The Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community. The Social-Engineer Toolkit has over 2 million downloads and is aimed at leveraging advanced technological attacks in a social-engineering type environment. TrustedSec believes that social-engineering is one of the hardest attacks to protect against and now one of the most prevalent.
OWASP Broken Web Applications Project Main The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: learning about web application security testing manual assessment techniques testing automated tools testing source code analysis tools observing web attacks testing WAFs and similar code technologies all the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch.
He can hack into your smartphone with 1 SMS SINGAPORE - Rik Ferguson looks like someone not to be messed with. The humorous IT security expert, who sports numerous tattoos and has a penchant for heavy metal music, can hack into your mobile phone with a single SMS. He can then remotely listen to your calls, read text messages and even access the password to your online bank account. "It's creepy, isn't it?" STEGANOGRAPHY SOFTWARE Steganography applications conceal information in other, seemingly innocent media. Steganographic results may masquerade as other file for data types, be concealed within various media, or even hidden in network traffic or disk space. We are only limited by our imagination in the many ways information and data can be exploited to conceal additional information.
The TCP/IP Guide The TCP/IP Guide Welcome to the free online version of The TCP/IP Guide! My name is Charles and I am the author and publisher. Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) i Deliberately Insecure Web Applications For Learning Web App Security Over the last few months I've been teaching free classes for the ISSA Kentuckiana chapter in Louisville Kentucky. After doing one on Nmap and another on Sniffers, I talked it over with my buddies Brian and Jeff and decided that the next one should be on web application vulnerabilities. Now the question becomes what to test against in a classroom environment?
Simple Steps to Hack a Smartphone What kind of information do you have on your business card? Company name? Check. Your name and title? Check. Creating a Custom Linux Kernel in Debian GNU/Linux The most current version of this document can be found at Contents DisclaimerMaintenance LogIntroductionStep 1: Update Your sources.list FileStep 2: Update the List of Available PackagesStep 3: Apply Pending UpdatesStep 4: Install the Kernel Source PackageStep 5: Unpack the Kernel SourcesStep 6: Install Step 7: Patch the KernelStep 8: Configure the KernelStep 9: Create the Kernel Image PackageStep 10: Customize the Kernel Installation Environment Changing Boot Loaders Customizing the Squeeze (6.0) Environment Customizing the Wheezy (7.1) Environment Customizing the Jessie EnvironmentStep 11: Install the Kernel Image PackageStep 12: Shutdown and RebootStep 13: Clean UpStep 13a: Clean Up (Part Two)Step 14: MaintenanceAlternativesA Specific ExampleAnother Specific ExampleConclusion Disclaimer This is not an official Debian site. The author is not a member of the Debian kernel team.
Offensive Computer Security Home Page (CIS 4930 / CIS 5930) Spring 2014 - Vimperator Instructors Prof. Xiuwen Liu (homepage: W. Owen Redwood (homepage: Notification : stratégie - filtrage des URL [0x00] News and Changelog Check out the feature sets and services coverage page - including a speed comparison against ncrack and medusa (yes, we win :-) ) Development just moved to a public github repository: There is a new section below for online tutorials. Read below for Linux compilation notes. CHANGELOG for 8.3 =================== ! i What is Mutillidae? Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver.