reaver-wps - Brute force attack against Wifi Protected Setup Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations. On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase. Intimidated by the command-line? Reaver Pro is now ONLY $69.99!!! Reaver Pro is a compact embedded device customized for Reaver attacks. Reaver Pro Features: New easy to use GUI Optimized PIN sequencing using Markov Chains based on on PINs from hundreds of actual WPS-enabled devices Automatically connect to the target and send the PIN and PSK to an email address you specify
stunnel: FAQ Troubleshooting "Could not find your SSL library installation dir" when running configure The first posibility is that you have not installed an SSL library, either OpenSSL or SSLeay. The other possibility is that you installed your SSL library in a non-standard place. Configure is not finding my TCP Wrapper installation You probably have it in a non-standard place, i.e. somewhere that gcc cannot find it on its own. CFLAGS="$CFLAGS -I/opt/tcpd_7.6/include" CPPFLAGS="$CPPFLAGS -I/opt/tcpd_7.6/include" LDFLAGS="$LDFLAGS -L/opt/tcpd_7.6/lib" export CFLAGS CPPFLAGS LDFLAGS And then re-run configure. What to do when stunnel fails Firstly, the most important things to try when you are having trouble running stunnel is to: run with full debug mode debug = 7if running the daemon, run it in the foreground foreground = yes Doing this gives you the best chance of catching the errors in the log on the screen. I do not have the openssl binary / Cannot make stunnel.pem! I get the error Help! Applications
Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) Setup tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 (optional) sudo python . Running sslstrip That should do it. How does this work? First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. At this point, sslstrip receives the traffic and does its magic. Development The current development branch can be found on github.
How to Connect Free OpenVPN in TcpVPN.com – How to Tunnel Connection First, You need to download software to connect the vpn, you can visit the website : Or if you at tcvpn.com you can follow these instruction by clicking “ Download Software “ Then you will be directed to the download site , Choose the right device you have , Personally im using Windows , If you’re using windows click on the windows button. Then you will directed again to the openvpn site,On the site you must choose what your Windows version , If you using XP 32 Bit Click On it. If you using Windows XP 64 Bit Click the bottom of Windows XP 32 Bit. But, If you using Windwos Vista or later Version 32 Bit Click on the bottom of Windows XP 64 Bit. Finish. Thanks for using TCVPN.com. . Software >> sslsniff Some History This tool was originally written to demonstrate and exploit IE's vulnerabilityto a specific "basicConstraints" man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes. It is designed to MITM all SSL connections on a LAN, and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide. The New Scoop Version 0.6 has been significantly updated to additionally support the null-prefix attacks that I demonstrated at BlackHat 09 and Defcon 17. sslsniff has also been updated to support the OCSP attacks that I published at Blackhat 09 and Defcon 17, thus making the revocation of null-prefix certificates very difficult. sslsniff is useful for deploying other vulnerabilities as well. Installing sslsniff Running sslsniff
Hping - Active Network Security Tool