begood

egocentric arogant analfabet ma iriti, pa.

101 Spy Gadgets for the Evil Genius - Google Books Utilizing inexpensive, easily obtainable components, you can build the same information gathering, covert sleuthing devices used by your favorite film secret agent. Projects range from simple to sophisticated and come complete with a list of required parts and tools, numerous illustrations, and step-by-step assembly instructions. Projects include: scanners and radios, night vision devices, telephone devices, computer monitoring, audio eavesdropping, hidden cameras, video transmitters, and more 101 SPY DEVICES FOR SERIOUS SNOOPING This book offers an amazingly awesome and complete collection of professional spy tools that you can build yourself. You can build any project in this thrilling arsenal of spy devices for $30 or less! Not only that, even total beginners to electronics can construct these mind-boggling snooping tools. You get complete, easy-to-follow plans, clear diagrams and schematics, and hundreds of pictures. 101 Spy Gadgets for the Evil Genius gives you: Illustrated instructions and plans for amazing sleuthin' 'n snoopin' devices, presented in sufficient detail to be built even by newcomers Loads of projects simple enough for new spies to construct easily, progressing in complexity to devices that will excite investigation professionals Explanations of the science and math behind each project Frustration-factor removal -- needed parts are listed, along with sources 101 Spy Gadgets for the Evil Genius equips you with complete plans, instructions, parts lists, and sources for devices that let you: Build and install a nanny cam for viewing and recording activity from afar Hear and record what's said from great distances See and photograph in the dark Wire yourself for undetected recording Construct a hidden briefcase camera Tap and record telephone conversations Privately record every called number, with a time stamp, from any phone Build a secret time-lapse camera Build and install motion-activated spy cameras or listening devices Alter photographic evidence Digitally disguise your telephone voice Secretly install key-logging software to see what's done on any computer Learn what Web sites others are surfing Recover deleted computer files View other peoples' computer screens from your PC Control your spy equipment from afar See all Editorial Reviews Product Details Paperback: 259 pages Publisher: McGraw-Hill/TAB Electronics; 1 edition (June 19, 2006) Language: English ISBN-10: 0071468943 ISBN-13: 978-0071468947 Multiupload.com - upload your files to multiple file hosting sites!

Listen to conversations over long distances with a homemade laser listening device. All you'll need is a laser pointer, tripod, old pair of headphones, photocell and a recording device. Your completed laser spy microphone won't be the most practical recording setup you've ever used, but it's an interesting bit of science and a great DIY project. The process involves a simple bit of soldering, but in all it's very simple. Laser Espionage Microphone (how-to) [MetaCafe via DIY Life] Build a Laser Spy Microphone On the Cheap Video : Laser Espionage Microphone (how-to) - Video

Catching taunts from foul-mouthed players is one application, but Audioscope could be used for more sinister purposes, too. Deployed at public gatherings, the super-mics could be zoomed in to eavesdrop on conversations between suspicious persons, or pretty much anyone the cops want to listen in on. Are you scared yet? Audio zoom picks out lone voice in the crowd - tech - 05 October 2010 - New Scientist Squarehead Technology

Stiati ca 1=2 ? | 220.ro

Angajatori de Top (22-23 octombrie 2010) Sunt multe companii maricele, va recomand cu caldura sa va inscrieti CV-ul si sa participati.

(PhysOrg.com) -- Cancer is a modern, man-made disease caused by environmental factors such as pollution and diet, a study by University of Manchester scientists has strongly suggested. The study of remains and literature from ancient Egypt and Greece and earlier periods – carried out at Manchester’s KNH Centre for Biomedical Egyptology and published in Nature Reviews Cancer – includes the first histological diagnosis of cancer in an Egyptian mummy. Finding only one case of the disease in the investigation of hundreds of Egyptian mummies, with few references to cancer in literary evidence, proves that cancer was extremely rare in antiquity. The disease rate has risen massively since the Industrial Revolution, in particular childhood cancer – proving that the rise is not simply due to people living longer. Professor Rosalie David, at the Faculty of Life Sciences, said: “In industrialised societies, cancer is second only to cardiovascular disease as a cause of death. But in ancient times, it was extremely rare. There is nothing in the natural environment that can cause cancer. So it has to be a man-made disease, down to pollution and changes to our diet and lifestyle.” She added: “The important thing about our study is that it gives a historical perspective to this disease. We can make very clear statements on the cancer rates in societies because we have a full overview. We have looked at millennia, not one hundred years, and have masses of data.” The data includes the first ever histological diagnosis of cancer in an Egyptian mummy by Professor Michael Zimmerman, a visiting Professor at the KNH Centre, who is based at the Villanova University in the US. He diagnosed rectal cancer in an unnamed mummy, an ‘ordinary’ person who had lived in the Dakhleh Oasis during the Ptolemaic period (200-400 CE). Professor Zimmerman said: “In an ancient society lacking surgical intervention, evidence of cancer should remain in all cases. The virtual absence of malignancies in mummies must be interpreted as indicating their rarity in antiquity, indicating that cancer causing factors are limited to societies affected by modern industrialization”. The team studied both mummified remains and literary evidence for ancient Egypt but only literary evidence for ancient Greece as there are no remains for this period, as well as medical studies of human and animal remains from earlier periods, going back to the age of the dinosaurs. Evidence of cancer in animal fossils, non-human primates and early humans is scarce – a few dozen, mostly disputed, examples in animal fossils, although a metastatic cancer of unknown primary origin has been reported in an Edmontosaurus fossil while another study lists a number of possible neoplasms in fossil remains. Various malignancies have been reported in non-human primates but do not include many of the cancers most commonly identified in modern adult humans. It has been suggested that the short life span of individuals in antiquity precluded the development of cancer. Although this statistical construct is true, individuals in ancient Egypt and Greece did live long enough to develop such diseases as atherosclerosis, Paget's disease of bone, and osteoporosis, and, in modern populations, bone tumours primarily affect the young. Another explanation for the lack of tumours in ancient remains is that tumours might not be well preserved. Dr. Zimmerman has performed experimental studies indicating that mummification preserves the features of malignancy and that tumours should actually be better preserved than normal tissues. In spite of this finding, hundreds of mummies from all areas of the world have been examined and there are still only two publications showing microscopic confirmation of cancer. Radiological surveys of mummies from the Cairo Museum and museums in Europe have also failed to reveal evidence of cancer. As the team moved through the ages, it was not until the 17th century that they found descriptions of operations for breast and other cancers and the first reports in scientific literature of distinctive tumours have only occurred in the past 200 years, such as scrotal cancer in chimney sweeps in 1775, nasal cancer in snuff users in 1761 and Hodgkin’s disease in 1832. Professor David – who was invited to present her paper to UK Cancer Czar Professor Mike Richards and other oncologists at this year’s UK Association of Cancer Registries and National Cancer Intelligence Network conference – said: “Where there are cases of cancer in ancient Egyptian remains, we are not sure what caused them. They did heat their homes with fires, which gave off smoke, and temples burned incense, but sometimes illnesses are just thrown up.” She added: “The ancient Egyptian data offers both physical and literary evidence, giving a unique opportunity to look at the diseases they had and the treatments they tried. They were the fathers of pharmacology so some treatments did work “They were very inventive and some treatments thought of as magical were genuine therapeutic remedies. For example, celery was used to treat rheumatism back then and is being investigated today. Their surgery and the binding of fractures were excellent because they knew their anatomy: there was no taboo on working with human bodies because of mummification. They were very hands on and it gave them a different mindset to working with bodies than the Greeks, who had to come to Alexandria to study medicine.” She concluded: “Yet again extensive ancient Egyptian data, along with other data from across the millennia, has given modern society a clear message – cancer is man-made and something that we can and should address.” Scientists suggest that cancer is purely man-made

WikiLeaks founder Julian Assange holds up a copy of the Guardian after thousands of US military documents were leaked and exposed Photograph: Andrew Winning/REUTERS The whistleblowing group WikiLeaks claims that it has had its funding blocked and that it is the victim of financial warfare by the US government. Moneybookers, a British-registered internet payment company that collects WikiLeaks donations, emailed the organisation to say it had closed down its account because it had been put on an official US watchlist and on an Australian government blacklist. The apparent blacklisting came a few days after the Pentagon publicly expressed its anger at WikiLeaks and its founder, Australian citizen Julian Assange, for obtaining thousands of classified military documents about the war in Afghanistan, in one of the US army's biggest leaks of information. The documents caused a sensation when they were made available to the Guardian, the New York Times and German magazine Der Spiegel, revealing hitherto unreported civilian casualties. WikiLeaks defied Pentagon calls to return the war logs and destroy all copies. Instead, it has been reported that it intends to release an even larger cache of military documents, disclosing other abuses in Iraq. Moneybookers moved against WikiLeaks on 13 August, according to the correspondence, less than a week after the Pentagon made public threats of reprisals against the organisation. Moneybookers wrote to Assange: "Following an audit of your account by our security department, we must advise that your account has been closed … to comply with money laundering or other investigations conducted by government authorities." When Assange emailed to ask what the problem was, he says he was told in response by Daniel Stromberg, the Moneybookers e-commerce manager for the Nordic region: "When I did my regular overview of my customers, I noticed that something was wrong with your account and I emailed our risk and legal department to solve this issue. "Below I have copied the answer I received from them: 'Hi Daniel, you can inform him that initially his account was suspended due to being accessed from a blacklisted IP address. However, following recent publicity and the subsequently addition of the WikiLeaks entity to blacklists in Australia and watchlists in the USA, we have terminated the business relationship.'" Assange said: "This is likely to cause a huge backlash against Moneybookers. Craven behaviour in relation to the US government is unlikely to be seen sympathetically." Moneybookers, which is registered in the UK but controlled by the Bahrain-based group Investcorp, would not make anyone available to explain the decision. Its public relations firm, 77PR, said: "We have never had any request, inquiry or correspondence from any authority regarding this former customer." Asked how this could be reconciled with the references in the correspondence to a blacklist, it said: "We stick with our original statement." WikiLeaks says funding has been blocked after government blacklisting | Media | The Guardian

“One machine can do the work of fifty ordinary men. No machine can do the work of an extraordinary man.” – Elbert Hubbard Back when I was just starting to learn to break web applications, I exploited absolutely everything with a text editor and a browser. Certain vulnerabilities like cross-site scripting were easy to exploit with just a browser. Others which required fiddling with low-level things like my User-Agent header were not possible or plausible (you can change your UA in Firefox without any plugins, but it’s a pain and you can’t do it selectively for particular domains so you might end up attacking someone unintentionally). Some vulnerabilities – like blind SQL injection flaws – would take so long to exploit manually that it just wasn’t worth it. However, I despised the idea of letting an automated program do the work for me, so I stuck to tools which required me to know what I was doing. (And admittedly, I was worried that I would become adept at using tools I didn’t understand thoroughly.) After a while, I added an intercepting HTTP proxy to my arsenal of tools. It wasn’t automated (so I wasn’t breaking my rule) and it opened up many more possibilities. The vulnerabilities I couldn’t previously exploit were now (mostly) exploitable. This intercepting proxy, Burp Proxy (now Burp Suite), was so useful and expanded my ability to pop boxen to such a great degree that it started to be the tool I went to first when attempting to exploit any flaw that I found. I still consider Burp Suite to be my favorite tool for web app testing. Eventually, however, this needed to change. The Work of Fifty Ordinary Men The first exception I made to my “no automated tools” rule was for John the Ripper. Upon finding password hashes in a database I was accessing via SQL injection, I had no choice but to use a hash cracker. There was absolutely no point in attempting to crack these hashes manually, so I bent my rule and started using hash crackers. After that, I learned about blind SQL injection, and upon understanding it, knew that the techniques for exploiting this were not something you’d want to do by hand unless you like writing and submitting SQL injection strings for hours and hours. With some hesitation, I added sqlmap to my toolbox. The next exception I made was for Nikto. (I’ve already written about Nikto and how CORE IMPACT Pro comes with a module which allows you to run the Nikto tests against your targets!) But I used it primarily to find back-end web pages and directories which the admin thought would never be found. This is not the case when you name your directories things like “admin” and “backup.” Nikto ended up being the final nail in the coffin for my rule. Through this gradual weakening and eventual dissolution of my silly personal standard, I came to the conclusion that automation is not inherently a bad thing. After all, if you’re using a computer at all you’re automating tasks all the time. If you think about it, using a browser automates the tasks of building a network connection, transferring data, and then parsing that data and displaying content based on that data. Given that, it only makes sense to take automation a step further. Moreover, there are certain things which you can’t (or really shouldn’t) do manually. This is mostly due to time limitations. If you already understand how something works and how you can automate it, you should. If you can free up more of your time you can test more thoroughly, or maybe just go have a sandwich while your tests run. Overall, more time is a good thing. The Work of an Extraordinary Man There are certainly advantages to testing manually: First of all, it forces you to know what you’re doing. If you don’t know what you’re doing you’ll learn quickly for the same reasons that being stranded in another country with a foreign language is considered by many to be the quickest way to pick up a new language. Secondly, some things can never be automated. Computers are not very good at recognizing subjective concepts, such as how an application is supposed to work, or ideas like malice and sensitivity. For instance, how many of you reading this have had your copy of Netcat deleted by your anti-virus system while you were trying to use it? Not so recently, there was a court case with a young whipper-snapper who compromised the entire user database for a car dealership. Sounds like a whiz kid, huh? Nope. All he did was to view the source of the page and notice that the entire database was in Javascript, and all the authentication and interaction was also done via Javascript. Because Javascript is a client-side technology, this means that a copy of the dealership’s database was sent to EVERY SINGLE PERSON who loaded the web site. This fact actually caused the young man to win the court case. Long story short, an automated scanner might be able to pick up that there was something like CC numbers or SSNs on the site, but if the information in that database did not contain computer-identifiable sensitive information like that, an automated system would never, ever identify that it was an issue. Third, if something goes wrong with your automation, you’ll likely need to start everything over again. More importantly, the damage caused by an error in your automation might not be something you’re willing to accept. The Balance, and Achieving It with IMPACT Pro Here’s another quote for you: “Eat nails; Die a winner!” – Advice Dog Maybe eating nails will make you tough, but it’ll also make you dead. Don’t make your job unnecessarily hard, unless you’re trying to learn something. You don’t grow if you’re comfortable. But don’t automate everything, either! It’s important to maintain a balance. Since I work for Core, I’d like to take some time to mention how to maintain this sort of balance with some of the features in IMPACT Pro (otherwise they make me go back in the box, I don’t like the box, it’s dark and scary in there). Let’s say that you’re looking for SQL injection flaws in a target web site. You could use the SQL injection analyzer available within IMPACT to fuzz out flaws in the pages for you and automatically exploit them, but let’s say you’d like to look for SQLi flaws manually. Not a problem. Once you’ve found one, you can tell IMPACT where it is with the “Setup SQL Agent Manually” module. Just tell IMPACT where the page is, what the parameters are and what values should be given, then specify the vulnerable parameter, and if you need to, the needed encoding and backend database (or just let IMPACT figure it out for you). Once you’ve fed IMPACT that information, IMPACT will happily jump through the hoops of SQLi exploitation (error-based blind SQL injection is also implemented) and confirm that we can gain control of the database. Once it does, it abstracts the details of exploitation from you and allows you to take some nifty post-exploitation actions. For instance, if the database user specified in the web application is an admin or has rights to run processes (I love you xp_cmdshell <333 XOXO) you can use the database to Trojan the host and drop an OS Agent on the host, further expanding your capabilities (and allowing you to use the database server to tunnel into the internal network and start wreaking havoc!). If not, you can still open an SQL shell and run any command you please, just as if you were logged into the database as the given user. Additionally, in case you don’t know SQL or don’t feel like writing out all the SQL queries, you can use the modules we’ve created to do some common post-exploitation tasks. For instance, there’s a module called “Check for Sensitive Information” which will pull out the contents of whatever database you choose and check them to see if they look like credit card or social security numbers. Additionally, if you’d like to pull out the authentication information from the database you can do that with the “Get Database Logins” module. So, info-warriors, keep on fighting the good fight, whether or not you’re automating that fight.

http://rstcenter.com/forum/25961-postati-aici-hashurile.rst

totul e filtrat si editat manual, nu va bag eu cacaturi.

ce testezi pe el ? GARR Network's MIRROR FTP-archive http://mirror2.mirror.garr.it/mirrors/freerainbowtables/lm/lm_lm-frt-cp437-850%231-7_1/ http://mirror2.mirror.garr.it/mirrors/freerainbowtables/lm/lm_lm-frt-cp437-850%231-7_2/ GARR Network's MIRROR FTP-archive astea-s mai bune.

Build your own wordlists with this online utility. all you do is center a base word for it to search on, and it collects all other words it finds related to that word. the lists come out to be about half a megabyte, but they can expanded out to millions of words if you use passwordspro's rule set. http://awlg.org

CeWL is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper. CeWL - DigiNinja

# This program was designed for viewing large (>1GB) text files. # It uses little memory and is able to open a gigabyte file instantly. # Background file indexing makes browsing even faster. # It opens files that are currently being written by other programs, and automatically checks and reads the files if new contents have been appended. # It supports view split. The user may split the view either horizontally or vertically, and have each side show different portion of the same file. # It allows the user to perform high-speed complex text search by means of plain text or regular expression. The regular expression syntax is slightly different from the standard ones. http://www.swiftgear.com/ltfviewer/LTFViewr.zip

-Sort Both Large and small lists -Sort by element length -Ability to hash lists using NT/MD2/MD4/MD5/SHA-1 (Currently working on optimizing other algos) -Slice elements inside the lists for example elements ending/starting in numbers could all be sliced therefore test123, test321 would become test (this is useful for downsizing mutated wordlists) -Remove similar elements linearly (user specifies a threshold of consecutive similar elements to remove) -Merge small lists into one big one -Split large lists into smaller ones (user defined lines) -Ability to generate all combinations using the keyspace defined in an element e.g test --> test, tets, sett etc etc -Case permutation (Coded will add in next build) -Can remove elements based on charsets or user defined charsets -Can prepend and append to elements -Single Character substitutions user defined (multiple characters at a time) -Case Conversion, convert all elements to upper/lower/Up First Lower Rest, Case Toggle and Toggle at user defined position -Revere elements -Slice elements after a user defined occurrence (string) OR user defined position -Find string and replace within element -Can convert between Delimiters e.g CrLf <-> LF <-> whatever http://rapidshare.com/files/364857717/ULM-HK.zip

It takes wordlists as input and sorts them using hash as key, takes out duplicates and writes results to smaller wordlist files which are indexed.(It only saves words, hashes are not saved). Once sorting is done , it can search extremely large wordlists (30 gb or more) for specific algorithm hashes in under two seconds. http://www.plain-text.info/dl/file/gwl/

Merges and automatically optimizes your wordlists for wpa cracking. To be really efficient, you have to follow the steps in order. Here is a little explanation about how it works and what it makes: --> 1 Merge all your wordlists files Just give the script the path to a folder that contains a lot of wordlists files, and it will merge them all into a single big wordlist named Mega-dico.txt. This file will be created in a folder called Giga-wordlist that the script will create on the desktop of your Backtrack 3. --> 2 Modify the dictionary with John The Ripper Using JTR, the script will create about 50 differents variants of each password contained in your Mega-dico.txt file that you previously created on the step 1. It will output the result in /root/Desktop/Giga-wordlist/Mega-dico-john.txt, JTR makes variants this way. --> 3 Optimize the dictionary for WPA cracking The script will reduce your wordlist, removing passwords shorter than 8 characters and more than 63 characters, which is the min and max size of a WPA passphrase. Output file: /root/Desktop/Giga-wordlist/Mega-dico-wpa.txt --> 4 Sort and remove duplicates Finally, the script will remove duplicates, and sort the passwords in alphabetical order which, as i read I don't remember where, can make the crack a little more efficient. Output file: /root/Desktop/Giga-wordlist/Giga-wordlist.txt You can easily edit the script and modify the paths and file names, if you prefer not to output the files on your desktop. After following the 4 steps, you will get your personnal optimized wordlist for wpa cracking. http://www.crack-wpa.fr/Downloads/WIFI/en/wordlist.sh

* Menu based rule generator * Config files -table generation info is no longer stored in the filename!! * Multi-threaded support for multi-core CPUs, (Linux and MacOSX only) * Various other performance tweaks such as using optimized hashing functions for the most common password hashes, (goodbye openssl). * Backwards compatible with traditional rcrack rainbow tables Supported Systems: Config Generator and Multi-Threaded Version Most flavors of Linux MacOSX Single Threaded Version Windows (coming soon) http://sites.google.com/site/reusablesec2/drcrack.tar

Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations. Browse crunch - wordlist generator Files on SourceForge.net

Options: Run the entire otimization script Sort a wordlist in alphabetical order Sort a wordlist in reverse alphabetical order Remove all duplicates form a wordlist Remove all whitespace from the begining of each line Remove all non ascii chars from a wordlist Remove all comments from a wordlist (except first line) Specify a min and max password length in a wordlist Manipulate a wordlist with the --rules fuction of john the ripper L33tify a wordlist Delete all lines that match a specific pattern from a file Create a wordlist with crunch Create a wordlist with wyd.pl Create a wordlist wordlist with CUPP Create a wordlist based on phonenumbers Combine a directory full of files into one big list Split a large text file into smaller files Capitalize the first letter of each line in a file http://tools.question-defense.com/wordlist_tools.sh

Ruby-wg is a opensource scalable and reliable wordlist generator written in Ruby. It uses a JMS broker (stomp interface) to store candidate and result words. ruby-wg is scalable: you can run one or more concurrent "wg.rb run" processes, also from different servers/workstations: in this way the speed will increase with the number of concurrent processes... ruby-wg is reliable: the processes "wg.rb run" run for at most "max_run_iterations": when they finish, you can stop/start the (JMS) servers and start the "wg.rb run" processes later without missing data and without restarting the wordlist generation from the beginning... Some Features: * you can run as many concurrent and remote word generators as you want * you can "pause" the wordlist generation and go on later (also after a restart of the pc) * you can monitor jms queues with Activemq Admin Console and jconsole(.exe) Source Checkout - ruby-words-generators - Project Hosting on Google Code

WLAuthor is an advanced custom wordlist generator. It can be used to create a custom dictionary/wordlist for password guessing or cracking attacks in penetration testing. It now supports better crawling capabilities and a hybrid engine (customized word manipulation). This script takes a target domain, and a manipulation recipe as input and will browse the target web site and parse it for potential words used in passwords. It will then manipulate the wordlist to include special characters and numbers for increased complexity. http://www.securityexperiment.com/se/documents/WLAuthor-0.12.pl

wyd is a password profiling tool that extracts words/strings from supplied files and directories. It parses files according to the file-types and extracts the useful information, e.g. song titles, authors and so on from mp3's or descriptions and titles from images. It supports the following filetypes: plain, html, php, doc, ppt, mp3, pdf, jpeg, odp/ods/odp and extracting raw strings. http://www.remote-exploit.org/wp-content/uploads/2010/01/wyd-0.2.tar.gz

saltymd5 is a small and simple tool that automates bruteforce / wordlist attacks against salted MD5 hashes. It supports dictionary input via named pipes and can therefore be used in combination with john. http://www.remote-exploit.org/wp-content/uploads/2010/01/saltymd5-0.2.tar.gz