Making a 20dB Low Noise Amplifier for a 400MHz radio. S BootCD 15.2 - All in one Bootable CD. Antivirus Tools Avira AntiVir Personal Free anti-virus and anti-spyware on-demand scanner, detects and removes more than 50000 viruses and trojans.
ComboFix Designed to cleanup malware infections and restore settings modified by malware. GMER 1.0.15 Hidden services, hidden registry, hidden file scanner, Rootkit Detector and Remover. Remove Fake Antivirus 1.82 Tool to remove virus/malware which disguises itself to be an antivirus and produces fake alert/warnings and urge you to purchase a useless copy of the fake antivirus. SuperAntispyware Remove Adware, Malware, Parasites, Rootkits, Spyware, Trojan, and Worms (downloadable). TDSSKiller 2.8.13 Remove malware belonging to the family Rootkit.Win32.TDSS aka Tidserv, TDSServ and Alureon. Backup Tools CloneDisk 1.9.6 All in one tool for MBR, Partition, Disk, VMWare Disk images vmdk/vmx/vhd, and much more. DiskImage 1.6 Creates and writes disk images files to hard and floppy disks. The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes. The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes.
One of the hottest new tools in Backtrack 4 final is the Social Engineering Toolkit otherwise known as SET.
The tool was written by a major contributor to Backtrack, David Kennedy (ReL1k). He is also a friend. The homepage for SET is and there is more useful information there. Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick. Mantra – Le navigateur des hackers. Si vous aimez jouer aux petits hackers en culottes courtes, sachez qu'il existe un navigateur entièrement libre et open source qui intègre tous les outils nécessaires pour faire vos pentests, ou debugger vos applications en ligne.
Metasploit – Mais que peut-on pirater avec ? Metasploit – Mais que peut-on pirater avec ?
Si vous voulez vous entrainer à utiliser Metasploit, et vous perfectionner grâce à des tutos qui expliquent comment exploiter une machine avec cet outil, je vous recommande l'utilisation de Metasploitable plutôt que de vous lancer sur du hacking sauvage (et vous attirer des problèmes). Metasploitable est une distrib Ubuntu 8.04 disponible sous forme de machine virtuelle VMWare, qui contient des packages comme Tomcat, Distcc, Tikiwiki, Twiki, MySQL... avec bien sûr des failles de sécurité exploitable avec Metasploit. La VM est configurée pour être utilisé en mode non persistant, ce qui veut dire que vous pouvez lui éclater la tronche, un simple reboot la remettra dans sa configuration initiale. Metasploitable est téléchargeable directement en torrent. Vulnerability Management & Penetration Testing Software. Firesheep.
The extension was created as a demonstration of the security risk of session hijacking vulnerabilities to users of web sites that only encrypt the login process and not the cookie(s) created during the login process.[3] It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries.
Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems).[4] Note that even if they did, it wouldn't actually prevent anyone from using Firesheep, as Firefox contains a hidden setting to disable this blacklist.[5]
Firesheep. 80legs - Custom Web Crawlers, Powerful Web Crawling, and Data Extraction. Attack Tools. Sometimes, the best defense is a good offense.
Bishop Fox’s attack tools for Google Hacking level the playing field by allowing our clients to find information disclosures and exposed vulnerabilities before others do. Arm yourself with our arsenal of attack tools that leverage Google, Bing, and other popular search engines. SearchDiggity SearchDiggity v 3 SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project.
Downloads. SharePoint Hacking Diggity Project « Stach & Liu. DEF CON 20 (2012) - Tenacious Diggity (Full Video) - 29July2012. The Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec.
It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. Software >> sslstrip. This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009.
It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. Notification : stratégie - filtrage des URL. [0x00] News and Changelog Check out the feature sets and services coverage page - including a speed comparison against ncrack and medusa (yes, we win :-) ) Development just moved to a public github repository: There is a new section below for online tutorials.
Read below for Linux compilation notes. CHANGELOG for 8.3 =================== ! Development moved to a public github repository: * Support for upcoming OpenSSL 1.1 added. needs testing. * Fixed hydra redo bug (issue #113) * Updated xhydra for new hydra features and options * Some more command line error checking * Ensured unneeded sockets are closed You can also take a look at the full CHANGES file [0x01] Introduction Welcome to the mini website of the THC Hydra project. Number one of the biggest security holes are passwords, as every password security study shows. w3af - Open Source Web Application Security Scanner. Tortilla – Un outil capable de router tout le trafic TCP/IP et DNS d’une machine Windows via TOR. Tor est une invention formidable (Et Jacob Appelbaum mériterait bien un prix Nobel tiens...) et qui pourtant, sous Windows est mal exploité.
En effet, à part le Tor Bundle (Tor + Firefox), qui permet de surfer de manière anonymisée, il n'existe rien d'autre. HakTip - DEFCON 19: Wireless Security Assessment. SSL Survey. Netcraft’s SSL Survey examines the use of encrypted transactions on the Web through extensive automated exploration of the internet. Each month it provides timely answers to questions such as: How many companies are doing encrypted transactions over the internet?
How many more companies are using SSL compared to the previous 12 months? HackerTarget – Faites votre propre audit de sécurité. Vulnerability Scanners and Free IP Tools. Knowing what services are running on your systems, and being able to identify if and when any of those services change, is the first step in securing your network. Get immediate online access to open source vulnerability scanning tools for testing of web applications, Internet servers and IP networks. In addition to the selection of vulnerability scanners we also have Free access to a number of IP Tools that can be used for troubleshooting, research and information gathering when conducting a security assessment. Transformez votre téléphone Android en hacking machine. Transformez votre téléphone Android en hacking machine.
ESET Rootkit Detector Beta. ESET Support ESET Rootkit Detector Beta What can rootkit do? A rootkit is a stealthy type of malicious software designed to lie hidden on computers and remain undetected by antivirus software. It enables continued administrative access to a computer, allowing access to your personal information. Rootkits are frequently used in combination with other malware to hide them from users and security products. Why do I need this? The code for creating rootkit is nowadays available online. What is the ESET Rootkit Detector? ESET Rootkit Detector is a small app file. Linux and Open source PortSpoof – An interesting anti-snooping tool for Linux. Fool those who try to portscan your system! The Portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports.
It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure. The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task I’ve found the concept behind this small program really interesting : instead of close all your ports with a firewall deceive the real ports, thus annoying the guys who are running portscan versus your server/computer. Linux and Open source Understanding Nmap Commands: In depth Tutorial with examples.
Article by James Hawkins As we all know, Nmap (Network Mapper) is a stealth port scanner widely used by network security experts (including forensics & Pen-testing Experts). In this article we’ll see the different types of Nmap Scans, its techniques, understanding the purpose and goals of each scan , its advantages or disadvantages over other scanning tools, which could be better at evading firewalls & IDS (To a certain extent) and much more. In this first part, I have made my best to explain the basic scanning techniques, Host discovery options, port scanning options, techniques used in detecting Operating system & services running on the system. i also give Nmap as already installed on your system. Let’s start with one of the most basic and default scan, the one without using any parameters. Open up the terminal, in Ubuntu ctrl+alt +t This is a basic scan of the local IP address 192.168.1.34, we use sudo to gain administrator privileges, and then we give the target to Nmap.
Unicode fun. All Unicode characters in the range 0x0000-0xFFFF which have a visible glyph in Windows's Arial font. Copy-paste to build fun smileys ! Sqlninja - a SQL Server injection & takeover tool. Sqlmap.org. PHPIDS » Web Application Security 2.0. The Social-Engineer Toolkit (SET) Linux and Open source Understanding Nmap Commands: In depth Tutorial with examples.
Internet Research, Anti-Phishing and PCI Security Services. Live HTTP Headers. Notification : stratégie - filtrage des URL. Introduction Maltego est une application graphique très simple, qui permet de retrouver des relations entre différentes informations comme les adresses IP, les NDD, les DNS, les réseaux sociaux ou encore des documents. Configuration Dans un premier temps, allez dans le menu "Tools" puis "Options" et suivez l'arborescence suivante: "IDE Configuration" > "Server and External Tool Settings" > "Web Browsers" et supprimez Mozilla. Ensuite, il faut mettre à jour les "transforms". Pour cela allez dans le menu "Tools" puis "Manage Transforms", cliquez sur le bouton "Discover Transforms" et procédez à la mise à jour. Cela vous conduit sur le site www.paterva.com, remplissez le formulaire pour vous enregistrer.
PassiveRecon. Defcon 18 - You spent all that money and you still got owned - Joseph McCray - Part .mov. Waffit - A set of security tools to help you audit your WAF. Wafw00f.py - waffit - A set of security tools to help you audit your WAF. USB Rubber Ducky. Comment rendre indétectable un malware sous OSX « Korben Korben. Comment rendre indétectable un malware sous OSX Sur Mac OSX, il existe un mécanisme de chiffrement qui permet de protéger certains exécutables système comme le "Dock.app" ou le "Finder.app" afin d'éviter que des malwares viennent les infecter. Heureusement, même avec ce chiffrement OSX sait déchiffrer et exécuter ces binaires en toute transparence pour l'utilisateur. BlackHole 2.0 gives hackers stealthier ways to pwn. A new version of the BlackHole exploit kit is now out on the web and ready to start infecting. The developer of the toolkit, who goes by the handle "Paunch," recently announced the availability of Blackhole 2.0, which removes much of its trove of known and patched exploits, and replaces them with a whole new crop—along with features that will make it harder for antivirus companies and site owners to detect trouble.
BlackHole is a widely-used, web-based software package which includes a collection of tools to take advantage of security holes in web browsers to download viruses, botnet trojans, and other forms of nastiness to the computers of unsuspecting victims. The exploit kit is offered both as a "licensed" software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server. There are also a number of enhancements in the administrative panel for the tool. All these new capabilities come without a bigger sticker price.
DNS LookUp : Analyse nslookup de nom de domaine. Software & ReverseEngineering. DNS Lookup tool, Reverse DNS lookup tool - www.DNSWatch.info. Manage Monitor Analyze. Reaver-wps - Brute force attack against Wifi Protected Setup. Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations. On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase. John the Ripper password cracker. John the Ripper is free and Open Source software, distributed primarily in source code form.
If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.
WPS Flaw Vulnerable Devices. Law Enforcement Twitter Scanner. Trinary Software. Click on either top image below to interact with a live DEMO in UNITY. Each node represents connections to other sites, pages and links. PunkSPIDER. WarVOX: Introduction. Getting Started. In order to make phone calls, WarVOX needs to be configured with one or more service providers. For a list of VoIP ISPs, please see the Service Providers section. To add a new provider to WarVOX, access the web interface, click the Providers link, and fill in the New Provider form. This form allows you to specify a nickname for the provider and indicate how many concurrent outbound calls can be made using this account.
WarVOX can make use of multiple service providers and multiple outbound calls per provider when processing jobs. Satmap. Trustedsec/social-engineer-toolkit. The Social-Engineer Toolkit (SET) dSploit. New malware for Mac: Backdoor.OSX.Morcut. Drk1wi/portspoof. Home of Simone Margaritelli ( aka evilsocket ) Evilsocket/fang. Evilsocket/NetCommander. Raffaele-forte/climber. Epinna/Weevely. Raffaele-forte/pycryptocat. Evilsocket/dsploit. Kismet. Un outil Android qui aspire les mots de passe des PCs. Android Hack-Tool Steals PC Info. Android malware that gives hackers remote control is on rise.
Backdoor.Adwind Technical Details. Scapy. Shodan. Defcon 20 - Dan Tentler - Drinking from the caffeine firehose we know as shodan. Security - The Leading Provider of Defensive and Offensive Cyber Security Intelligence. Kismet (programme) La tablette ultime pour vérifier la sécurité d'un réseau. Sécurité – Se former à l’exploitation. PentesterLab.com.