background preloader

NetworkMiner - The NSM and Network Forensics Analysis Tool

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner showing files extracted from sniffed network traffic to disk NetworkMiner showing thumbnails for images extracted to disk

PsExec Introduction Utilities like Telnet and remote control programs like Symantec's PC Anywhere let you execute programs on remote systems, but they can be a pain to set up and require that you install client software on the remote systems that you wish to access. PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems. Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. Installation Just copy PsExec onto your executable path. Using PsExec See the July 2004 issue of Windows IT Pro Magazine for Mark's article that covers advanced usage of PsExec. psexec \\marklap"c:\long name app.exe"

Play Session Injection Difficulty Beginner Details This exercise covers the exploitation of a session injection in the Play framework Warning, make sure you give at least 512MB of RAM to the VM What you will learn? Session injection Play framework Play's cookies Requirements A computer with a virtualisation software A basic understanding of HTTPYes, that's it! Download Nessus Vulnerability Scanner | Tenable Network Security With Advanced Support for Nessus Pro, your teams will have access to phone, Community, and chat support 24 hours a day, 365 days a year. This advanced level of technical support helps to ensure faster response times and resolution to your questions and issues. Advanced Support Plan Features Phone Support Phone support 24 hours a day, 365 days a year, available for up to ten (10) named support contacts. Chat Support Chat support available to named support contacts, accessible via the Tenable Community is available 24 hours a day, 365 days a year. Tenable Community Support Portal All named support contacts can open support cases within the Tenable Community. Initial Response Time P1-Critical: < 2 hr P2-High: < 4 hr P3-Medium: < 12 hr P4-Informational: < 24 hr Support Contacts Support contacts must be reasonably proficient in the use of information technology, the software they have purchased from Tenable, and familiar with the customer resources that are monitored by means of the software.

Open Port Check Tool FreeSWITCH | Communication Consolidation John the Ripper password cracker John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. You may browse the documentation for John the Ripper online, including a summary of changes between versions.

Scanning the Internet with Nmap (Defcon 16) Tutorial Scanning The Internet With Nmap (Defcon 16) Description: How would you like to scan millions of hosts on the Internet and catalog all the interesting insights? This is exactly what Fyodor, the author of Nmap or Network Mapper did last summer. In this talk Fyodor demos many of the new features he has added in Nmap lately including but not limited to - optimizing the host discovery process using TCP and UDP techniques, finding most used TCP and UDP ports on the Internet and inside Intranets of large corporations, packet rate control with a minimum and maximum setting, the pack trace option, ncat - which is a netcat clone and ndiff which allows one to diff between different scan dumps. The slides for the presentation are available here and a high resolution video can be downloaded here. Disclaimer: We are a infosec video aggregator and this video is linked from an external website.

OpenVAS - OpenVAS - Open Vulnerability Assessment System Community Site Computer acting funny? It may be infected with a virus! One great thing about computers is that they often warn us when something is wrong. Sometimes they suddenly slow down to a crawl, other times they start to freeze up or even crash for what seems to be no reason at all. Most of the time though, there is a reason why our computers start to act funny. One of those reasons is due to malware and viruses. No one likes to have a computer virus, but if you do happen to catch one, it’s important to know the warning signs so that you can take care of the problem as soon as possible. If you have noticed one or more of the above symptoms on your computer, it’s time to take immediate action. Be sure to share this infographic so that others can benefit as well. Abby Ryan Design | PC Ninja Featured photo credit: Graphs.net via graphs.net

untitled List of Rainbow Tables This page lists the rainbow tables we generated. LM rainbow tables speed up cracking of password hashes from Windows 2000 and Windows XP operating system. NTLM rainbow tables speed up cracking of password hashes from Windows Vista and Windows 7 operating system. The largest rainbow tables here are ntlm_mixalpha-numeric#1-9, md5_mixalpha-numeric#1-9 and sha1_mixalpha-numeric#1-9. Benchmark result of each rainbow table is shown in last column of the list below. Video demonstration of some rainbow tables on Perfect rainbow tables are rainbow tables without identical end points, produced by removing merged rainbow chains in normal rainbow tables. Rainbow Tables LM Rainbow Tables NTLM Rainbow Tables MD5 Rainbow Tables SHA1 Rainbow Tables Perfect Rainbow Table Generation, Sort, Merge and Conversion Commands All rainbow tables in this page can be generated with RainbowCrack software. © 2017 RainbowCrack Project

Free Rainbow Tables » Distributed Rainbow Table Generation » LM, NTLM, MD5, SHA1, HALFLMCHALL, MSCACHE

Related: