Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) Setup tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 (optional) sudo python . Running sslstrip That should do it. How does this work? First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. At this point, sslstrip receives the traffic and does its magic. Development The current development branch can be found on github.
Scapy The Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community. The Social-Engineer Toolkit has over 2 million downloads and is aimed at leveraging advanced technological attacks in a social-engineering type environment. SET is included in the latest version of the most popular Linux distribution focused on security, Back|Track. git clone set/ Below are some videos on SET: Defcon 20 – Owning One to Rule Them All – Dave Kennedy and Dave DeSimone DerbyCon 1 – Adaptive Penetration Testing ft. Defcon 19 – Pentesting over Powerlines The Social-Engineer Toolkit v3.3 release.
Tortilla – Un outil capable de router tout le trafic TCP/IP et DNS d’une machine Windows via TOR Tor est une invention formidable (Et Jacob Appelbaum mériterait bien un prix Nobel tiens...) et qui pourtant, sous Windows est mal exploité. En effet, à part le Tor Bundle (Tor + Firefox), qui permet de surfer de manière anonymisée, il n'existe rien d'autre. Dès qu'on sort d'un navigateur ou d'un logiciel qui supporte nativement les proxys Socks ou HTTP, il n'est plus possible d'utiliser Tor. Il n'est pas possible non plus d'utiliser Flash par exemple puisque ce dernier est un plugin étranger au navigateur... Autre exemple, les chercheurs qui analysent les malwares sous Windows se retrouvent vite dépourvus et leur IP peut rapidement se retrouver aux mains des pirates. Il est bien sûr possible de rerouter tout le trafic d'une machine pour le passer via Tor mais uniquement si on est sous GNU/Linux. C'est pourquoi, Jason Geffner a mis au point un outil qui va permettre de faire transiter par TOR, de manière sécurisée, anonyme et transparente, tout le trafic TCP/IP et DNS d'une machine.
Android malware that gives hackers remote control is on rise Remote access tools have long been a major part of targeted hacker attacks on individuals and corporate networks. RATs have been used for everything from hacking the e-mail boxes of New York Times reporters to capturing video and audio of victims over their webcams. Recently, wireless broadband and the power of smartphones and tablets have extended hackers’ reach beyond the desktop. In a blog post yesterday, Symantec Senior Software Engineer Andrea Lelli described the rise of an underground market for malware tools based on Androrat, a remote administration tool that can give an attacker complete control over devices running the Android OS. Androrat was published on GitHub in November 2012 as an open source tool for remote administration of Android devices. Packaged as a standard Android application (in an APK file), Androrat can be installed as a service on the device that launches at start-up or as a standard “activity” application. Hackers have taken Androrat’s code and run with it.
Un outil Android qui aspire les mots de passe des PCs Un outil Android qui aspire les mots de passe des PCs Je vous parlais la dernière fois des prises USB qui pouvaient aspirer le contenu de votre téléphone. Et bien voici un exemple concret de situation inverse, où c'est le téléphone qui pompe les infos de l'ordinateur. Il s'agit d'USBCleaver un outil découvert par F-Secure, qui une fois installé sur un téléphone Android, se permet d'aspirer les mots de passe des navigateurs Firefox, Chrome et Internet Explorer ainsi que les mots de passe wifi et les infos réseau du PC. Vous l'aurez compris, il faut bien évidemment que la machine soit sous Windows et que le téléphone Android soit branché sur le port USB de l'ordinateur pour que cela fonctionne. Cette application ne représente pas un énorme danger puisque sur les machines récentes, l'autorun n'est pas actif et sur les machines plus anciennes, il faut installer les drivers Android pour que le téléphone soit reconnu. L'idée reste sympa quand même. Vous avez aimé cet article ?
SSL Survey Netcraft’s SSL Survey examines the use of encrypted transactions on the Web through extensive automated exploration of the internet. Each month it provides timely answers to questions such as: How many companies are doing encrypted transactions over the internet?How many more companies are using SSL compared to the previous 12 months? Who should buy it? Certificate authoritiesServer and hardware accelerator vendorsWeb hosting companiesBanks and financial institutionsSoftware vendors developing for the electronic commerce marketBrokerages, venture capitalists, and fund management firms investing in these companiesLegislators, Government officials, the Military, and Privacy groupsAnyone tracking the growth of ecommerce and encrypted communications on the internet Certificates Authority Share, May 2013 In May 2013, more than one third of all trusted SSL certificates were issued by the market leader, Symantec. Operating system share for SSL sites, to May 2013 What do I get? The analysis includes:
HackerTarget – Faites votre propre audit de sécurité HackerTarget – Faites votre propre audit de sécurité Si vous voulez tester la sécurité de votre site, je vous invite à vous rendre sur le site HackerTarget qui propose une série de scans gratuits : Pour les CMS Drupal, Joomla et WordPressPour les ports de votre serveurPour les vulnérabilités de vos servicesPour les injections SQLPour les problèmes de configuration ou de scriptsPour faire du fingerprint (déterminer les versions de vos logiciels)Pour en savoir plus sur votre domainePour obtenir des infos sur vos CMS, fameworks, serveur, emplacement géographique...Etc HackerTarget ne nécessite pas d'inscription, juste une adresse email valide sur laquelle vous recevrez vos rapports de scan. Evidemment, rien ne vous interdit de scanner des serveurs qui ne vous appartiennent pas, mais dans certains pays comme la France, ce n'est pas légal, donc soyez prudent. Kaloid Editions a d'ailleur mis en ligne un ebook pour apprendre à sécuriser WordPress. [Source et Photo] Vous avez aimé cet article ?
Vulnerability Scanners and Free IP Tools | HackerTarget.com Knowing what services are running on your systems, and being able to identify if and when any of those services change, is the first step in securing your network. Get immediate online access to open source vulnerability scanning tools for testing of web applications, Internet servers and IP networks. In addition to the selection of vulnerability scanners we also have Free access to a number of IP Tools that can be used for troubleshooting, research and information gathering when conducting a security assessment. Security tools offered here are used by security professionals, web masters system administrators and geeks from over 120 countries around the world. Over the past 5 years HackerTarget.com has scanned over 340,000 IP addresses. The BASIC membership is a forever plan with access to 9 of the 12 security scanners; the OpenVas, SQL Injection Test and the Nikto Web Site scanners are restricted to silver or gold members of the site as they are more aggressive security tests.
Transformez votre téléphone Android en hacking machine Transformez votre téléphone Android en hacking machine C'est une application qui sera normalement bientôt disponible sur l'Android Market en version light gratuite ou en version complète pour 10 $ et ça risque de faire un carton... Car Anti (c'est son nom - Android Network Toolkit) est un véritable couteau suisse pour hackers (black hat, white hat, grey hat ou rainbow hat ;-)) Développée par zImperium, une boite de sécu Israélienne, cette application a été présentée lors de la Defcon et permet plusieurs choses : Recherche de cibles vulnérables (scans réseau, scan de vulns)Connexion simple ou attaque contre ces cibles (exploits)Espionnage (sniffing, écoute téléphonique via un Man in the middle...etc) Il devient alors possible de hacker un bon vieux Windows (and co), mais aussi des téléphones Android ou iPhone disposant de vulnérabilités (donc pas mis à jour). Reste à voir si Google approuvera Anti sur son market. [Source et photo] Vous avez aimé cet article ?
WarVOX: Introduction satmap ` A feedhunter's visualisation tool. history In the nineties, I ran a company called AL Digital, with my partners Ben Laurie and Dominic Hawken. Our business involved, amongst other things, recording voice-overs and other audio for AV projects, and so we built ourselves a studio in our Chiswick office. Dominic was also a musician, and he had various projects going on which involved visiting bands and other musicians, so we decided we needed a Green Room for them to hang out in. This, of course, needed some form of entertainment in it, so we had a TV with a playstation and satellite feed etc. While setting up the satellite channels, we quickly discovered the joys of 'feedhunting'. However, the process was time consuming and frustrating. Happily, the receiver was reasonably high-end and had an external interface so it could be computer controlled. Ben wrote some code that produced this graphic by pointing the dish at each possible location and scanning all available frequencies: objectives
Support :: ESET Rootkit Detector Beta ESET Support ESET Rootkit Detector Beta What can rootkit do? A rootkit is a stealthy type of malicious software designed to lie hidden on computers and remain undetected by antivirus software. It enables continued administrative access to a computer, allowing access to your personal information. Why do I need this? The code for creating rootkit is nowadays available online. What is the ESET Rootkit Detector? ESET Rootkit Detector is a small app file. Why did we develop ESET Rootkit Detector? In the last year we have seen rootkit targeting OS X and keeping users safe while online is our mission. Learn more at Mac Malware Facts page Processor Architecture: 32bit x86 or 64bit x64, Intel® Operating Systems: Mac OS X 10.8.x (Mountain Lion) Mac OS X 10.7.x (Lion) Mac OS X 10.6.x (Snow Leopard) More information: ESET Knowledgebase
drk1wi/portspoof