crypter 8. Octrix Crypter 9. NewHacks Crypter 10. Refruncy Crypter 11. Polifemo Ebrio Crypter 12. Infinity Crypter 13. Hallow's Scantime Crypter 14. Daemon Crypt v2.0 15. NTPacker 16. El Bruto Crypter V2 17. [FUD] 146, crypter/packer/downloader/startup 18. iCrypt Abronsius Edition 19. Simple ASM Crypter 20. XxVtecman9xX_Crypter 21. Grenade Crypter (NEW) 22. Sick Crypter 23. Sikandar's_Crypter_Version_1.0_Public 24. Bifrost Crypter by ArexX 2 25. Cryptable Seduction 1.0 by DizzY 26. Crypter by Permabatt 27. Crypter bY YoDa 28. Cryptic 1.5 29. Deception 4 by [RaGe] [Favorite ] 30. Destructor Crypter 31. EXECrypt 1 M0d by CARDX 32. Fuzz Buzz 1.2 by BulletProof 33. OSC-Crypter by haZl0oh M0d 34.Poison Ivy Crypt M0d by CARDX 35. SaW V1 Mod by LEGIONPR 36. Skorpien007 Crypter 3.1 37. Stonedinfect Crypter 1.0 38. Trojka Crypter 1.1 by tr1p0d 39. Deception 4 by [RaGe] -- Virus Builders 1. Nathan's Image Worm 2. Dr. VBS Virus Maker 3. p0ke's WormGen v2.0 4. Vbswg 2 Beta 5. Virus-O-Matic Virus Maker 6. Kill Switch v1.0 7. TeraBIT Virus Maker v2.8 8. Hell P2P Worm Generator v1.8 9. Shadow Batch Virus Gen [5.0.0 10.DELmE's Batch Virus Generatorv2.0 -- Scanners 1. DD7 Port Scanner 2. SuperScan 4.0 3. Trojan Hunter v1.5 4. ProPort v2.2 5. Bitching Threads v3.1 6. Blue's Port Scanner V5 7. Angry IP Scanner 2.21 8. XSS Scanner 9. TE Port Scanner 10. Free IP Scanner 11. Bobup Scanner v2.1.2 12. Advanced IP Scanner 13. Advanced Port Scanner 14. Bitching Threads 15. LanSpy 16. NeoTracePro 17. NetScanTools 18. ProPort 19. Putty v0.6 20. SuperScan 21. ZenMap - Nmap v5.21 [Win] -- DoSers, DDoSers, Flooders and Nukers 1. rDoS 2. zDoS 3. Site Hog v1 4. SYN Flood 5. BFF DoS 6. Good Bye v3.0 7. RPCNuke 1.0 8. Rocket v1.0 9. Panther Mode 2 10. Final Fortune 2.4 11. Click v2.2 12. BattlePong 13. Assault V1.0 14. Supernova V5 DDos Tool ( VIP ) 15. HTTP Flood Denial of Service (DoS) Testing Tool 16. iGirls DoS Tool [Free] 17. Longcat Flooder 2.3 (DoS Tool) 18. DoS v5.5 (Denial Of Service) 19. Counter strike style DoS 20. XDos, Dos Tool 21. t3c4i3 Dos Tool v2.00 [updated 9/3/2010] 22 BioHazard DoS 2 23. BioHazard DoS (TCP) 24. FubarDoS - DoS tool now public 25. Black Mamba Dos Attacker 13Mb/s 26. ~FuCk It!~ DOS 27. NetBotAtt14En 28. Click v2.2 29. Spoofed IRC Nuker v1.3 30. Hartz4Flooder v0.2 31. Bitslap 32. Crazyping v1.1 33. Killme v1.0 34. Bd0rk's DoS killer 35. Krate port bomber 36. Fed up v2.0 37. Gimp 38. Muerte v2.1 39. Kaput v1.0 & beta v1.5 40. Donut http flooder v1.4 41. Blood lust 42. Hospitables nuker v2.2 43. Bitchslap v1.0 44. Razors DoS tool v1.1 45. Try2DdoS 46. Firewall killer v1.3 47. Death n destruction 48. Assault v1.0 49. NetBot Attacker v1.4 English 50. Panteher v2.0 51. Battle Pong 52. Nemesy v1.3 53. Meliksah nuke v2.5 54. Inferno Nuker 55. Igmp nuke v1.0 56. Server attack Ddos 57. DENDEN DDoS PROJECT V.1 58. MegaD34TH - DDOS / Scan / Attack / Freeze tool! 59. xFatex DDOS Network/server Flooder 60. {??} SuPeRdOS {??} 61. Website_Crasherv4.7 62. IFRAME_DDoS_v1.0 63. IP Port Ddos 64. IRAN DoS -- Stealers 1. Dark Screen Stealer V2 2. Dark IP Stealer 3. Lab Stealer 4. 1337 Steam Stealer 5. Multi Password Stealer v1.6 6. Firefox Password Stealer 7. PassStealer v3.0 8. PWStealer V2.0 9. Universal1337 V2 10. Lord PS 11. JPS 1.8 12. spam Stealer 13. Aura Stealer v1.0b 14. BKL Stealer V2.0 15. spam Stealer/Keylogger 16. iStealer 3.0 17. iStealer 4.0 18. iStealer 5.0 (MOD) 19. Midnight Stealer 1.5 20. Ref Stealer v1.0 21. Remote Penetration v2.2 22. SimpleStealer v1.2 23. Unlimited PW Stealer v0.4 24. iStealer 6.3 25.1337 SteamACC Stealer Private 26.Allround Stealer 27. Armageddon Stealer 1.0 by Krusty 28. bl0b Recovery 1.0 29. Blade Stealer 1.0 PUBLIC 30.Codesoft PW Stealer 0.35 31. Codesoft PW Stealer 0.50 32. Dark Screen Stealer 2 33. Dimension Stealer 2 by Gumball 34. FileZilla Stealer 1.0 PUBLIC 35. FileZilla Stealer by Stonedinfect 36. Firefox Password Stealer - Steamcafe 37. Fly Stealer 0.1 38. Fudsonly Stealer 0.1 39. Hackbase Steam Phisher 1.2 BETA 40. spam 0.0.1.4 41. spam Stealer 42. HardCore Soft 0.0.0.1 43. ICQ Steal0r 44. IStealer 4.0 45. IStealer 6.0 Legends 46. LabStealer by Xash 47. Multi Password Stealer 1.6 48. Papst Steale.NET 49. Pass Stealer 3.0 50. Pesca Stealer 0.2 51. pixel Stealer 1.3.0 SC 52. pixel Stealer 1.4.0 53. ProStealer 54. Public Firefox 3 Stealer 51. Pure-Steam 1.0 CS 52. Pw Stealer by Killer110 53. Remote Penetration 2.2 54. SC LiteStealer 1 55. SimpleStealer 2.1 56. SPS Stealer 57. SStealer by till7 58. Steam Stealer 1.0 by ghstoy 59. Steam Stealer by till7 60. Stupid Stealer 6 mit PHP Logger 61. System Stealer 2 62. The Simpsons Stealer 0.2 63. Tool-Store FileZilla Stealer 1.0 64. Ultimate Stealer 1.0 65. Universal1337 - The Account Stealer 63. Universal1337 3 -- -- Sql Injection Tools 1.Vbulletin 3.6.5 Exploit 2.sqliHelper 2.7 3.sqli column counter 4.exploit scanner 5.cpanel bruteforcer 6.blind Sqli 7.admin finder 8.SQLDEFACER 9.MySQLi_Dumper_v.1.2 10.GYNshell.php 11.Acunetix.Web.Vulnerability.Scanner.Enterprise.E dition.v6.0-EDGE 12.Havij 1.08 - Advanced SQL Injection Tool 13.Hexjector v1.0.7.3 Special Edition 14.SQL ExploitScanner V3 Rebuild Version 15.SQL Exploiter Professional v2.15 16.Pangolin 3.2.1.1020 Released 17.SQL Injection Tool v2.1 18.SQL Power Injector 1.2 Rar password: Spy-Net Download : DepositFiles