Packet Life John the Ripper password cracker John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. Unfortunately, its overall quality is lower than the official version's. Requires OpenSSL. To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. Contributed resources for John the Ripper:
SampleCaptures Sample Captures So you're at home tonight, having just installed Wireshark. You want to take the program for a test drive. But your home LAN doesn't have any interesting or exotic packets on it? Here's some goodies to try. Please note that if for some reason your version of Wireshark doesn't have zlib support, you'll have to gunzip any file with a .gz extension. If you don't see what you want here, that doesn't mean you're out of luck; look at some of the other sources listed below, such as How to add a new Capture File If you want to include a new example capture file, you should attach it to this page (click 'attachments' in header above). Please don't just attach your capture file to the page without putting an attachment link in the page, in the format attachment:filename.ext; if you don't put an attachment link in the page, it's not obvious that the capture file is available. Other Sources of Capture Files General / Unsorted dns.cap (libpcap) Various DNS lookups.
Network Monitor Experts are tools that can be run directly from the Network Monitor Application. They provide external analysis of live or previously captured network traffic. These experts can help troubleshoot specific problems or provide more information to help you narrow down an issue. The following site has a list of the currently available experts and is where you are directed when you select "Download Experts" from the Expert Menu in the Network Monitor application. There you'll also find an SDK which contains a sample and further documentation to help you create your own experts. Network Monitor Experts on CodePlex The Network Monitor Parsers are constantly evolving and being updated based on changes to documentation and bug fixes.
Ghostery Open Port Check Tool FreeSWITCH | Communication Consolidation PCAP files from the US National CyberWatch Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) The U.S. National CyberWatch Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) is a unique experience for college and university students to test their cybersecurity knowledge and skills in a competitive environment. The MACCDC takes great pride in being one of the premier events of this type in the United States. While similar to other cyber defense competitions in many aspects, the MA CCDC, as part of the National CCDC, is unique in that it focuses on the operational aspects of managing and protecting an existing network infrastructure. MACCDC official website:
Techniques de scan de ports -sS(Scan TCP SYN) Le scan SYN est celui par défaut et le plus populaire pour de bonnes raisons. Il peut être exécuté rapidement et scanner des milliers de ports par seconde sur un réseau rapide lorsqu'il n'est pas entravé par des pare-feux. Le scan SYN est relativement discret et furtif, vu qu'il ne termine jamais les connexions TCP. Il marche également contre toute pile respectant TCP, au lieu de dépendre des particularités environnementales spécifiques comme les scans Fin/Null/Xmas, Maimon ou Idle le sont. Cette technique est souvent appelée le scan demi-ouvert (half-open scanning), car il n'établi pas pleinement la connexion TCP. -sT(Scan TCP connect()) Le scan TCP connect() est le type de scan par défaut quand le SYN n'est pas utilisable. Si le scan SYN est disponible, il vaut mieux l'utiliser. -sU(Scan UDP) Même si les services les plus connus d'Internet son basés sur le protocole TCP, les services UDP sont aussi largement utilisés. Le scan UDP est activé avec l'option-sU.
pyrit - WPA/WPA2-PSK and a world of affordable many-core platforms Pyrit allows to create massive databases, pre-computing part of the IEEE 802.11 WPA/WPA2-PSK authentication phase in a space-time-tradeoff. Exploiting the computational power of Many-Core- and other platforms through ATI-Stream, Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of the world's most used security-protocols. WPA/WPA2-PSK is a subset of IEEE 802.11 WPA/WPA2 that skips the complex task of key distribution and client authentication by assigning every participating party the same pre shared key. The author does not encourage or support using Pyrit for the infringement of peoples' communication-privacy. Pyrit is free software - free as in freedom. Attacking WPA/WPA2 by brute-force boils down to to computing Pairwise Master Keys as fast as possible. The following graph shows an example of multiple computational nodes accessing a single storage server over various ways provided by Pyrit: See
Nessus From the beginning, we've worked hand-in-hand with the security community. We continuously optimize Nessus based on community feedback to make it the most accurate and comprehensive vulnerability assessment solution in the market. 20 years later and we're still laser focused on community collaboration and product innovation to provide the most accurate and complete vulnerability data - so you don't miss critical issues which could put your organization at risk. Today, Nessus is trusted by more than 27,000 organizations worldwide as one of the most widely deployed security technologies on the planet - and the gold standard for vulnerability assessment. 1 in Accuracy Nessus has the industry's lowest false positive rate with six-sigma accuracy. 1 in Coverage Nessus has the deepest and broadest vulnerability coverage in the industry. 100+ new plugins released weekly 1 in Adoption Nessus is trusted by more than 27,000 organizations, with 2 million downloads worldwide. 1 in Hearts and Minds