background preloader


Facebook Twitter

Diary of a reverse-engineer. Shazzer - Shared Fuzzer. SSLsplit - transparent and scalable SSL/TLS interception (SSLsplit) Copyright 2009–2016 Daniel Roethlisberger and contributors.

SSLsplit - transparent and scalable SSL/TLS interception (SSLsplit)

All rights reserved. Licensed under a two-clause BSD license. Latest release: sslsplit-0.5.0.tar.bz2 (.asc) Documentation: sslsplit(1) — — Development: droe/sslsplit — follow @droethlisberger for news Overview. Python arsenal for RE. Ettercap Home Page. Easy-creds. Dsniff. Aircrack-ng. Ping Tunnel - Send TCP traffic over ICMP. Using ptunnel Client: . /ptunnel -p <proxy address> -lp <listen port> -da <destination address> -dp <destination port> [-c <network device>] [-v <verbosity>] [-f <logfile>] [-u] [-x password]Proxy: . /ptunnel [-c <network device>] [-v <verbosity>] [-f <logfile>] [-u] [-x password] The -p switch sets the address of the host on which the proxy is running. A quick test to see if the proxy will work is simply to try pinging this host - if you get replies, you should be able to make the tunnel work.

The -lp, -da and -dp switches set the local listening port, destination address and destination port. Sudo . An ssh connection to can now be established as follows: ssh -p 8000 localhost. Privoxy - Home Page. Ngrep - network grep. Alobbs/macchanger. GNU httptunnel. Httptunnel creates a bidirectional virtual data connection tunnelled in HTTP requests.

GNU httptunnel

The HTTP requests can be sent via an HTTP proxy if so desired. This can be useful for users behind restrictive firewalls. If WWW access is allowed through a HTTP proxy, it's possible to use httptunnel and, say, telnet or PPP to connect to a computer outside the firewall. Hping - Active Network Security Tool. Software >> sslsniff. Some History This tool was originally written to demonstrate and exploit IE's vulnerabilityto a specific "basicConstraints" man-in-the-middle attack.

Software >> sslsniff

While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes. It is designed to MITM all SSL connections on a LAN, and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide. The New Scoop Version 0.6 has been significantly updated to additionally support the null-prefix attacks that I demonstrated at BlackHat 09 and Defcon 17. Sslsniff has also been updated to support the OCSP attacks that I published at Blackhat 09 and Defcon 17, thus making the revocation of null-prefix certificates very difficult. Software >> sslstrip.

This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009.

Software >> sslstrip

It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements. Home. Reaver-wps - Brute force attack against Wifi Protected Setup. Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.

reaver-wps - Brute force attack against Wifi Protected Setup

On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase. Intimidated by the command-line? Running Windows, OS X, or just don't want to run Linux, download, and compile the open source Reaver? End-to-end - End-To-End. End-To-End is a Chrome extension that helps you encrypt, decrypt, digital sign, and verify signed messages within the browser using OpenPGP.

end-to-end - End-To-End

This is the source code for the alpha release of the End-To-End Chrome extension. It's built upon a newly developed, JavaScript-based crypto library. End-To-End implements the OpenPGP standard, IETF RFC 4880, enabling key generation, encryption, decryption, digital signature, and signature verification. We’re releasing this code to enable community review; it is not yet ready for general use.

For more background, please see our blog post. Since this is source, I could just build this and submit it to the Chrome Web Store. OpenPGP JavaScript Implementation. Stanford Javascript Crypto Library. The Stanford Javascript Crypto Library (hosted here on GitHub) is a project by the Stanford Computer Security Lab to build a secure, powerful, fast, small, easy-to-use, cross-browser library for cryptography in Javascript.

Stanford Javascript Crypto Library

SJCL is easy to use: simply run sjcl.encrypt("password", "data") to encrypt data, or sjcl.decrypt("password", "encrypted-data") to decrypt it. For users with more complex security requirements, there is a much more powerful API, described in the documentation and illustrated in this demo page. SJCL is small but powerful. The minified version of the library is under 6.4KB compressed, and yet it posts impressive speed results. Wappalyzer. SecWiki. w3af - Open Source Web Application Security Scanner. Code Typer. ASCII art API. I, Hacker - Hungry hungry macros. Joybubbles. Whistler[edit] As a five-year old, Engressia discovered he could dial phone numbers by clicking the hang-up switch (“tapping”), and at the age of 7 he accidentally discovered that whistling at certain frequencies could activate phone switches.[4] A student at the University of South Florida in the late 1960s, he was given the nickname “Whistler” due to his ability to place free long distance phone calls by whistling, with his mouth, the proper tones.


After a Canadian operator reported him for selling such calls for $1 at the university, he was suspended and fined $25 but soon reinstated;[4] he later graduated in philosophy and moved to Tennessee. According to FBI records, the phone company SBT&T first noticed his phreaking activities in summer 1968, and an employee of the Florida Bell Telephone Company illegally monitored Engressia’s telephone conversations and divulged them to the FBI.[4] Secrets of the Little Blue Box. Why this is the authoritative edition As published in the October 1971 issue of Esquire Magazine. by Ron Rosenbaum A story so incredible it may even make you feel sorry for the phone company The Blue Box Is Introduced:Its Qualities Are Remarked I am in the expensively furnished living room of Al Gilbertson*, the creator of the "blue box.

Secrets of the Little Blue Box

" "That's what it does. "And they can't trace the calls? Home — Oqlt. The Original Hacker's Dictionary. [This file, jargon.txt, was maintained on MIT-AI for many years, before being published by Guy Steele and others as the Hacker's Dictionary.

The Original Hacker's Dictionary

Many years after the original book went out of print, Eric Raymond picked it up, updated it and republished it as the New Hacker's Dictionary. Unfortunately, in the process, he essentially destroyed what held it together, in various ways: first, by changing its emphasis from Lisp-based to UNIX-based (blithely ignoring the distinctly anti-UNIX aspects of the LISP culture celebrated in the original); second, by watering down what was otherwise the fairly undiluted record of a single cultural group through this kind of mixing; and third, by adding in all sorts of terms which are "jargon" only in the sense that they're technical. This page, however, is pretty much the original, snarfed from MIT-AI around 1988. -- jpd.] Verb doubling: a standard construction is to double a verb and use i as a comment on what the implied subject does. ARG n. BANG n. J. Hacking for Artists.