The GNU Netcat -- Official homepage evilsocket/dsploit airmon-ng Description This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Usage usage: airmon-ng <start|stop><interface> [channel] or airmon-ng <check|check kill> Where: <start|stop> indicates if you wish to start or stop the interface. Usage Examples Typical Uses Check status and/or listing wireless interfaces ~# airmon-ng PHY Interface Driver Chipset phy0 wlan0 ath9k_htc Atheros Communications, Inc. Checking for interfering processes When putting a card into monitor mode, it will automatically check for interfering processes. ~# airmon-ng check Found 5 processes that could cause trouble. Killing interfering processes This command stops network managers then kill interfering processes left: ~# airmon-ng check kill Killing these processes: PID Name 870 dhclient 1115 wpa_supplicant Enable monitor mode Note: It is very important to kill the network managers before putting a card in monitor mode! Disable monitor mode Usage Tips
Wirelessdefence.org "coWPAtty is designed to audit the pre-shared key (PSK) selection for WPA networks based on the TKIP protocol." - Joshua Wright. Project Homepage: also see: Local Mirror: cowpatty-4.6.tgz MD5: b90fd36ad987c99e7cc1d2a05a565cbd Installing coWPAtty coWPAtty Dictionary Attack Precomputing WPA PMK to crack WPA PSK coWPAtty Precomputed WPA Attack coWPAtty Tables NOTE: coWPAtty 4.0 and above also include WPA2 attack capabilities (usage remains the same). Download the latest coWPAtty (currently coWPAtty-4.2) to /tools/wifi tar zxvf cowpatty-4.2.tgz cd cowpatty-4.2 make To perform the coWPAtty dictionary attack we need to supply the tool with a capture file that includes the TKIP four-way handshake, a dictionary file of passphrases to guess with and the SSID for the network. . wpa-test-01.cap is the capture containing the four-way handshake dict is the password file cuckoo is the network SSID . hashfile is our output file
Password crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. 12 tools Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. version 1.1 on April 24, 2010 (2 years, 7 months ago). crackers wireless UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. version 4.9.43 on Dec. 3, 2011 (1 year ago). sniffers John the Ripper is a fast password cracker for UNIX/Linux and Mac OS X.. version 1.7.9-jumbo-7 on Sept. 20, 2012 (2 months, 4 weeks ago). version 7.3 on May 23, 2012 (6 months, 4 weeks ago). traffic-monitors fuzzers
raffaele-forte/pycryptocat RainbowCrack Project - Crack Hashes with Rainbow Tables Troy Hunt: The beginners guide to breaking website security with nothing more than a Pineapple You know how security people get all uppity about SSL this and SSL that? Stuff like posting creds over HTTPS isn’t enough, you have to load login forms over HTTPS as well and then you can’t send auth cookies over HTTP because they’ll get sniffed and sessions hijacked and so on and so forth. This is all pretty much security people rhetoric designed to instil fear but without a whole lot of practical basis, right? That’s an easy assumption to make because it’s hard to observe the risk of insufficient transport layer protection being exploited, at least compared to something like XSS or SQL injection. But it turns out that exploiting unprotected network traffic can actually be extremely simple, you just need to have the right gear. Say hello to my little friend: This, quite clearly, is a Pineapple. What is this “Pineapple” you speak of?! Huh? This isn’t the only way of configuring the thing, but being tethered to the attacker’s PC is the easiest way of understanding how it works. Karma, baby
Short Film of the Day: Stuxnet: Anatomy of a Computer Virus | Film School... - StumbleUpon Why Watch? Because we should challenge how we define a film. Most of the shorts featured in this column are either easy to spot as stories or completely experimental. Even when a documentary short is in the spotlight, it tells a clear tale of people doing things. Stuxnet: Anatomy of a Computer Virus is an informational film made entirely of voice over narration and motion graphics. It’s beautiful, compelling, and it does tell a story, but it’s nothing like most short films. What does it cost? Check out Stuxnet: Anatomy of a Computer Virus for yourself: Trust us.
raffaele-forte/climber