background preloader

John the Ripper password cracker John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. You may browse the documentation for John the Ripper online, including a summary of changes between versions.

FreeSWITCH | Communication Consolidation Open Port Check Tool Nessus From the beginning, we've worked hand-in-hand with the security community. We continuously optimize Nessus based on community feedback to make it the most accurate and comprehensive vulnerability assessment solution in the market. 20 years later and we're still laser focused on community collaboration and product innovation to provide the most accurate and complete vulnerability data - so you don't miss critical issues which could put your organization at risk. Today, Nessus is trusted by more than 27,000 organizations worldwide as one of the most widely deployed security technologies on the planet - and the gold standard for vulnerability assessment. See for yourself - explore the product here. 1 in Accuracy Nessus has the industry's lowest false positive rate with six-sigma accuracy. 1 in Coverage Nessus has the deepest and broadest vulnerability coverage in the industry. 100+ new plugins released weekly 1 in Adoption 1 in Hearts and Minds Don't just take our word for it.

Scanning the Internet with Nmap (Defcon 16) Tutorial Scanning The Internet With Nmap (Defcon 16) Description: How would you like to scan millions of hosts on the Internet and catalog all the interesting insights? This is exactly what Fyodor, the author of Nmap or Network Mapper did last summer. In this talk Fyodor demos many of the new features he has added in Nmap lately including but not limited to - optimizing the host discovery process using TCP and UDP techniques, finding most used TCP and UDP ports on the Internet and inside Intranets of large corporations, packet rate control with a minimum and maximum setting, the pack trace option, ncat - which is a netcat clone and ndiff which allows one to diff between different scan dumps. The slides for the presentation are available here and a high resolution video can be downloaded here. Disclaimer: We are a infosec video aggregator and this video is linked from an external website.

OpenVAS - OpenVAS - Open Vulnerability Assessment System Community Site Packet Life Nessus With Advanced Support for Nessus Pro, your teams will have access to phone, Community, and chat support 24 hours a day, 365 days a year. This advanced level of technical support helps to ensure faster response times and resolution to your questions and issues. Advanced Support Plan Features Phone Support Phone support 24 hours a day, 365 days a year, available for up to ten (10) named support contacts. Chat Support Chat support available to named support contacts, accessible via the Tenable Community is available 24 hours a day, 365 days a year. Tenable Community Support Portal All named support contacts can open support cases within the Tenable Community. Initial Response Time P1-Critical: < 2 hr P2-High: < 4 hr P3-Medium: < 12 hr P4-Informational: < 24 hr Support Contacts Support contacts must be reasonably proficient in the use of information technology, the software they have purchased from Tenable, and familiar with the customer resources that are monitored by means of the software.

ShieldsUP! — Internet Vulnerability Profiling Your Internet connection's IP address is uniquely associated with the following "machine name": The string of text above is known as your Internet connection's "reverse DNS." The end of the string is probably a domain name related to your ISP. This will be common to all customers of this ISP. But the beginning of the string uniquely identifies your Internet connection. The concern is that any web site can easily retrieve this unique "machine name" (just as we have) whenever you visit. If the machine name shown above is only a version of the IP address, then there is less cause for concern because the name will change as, when, and if your Internet IP changes. There is no standard governing the format of these machine names, so this is not something we can automatically determine for you. Just something to keep in mind as you wander the Internet.

PsExec Introduction Utilities like Telnet and remote control programs like Symantec's PC Anywhere let you execute programs on remote systems, but they can be a pain to set up and require that you install client software on the remote systems that you wish to access. PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems. Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. Installation Just copy PsExec onto your executable path. Using PsExec See the July 2004 issue of Windows IT Pro Magazine for Mark's article that covers advanced usage of PsExec. psexec \\marklap"c:\long name app.exe"

Customize an HTML5 Webpage using the Bootstrap Framework Many web developers are familiar with Twitter Bootstrap and have seen this library on a number of projects. The Bootstrap core is fantastic when you need a CSS reset along with other common layout features. It may not be the right fit on projects where you need a whole lot of customization. Downloading Bootstrap Right from the hosted Github project page you should be able to download a copy of Bootstrap. I will also be using the two minified CSS documents named bootstrap.min.css and bootstrap-responsive.min.css. The HTML5 doctype is the best supported option for modern browsers. Heading Navigation Bar Directly after the opening body tag I have setup a fixed navigation menu. The header div contains another bit of code with a container and the class .text-center. All of this code is stored inside my own custom stylesheet global.css. Flexible Columns Underneath the fullscreen background image I have created a centered main content area. Picture Thumbnails Closing the Footer View Demo

NetworkMiner - The NSM and Network Forensics Analysis Tool NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner showing files extracted from sniffed network traffic to disk NetworkMiner showing thumbnails for images extracted to disk

Introducing HTML’s new template element You may have heard of Web Components, a suite of emerging standards that make it possible to build secure reusable widgets using web platform technologies. One of the first specs to make its way into implementation is HTML Templates, embodied by the template element, which as I write this is implemented in Chrome Canary and Firefox Nightly. If you've used Mustache, Handlebars or any similar front-end templating library you'll be quite familiar with how the template element works: you just include it in your document (it's apparently legal inside head or body), perhaps with a unique id for easy reference and add some markup inside it; for example: The template element will be parsed by the browser but not rendered in the page; the markup inside is considered completely inert, meaning no style rules will be applied and no assets loaded. In order to use the template markup you'll need to activate it by placing it into the DOM using JavaScript. View Demo