background preloader

SecurityXploit: Pentest

SecurityXploit: Pentest
web-sorrow - Linux Am Saturday, 19. May 2012 im Topic 'Pentest' A perl based tool used for checking a Web server for misconfiguration, version detection, enumeration, and server information. I will build more Functionality in the future. what is's NOT: Vulnerably scanner, inspection proxy, DDoS tool, exploitation framework. It's entirely focused on Enumeration and collecting Info on the target server basic: perl -host -S look for login pages: perl -host -auth CMS intense scan: perl -host -Ws -Cp all -I most intense scan possible: perl -host -e -ua "I come in peace" Permalink HackBar 1.6.1 - Add-on Am Friday, 4. This toolbar will help you in testing sql injections, XSS holes and site security. " # Load url ( alt a ) This loads the url of the current page into the textarea. # Split url ( alt s ) When this button is clicked, the url/text in the textarea will be split into multiple lines using the ? 1.

Related:  Hacking Tools / Downloads / Scripts & CodesTechniques de Hacking

ActivePerl is Perl for Windows, Mac, Linux, AIX, HP-UX & Solaris ActivePerl Business and Enterprise Editions feature our precompiled, supported, quality-assured Perl distribution used by millions of developers around the world for easy Perl installation and quality-assured code. When you're using Perl on production servers or mission-critical applications, ActivePerl Business and Enterprise Editions offer significant time savings over open source Perl for installing, managing, and standardizing your Perl . If you are using ActivePerl for production, redistribution, on terminal servers, for thin client for app deployment (i.e. on MS Terminal Services, Citrix XenApp or File Servers), or for use on HP-UX/AIX/Solaris then ActivePerl Community Edition is not the right license for you. Hidden iframe injection attacks [Updated on October 27, 2009 with new a version of the script] It is a shame that after all those posts about security, some of my websites were under attack today. Shoban and Anand emailed me about this today morning (Thanks guys) and I tried to understand what was going on. To my utter disbelief more than 10 websites hosted in the same server were affected by the attack. All the index.* files in the server were infected with a piece of code that loaded a hidden iframe in the page. To the html pages the following piece of code was added:

Windows Tools For Penetration Testing Most penetration testers are using either a Mac or a Linux-based platform in order to perform their penetration testing activities.However it is always a good practice to have and a Windows virtual machine with some tools ready to be used for the engagement.The reason for this is that although Windows cannot be used as a main platform for penetration testing some of the utilities and tools can still help us to extract information from our windows targets.So in this post we will see some of the tools that we can use in our windows system. HashCheck Shell Extension The HashCheck Shell Extension makes it easy for anyone to calculate and verify checksums and hashes from Windows Explorer. In addition to integrating file checksumming functionality into Windows, HashCheck can also create and verify SFV files (and other forms of checksum files, such as .md5 files).

ActiveTcl is Tcl for Windows, Mac, Linux, AIX, HP-UX & Solaris ActiveTcl Business and Enterprise Editions include our precompiled, supported, quality-assured Tcl distribution used by millions of developers around the world for easy Tcl installation and quality-assured code. When you're using Tcl on production servers or mission-critical applications, ActiveTcl Business Edition and Enterprise Editions offer significant time savings over open source Tcl for installing, removing, upgrading, and managing common Tcl modules. Not sure which edition is right for you?

ACM SIGMOBILE Seventh Annual International Conference on Mobile Computing and Networking Schedule-at-a-Glance The ACM SIGMOBILE Annual International Conference on Mobile Computing and Networking is dedicated to addressing the challenges of the wireless revolution. The conference serves as the premier international forum addressing networks, systems, algorithms, and applications that support the symbiosis of mobile computers and wireless networks. The conference covers all areas of mobile computing and wireless and mobile networking at the link layer and above. For those of you familiar with this annual conference, you will notice that our usual acronym is missing this year. We were asked not to use our traditional name in Italy on penalty of law since it is an existing Italian trademark. Offensive Computer Security Home Page (CIS 4930 / CIS 5930) Spring 2014 - Vimperator Instructors Prof. Xiuwen Liu (homepage: W. Owen Redwood (homepage: Course Time and Location

IT Security Cookbook - Firewalls: Securing external Network connections Summary: A quick guide to firewalls If you just want to connect to the Internet to browse the Web and exchange email for a few users, forget a firewall. Just setup a non-networked PC with simple dialup access to a service provider. Install a simple personal firewall like BlackICE. Unplug the modem when the PC is not in use. Solaris/SunOS: Use the instructions in sp/Solaris_hardening.html or sp/Solaris_hardening3.html to strip unnecessary services from the system.

Jpg+FileBinder Free Download Protecting private information against unauthorized access is one of the problems that computer users encounter. In order to solve this issue, you can use various encryption methods, but there are also applications such as Jpg+FileBinder that can help you. This lightweight tool is simple, yet useful, as it allows you to hide important information in a picture carrier file. Practically, it merges an archive file with a picture, making the output look like an image, when actually it contains the compressed file.

Mozilla Firefox Freedom of speech should not be sacrificed in the recording industry's war to restrict the public from making copies of digital music. EFF has asked a federal court to declare that scientists from Princeton and Rice University can publish their research on digital music security weaknesses at the USENIX Conference in August 2001. When a team led by Princeton Professor Edward Felten accepted a public challenge by the Secure Digital Music Initiative (SDMI) to break new security systems, they did not give up their First Amendment right to teach others what they learned. Yet they have been threatened by SDMI and the Recording Industry Association of America (RIAA) to keep silent or face litigation under the Digital Millennium Copyright Act (DMCA).