-
Posts
110 -
Joined
-
Last visited
-
Days Won
5
Posts posted by Versus71
-
-
Re-upload please
-
Predator Locks and Unlocks Your PC with a USB Thumb Drive
PREDATOR locks your PC when you are away, even if your Windows session is still opened. It uses a regular USB flash drive as an access control device, and works as follows:
- you insert the USB drive
- you run PREDATOR (autostart with Windows is possible)
- you do your work...
- when you're away from your PC, you simply remove the USB drive:
once it is removed, the keyboard and mouse are disabled and the screen darkens
- when you return back to your PC, you put the USB flash drive in place:
keyboard and mouse are immediately released, and the display is restored
It's easier and faster than closing your Windows session, since you do not have to retype your password when you return.
Screenshot:
Download:
http://www.predator-usb.com/predator/dl/free/InstallPredator.zip [x86]
http://www.predator-usb.com/predator/dl/free/InstallPredator_x64.zip [x64]
-
Text dump websites are used by programmers and system administrators to share and store pieces of source code and configuration information. Two of the most popular text dump websites are pastebin and pastie. Day by day more and more programmers, amateur system administrators and regular users are captivated by the attractive functional features of these web tools and use them in order to share large amounts of configuration and source code information. Therefore, like happening in each famous web platform, sensitive information sharing is inevitable. Potential attackers use these web platforms to gather information about their targets, while on the other side penetration testers search into these sites to prevent critical information leakage.
Most of the text dump web platforms offer a searching mechanism and therefore anyone can manually query the database for matching strings. Although an automated script/tool capable to query all these text dump websites and generate an overall searching report, would be very useful for the reconnaissance phase of a penetration test. Pen-testers can use such an automate tool, in order to efficiently search for potential configuration and login credentials information leakage that will help an attacker to profile the victim system and find a security hole.
Recently I came across in the web with such a script, pastenum. Pastenum is a ruby script written by Nullthreat member of the Corelan Team. It can query pastebin, pastie and github for user defined strings and generate an overall html report with the searching results.
Installation information:
http://redmine.corelan.be:8800/projects/corelan-pastenum/wiki
Download:
http://redmine.corelan.be:8800/attachments/download/477/Pastenum2.zip
-
-
The script for spam mailing server through sendmail. In the tests showed good results, especially when a large number of servers.
Description:
- Random, intellectual generation fields
- Subscribe to the attach
- Plain and html format
Download:
-
Sample application showing practical approach how to exploit Blind LDAP Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only. It was first presented at Black Hat 2011.
Download:
http://ldap-blind-explorer.googlecode.com/files/Ldap%20Blind%20Explorer%201.0.zip
-
Sample application showing practical approach how to exploit Blind XPath Injection flaw. The tool is intended to be used by IT security researchers and pentesters for educational purposes only. It was first presented at Black Hat 2011.
Download:
http://xpath-blind-explorer.googlecode.com/files/Xpath%20Blind%20Explorer%201.0.zip
- 1
-
SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios. You can create your own SIP signaling scenarios, customize SIP messages and monitor incoming and outgoing messages. The tool can play RTP streams from a pcap.
-
Original source:
- 1
-
FiletypeID is a tool designed to identify file types from their binary signatures. This simple application can help you to: identify what kind of file was sent to you via e-mail, aid in forensic analysis, support in file recovery, etc. FiletypeID is written in Python, based on PyQt4, TrIDLib and hachoir-metadata.
+4697 file type definitions
Download:
https://filetypeid.googlecode.com/files/FiletypeID-0.2.1.zip
https://filetypeid.googlecode.com/files/FiletypeID-0.2.1.7z [source code]
- 1
-
Remove Fake Antivirus is used to remove the most popular fake antiviruses. What is fake antivirus? This is a type of virus/malwares which disguises itself to be an antivirus. It infects your computer when you accidentally click a link in a website which will download the malware into your computer and run automatically when your windows boot. It scan the infected computer and produces fake alert warnings. It convinces you that your computer is in danger and urge you to purchase a useless copy of the fake antivirus. These fake antiviruses must be removed immediately.
List:
Windows Smart Warden
Home Malware Cleaner
Strong Malware Defender
AV Security 2012
Data Recovery
Wolfram Antivirus
Security Protection
Windows Antivirus 2011
Mega Antivirus 2012
AVG Antivirus 2011
PC Security 2011
ThinkPoint
ThinkSmart
Antivirus 8
Security Tool
My Security Shield
Antivirus 7
Antivirus GT
Defense Center
Protection Center
Sysinternals Antivirus
Security Master AV
CleanUp Antivirus
Security Toolbar
Digital Protection
XP Smart Security 2010
Antivirus Suite
Vista Security Tool 2010
Total XP Security
Security Central
Security Antivirus
Total PC Defender 2010
Vista Antivirus Pro 2010
Your PC Protector
Vista Internet Security 2010
XP Guardian
Vista Guardian 2010
Antivirus Soft
XP Internet Security 2010
Antivir 2010
Live PC Care
Malware Defense
Internet Security 2010
Desktop Defender 2010
Antivirus Live
Personal Security
Cyber Security
Alpha Antivirus
Windows Enterprise Suite
Security Center
Control Center
Braviax
Windows Police Pro
Antivirus Pro 2010
PC Antispyware 2010
FraudTool.MalwareProtector.d
Winshield2009.com
Green AV
Windows Protection Suite
Total Security 2009
Windows System Suite
Antivirus BEST
System Security
Personal Antivirus
System Security 2009
Malware Doctor
Antivirus System Pro
WinPC Defender
Anti-Virus-1
Spyware Guard 2008
System Guard 2009
Antivirus 2009
Antivirus 2010
Antivirus Pro 2009
Antivirus 360
MS Antispyware 2009
IGuardPC or I Guard PC
Additional GuardDownload:
-
TCHunt is a small portable application that can be used to find encrypted TrueCrypt volumes on the system. It has been specifically designed to demonstrate the possibility of finding TrueCrypt volumes even if they are not mounted and well disguised by the user.
http://16s.us/TCHunt/downloads/TCHunt.exe [v.1.6]
http://dl.dropbox.com/u/55144650/t00lz/TCHunt-1.5-en.exe [v.1.5; GUI]
-
yceman
This is the original name:
http://www.hackfromacave.com/projects/blueranger.html
I did not add anything extra.
-
BlueRanger is a simple Bash script which uses Link Quality to locate Bluetooth device radios. It sends l2cap (Bluetooth) pings to create a connection between Bluetooth interfaces, since most devices allow pings without any authentication or authorization. The higher the link quality, the closer the device (in theory).
Use a Bluetooth Class 1 adapter for long range location detection. Switch to a Class 3 adapter for more precise short range locating. The precision and accuracy depend on the build quality of the Bluetooth adapter, interference, and response from the remote device. Fluctuations may occur even when neither device is in motion.
Installation:
This script can run from any directory.
Resources:
- BlueZ
- hcitool
- l2ping
Usage:
Provide the local interface and Device Address of the device you are trying to locate.
# blueranger.sh hci0 6C:D6:8A:B1:30:BC
Download:
-
Amon is a self-hosted, lightweight web application and server monitoring toolkit. It provides you with straightfrorward visualisation of essential server data. It helps you manage the errors that occur in your web applications and makes logging complex datastructures and searching in your log data easy.
Site:
Demo:
Install:
-
The Offensive (Web, etc) Testing Framework (aka OWTF) is an OWASP+PTES-focused try to unite great tools and make penetration testing more efficient. The purpose of this tool is to automate the manual, uncreative part of penetration testing.
ChangeLog:
+ Inclusion of fuzzdb -allowed by licence- thanks!
+ Inclusion of HashCollision-DOS-POC by Christian Mehlmauer (@_FireFart_) thanks!
Location: owtf_dir/tools/dos/web/HashCollision-DOS-POC
More info: [url]https://github.com/FireFart/HashCollision-DOS-POC[/url]
+ Installation script cleanup: tools/bt5_install.sh courtesy of Michael Kohl (@citizen428), thanks!
+ Minor fixes to scripts/setrubyenv.sh also courtesy of Michael Kohl @citizen428), thanks!
+ "set fuzzFormComboValues all" removed from scripts/run_w3af.sh because it may make w3af scans slow, thanks to Adi Mutu (am06) and Andrés Riancho (@w3af)!
More info: [url=http://sourceforge.net/mailarchive/forum.php?thread_name=CA%2B1Rt67bN3-2OpB%2B7SOGO7%3D92KWXBMdbaztpa885f%3Du2GzjcFg%40mail.gmail.com&forum_name=w3af-users]SourceForge.net: w3af-users[/url]
+ Created an initial basic targeted phising plugin to send anything via SMTP: aux/se/Targeted_Phishing@OWTF-ASEP-002.py
+ Created the concept of "OWTF Agents": Small listeners that establish communication channels that allow to perform actions remotely (i.e. in a victim machine)
- Added sbd-based shared-password OWTF Agent for persistent shell access to other machines to be used during a test (i.e. victim emulation)
- Added ssh-based trusted-public-key OWTF Agent for an alternative to shared passwords (basic instructions to set this up with ssh)
- Added initial auxiliary plugins to communicate with OWTF agents:
SBD_CommandChainer is working, the others in rce are WIP (see plugins/aux/rce)
- Added imapd OWTF agent: This checks email with a predefined account and loads the configured plugin to process the message.
Example:
1) OWTF sends a targeted phising attack via aux/se/Targeted_Phishing@OWTF-ASEP-002.py
2) An OWTF imapd Agent processes any new email that arrives and emulates a user click for all links found in the message
+ Added initial SMB handler to the framework and a related plugin: aux/smb/SMB_Handler@OWTF-SMB-001.py
+ Added an Interactive Shell handler useful to interact with remote and local shells run in a subprocess
+ Significant SET integration improvements: new OWTF SET handler + spear_phising modules and plugin/configurability tweaks
+ Added hopefully better comments in several places
+ Started to use Eclipse and Fixed indentation on many framework files
+ Bug fix: Commented out goohost shell one liners in profiles/general/default.cfg: When goohost is not installed cat hangs (Thanks to Sandro Gauci)
+ Bug fix: Grep plugins were no longer showing links to Text, HTML, etc findings
+ Added CAPTCHA breaker tool links to external plugin to assist manual exploitation: PWNtcha - captcha decoder, Captcha Breaker
+ Added vulnerability search box to the CAPTCHA external plugin
+ Added links to the "Session managament schema" external plugin: Gareth Hayes' HackVertor, Raul Siles' (Taddong) F5 BIG IP Cookie Decoder
+ Added link to the "SSI Injection" external plugin: webappsec.org SSI Injection info
+ Moved HTTP-Traceroute back into rev_proxy to avoid config changesDownload:
-
.ac Ascension Island
.ad Andorra
.ae United Arab Emirates
.af Afghanistan
.ag Antigua and Barbuda
.ai Anguilla
.al Albania
.am Armenia
.an Netherlands Antilles
.ao Angola
.aq Antarctica
.ar Argentina
.as American Samoa
.at Austria
.au Australia
.aw Aruba
.az Azerbaijan
.ba Bosnia and Herzegovina
.bb Barbados
.bd Bangladesh
.be Belgium
.bf Burkina Faso
.bg Bulgaria
.bh Bahrain
.bi Burundi
.bj Benin
.bm Bermuda
.bn Brunei Darussalam
.bo Bolivia
.br Brazil
.bs Bahamas
.bt Bhutan
.bv Bouvet Island
.bw Botswana
.by Belarus
.bz Belize
.ca Canada
.cc Cocos (Keeling) Islands
.cf Central African Republic
.cg Congo
.ch Switzerland
.ci Cote d'Ivoire
.ck Cook Islands
.cl Chile
.cm Cameroon
.cn China
.co Colombia
.cr Costa Rica
.cu Cuba
.cv Cap Verde
.cx Christmas Island
.cy Cyprus
.cz Czech Republic
.de Germany
.dj Djibouti
.dk Denmark
.dm Dominica
.do Dominican Republic
.dz Algeria
.ec Ecuador
.ee Estonia
.eg Egypt
.eh Western Sahara
.er Eritrea
.es Spain
.et Ethiopia
.fi Finland
.fj Fiji
.fk Falkland Islands (Malvina)
.fm Micronesia, Federal State of
.fo Faroe Islands
.fr France
.ga Gabon
.gd Grenada
.ge Georgia
.gf French Guiana
.gg Guernsey
.gh Ghana
.gi Gibraltar
.gl Greenland
.gm Gambia
.gn Guinea
.gp Guadeloupe
.gq Equatorial Guinea
.gr Greece
.gs South Georgia and the South Sandwich Islands
.gt Guatemala
.gu Guam
.gw Guinea.Bissau
.gy Guyana
.hk Hong Kong
.hm Heard and McDonald Islands
.hn Honduras
.hr Croatia/Hrvatska
.ht Haiti
.hu Hungary
.id Indonesia
.ie Ireland
.il Israel
.im Isle of Man
.in India
.io British Indian Ocean Territory
.iq Iraq
.ir Iran (Islamic Republic of)
.is Iceland
.it Italy
.je Jersey
.jm Jamaica
.jo Jordan
.jp Japan
.ke Kenya
.kg Kyrgyzstan
.kh ?Cambodia
.ki Kiribati
.km Comoros
.kn Saint Kitts and Nevis
.kp Korea, Democratic People's Republic
.kr Korea, Republic of
.kw Kuwait
.ky Cayman Islands
.kz Kazakhstan
.la Lao People's Democratic Republic
.lb Lebanon
.lc Saint Lucia
.li Liechtenstein
.lk Sri Lanka
.lr Liberia
.ls Lesotho
.lt Lithuania
.lu Luxembourg
.lv Latvia
.ly Libyan Arab Jamahiriya
.ma Morocco
.mc Monaco
.md Moldova, Republic of
.mg Madagascar
.mh Marshall Islands
.mk Macedonia, Former Yugoslav Republic
.ml Mali
.mm Myanmar
.mn Mongolia
.mo Macau
.mp Northern Mariana Islands
.mq Martinique
.mr Mauritania
.ms Montserrat
.mt Malta
.mu Mauritius
.mv Maldives
.mw Malawi
.mx Mexico
.my Malaysia
.mz Mozambique
.na Namibia
.nc New Caledonia
.ne Niger
.nf Norfolk Island
.ng Nigeria
.ni Nicaragua
.nl Netherlands
.no Norway
.np Nepal
.nr Nauru
.nu Niue
.nz New Zealand
.om Oman
.pa Panama
.pe Peru
.pf French Polynesia
.pg Papua New Guinea
.ph Philippines
.pk Pakistan
.pl Poland
.pm St. Pierre and Miquelon
.pn Pitcairn Island
.pr Puerto Rico
.ps Palestinian Territories
.pt Portugal
.pw Palau
.py Paraguay
.qa Qatar
.re Reunion Island
.ro Romania
.ru Russian Federation
.?? Russian Federation
.rw Rwanda
.sa Saudi Arabia
.sb Solomon Islands
.sc Seychelles
.sd Sudan
.se Sweden
.sg Singapore
.sh St. Helena
.si Slovenia
.sj Svalbard and Jan Mayen Islands
.sk Slovak Republic
.sl Sierra Leone
.sm San Marino
.sn Senegal
.so Somalia
.sr Suriname
.st Sao Tome and Principe
.sv El Salvador
.su USSR
.sy Syrian Arab Republic
.sz Swaziland
.tc Turks and Caicos Islands
.td Chad
.tf French Southern Territories
.tg Togo
.th Thailand
.tj Tajikistan
.tk Tokelau
.tm Turkmenistan
.tn Tunisia
.to Tonga
.tp East Timor
.tr Turkey
.tt Trinidad and Tobago
.tv Tuvalu
.tw Taiwan
.tz Tanzania
.ua Ukraine
.ug Uganda
.uk United Kingdom
.um US Minor Outlying Islands
.us United States
.uy Uruguay
.uz Uzbekistan
.va Holy See (City Vatican State)
.vc Saint Vincent and the Grenadines
.ve Venezuela
.vg Virgin Islands (British)
.vi Virgin Islands (USA)
.vn Vietnam
.vu Vanuatu
.wf Wallis and Futuna Islands
.ws Western Samoa
.ye Yemen
.yt Mayotte
.yu Yugoslavia
.za South Africa
.zm Zambia
.zw Zimbabwe
-
The goal of IP-Link is to see the relationships between different IP from network traffic capture, thus quickly for a given address with the IP that communicates the most.
Video:
-
-
-
Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
http://dl.packetstormsecurity.net/wireless/bluelog-1.0.0.tar.gz
-
A hackerspace or hackspace (also referred to as a hacklab, makerspace or creative space) is a location where people with common interests, often in computers, technology, science, or digital or electronic art (but also in many other realms) can meet, socialise and/or collaborate. Hackerspaces can be viewed as open community labs incorporating elements of machine shops, workshops and/or studios where hackers can come together to share resources and knowledge to build and make things.
Many hackerspaces participate in the use and development of free software, open hardware, and alternative media. They are often physically located in infoshops, social centers, adult education centers, or on university campuses, but may relocate to industrial or warehouse space when they need more room.
Prominent hackerspace of the world
?-base
Site:c-base.org
Where the: Germany, Berlin
Membership:+300
Monthly membership dues: €17
London Hackspace [LHC]
Site: london.hackspace.org.uk
Where the: UK, London
Membership: +300
Monthly membership dues: minimum £5
NYC Resistor
Site: nycresistor.com
Where the: USA, New York
Membership: +30
Monthly membership dues: $75-115
Kiberpipa
Site: kiberpipa.org
Where the: Slovenia, Ljubljana
Membership: 20 active and 40 former, which are involved in the life of the hackspace
Monthly membership dues: no
Metalab
Site: www.metalab.at
Where the: Austria, Vienna
Membership: +130
Monthly membership dues: £20
-
NiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.
-
...is just that, a collection of handy bookmarks I initially collected that aid me in my day to day work or I find in the course of research. They are not all inclusive and some sections need to be parsed but they are all good reference materials. I find having this Hackery folder in Firefox an easy way to reference syntax, tricks, methods, and generally facilitate and organize research.
Categories:
- Hacker Media
Blogs Worth It
Forums
Magazines
Video- Methodologies
- OSINT
Presentations
People and Organizational
Infrastructure- Exploits and Advisories
- Cheatsheets and Syntax
Agile Hacking
OS and Scripts
Tools- Distros
- Labs
ISOs and VMs
Vulnerable Software
Test Sites- Exploitation Intro
- Reverse Engineering & Malware
- Passwords and Hashes
Wordlists
Pass the Hash
- MiTM
- Tools
OSINT
Metadata
Google Hacking
Web
Attack Strings
Shells
Scanners
Burp
Social Engineering
Password
Metasploit
MSF Exploits or Easy
NSE
Net Scanners and Scripts
Post Exploitation
Netcat
Source Inspection
Firefox Addons
Tool Listings
- Training/Classes
Sec/Hacking
Metasploit
Programming
Python
Ruby
Other Misc- Web Vectors
SQLi
Upload Tricks
LFI/RFI
XSS
Coldfusion
Sharepoint
Lotus
JBoss
VMWare Web
Oracle App Servers
SAP
- Wireless
- Capture the Flag/Wargames
- Conferences
- Misc/Unsorted
- 1
Use facebook URL to spread your "stub"
in Tutoriale in engleza
Posted
Very old bug. Original:
thehackernews.com/2012/01/url-redirection-vulnerability-in-google.html