Category Archives: Tools
WiFiKill v1.7 – WiFi EjeCtOr
If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. This is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can get rid of network hoggers. It gives option to redirect HTTP traffic to specific IP, this feature can be used even to do phishing smartly. Changelog: – fixed the counter bug (I hope for the last time) – added an option to redirect HTTP traffic to specific IP (caution! this may lead to significant CPU load) – now successful kills are tagged by green icon on the left of IP (this is not 100% correct)
Network Security Toolkit v2.16.0-4104 Released
The Network Security Toolkit is bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.
Yaptest – Penetration Framework
- Run nikto on anything nmap thinks is an HTTP service
- Run hydra on every host with TCP port 21 open
- Attempt upload a file to any TFTP servers found
- Run onesixtyone on all hosts that are up
- Try metasploit’s solaris_kcms_readfile exploit against any hosts running kcmsd
ARPwner – 2Side Poisoning Tool
Volatility 2.2 Framework –
- Current date, time, CPU count, CPU speed, service pack
- Current thread and idle thread
- Addresses of the KDBG, KPCR, DTB, PsActiveProcessHead, PsLoadedModuleList, etc
- List active processes (column or tree view)
- Scan for hidden or terminated _EPROCESS objects (using pool tags or _DISPATCHER_HEADER)
- Enumerate DLLs in the PEB LDR lists
- Rebuild/extract DLLs or EXEs to disk based on name, base address, or physical offset
- Print open handles to files, registry keys, mutexes, threads, processes, etc
- List security identifiers (SIDs) for processes
- Scan for cmd.exe command history and full console input/output buffers
- List process environment variables
- Print PE version information from processes or DLLs (file version, company name, etc)
- Enumerate imported and exported API functions anywhere in process or kernel memory
- Show a list of virtual and physical mappings of all pages available to a process
- Dump process address space to disk as a single file
- Analyze Virtual Address Descriptor (VAD) nodes, show page protection, flags, and mapped files
- Represent the VAD in tree form or Graphviz .dot graphs
- Dump each VAD range to disk for inspecting with external tools
- Parse XP/2003 event log records
- Link strings found at physical offsets to their owning kernel address or process
- Interactive shell with disassembly, type display, hexdumps, etc
- And Much More , More Than Your Imagination ~
Server Analyser : Simple Server Malware Scanner
Server Analyser is a service for detecting and analyzing web-based threats. It currently handles shells, obfuscated JavaScript, Executables, Iframes and port scans.
Whonix ALPHA 0.4.5 – Anonymous Virtual operating system
- All applications, including those, which do not support proxy settings, will automatically be routed through Tor.
- Installation of any software package possible.
- Safe hosting of Hidden services possible.
- Protection against side channel attacks, no IP or DNS leaks possible^3^ To test for leaks, see LeakTests.
- Advantage over Live CD’s: Tor’s data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save it’s Entry Guards.
- Java / JavaScript / flash / Browser Plugins / misconfigured applications cannot leak your real external IP.
- Whonix does even protect against root exploits (Malware with root rights) on the Workstation.
- Uses only Free Software.
- Building Whonix from source is easy.
- Tor+Vidalia and Tor Browser are not running inside the same machine. That means that for example an exploit in the browser can’t affect the integrity of the Tor process.
- It is possible to use Whonix setup in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
- Loads of Optional Configurations (additional features / Add-Ons) available.
- Best possible Protocol-Leak-Protection and Fingerprinting-Protection.
THC IPv6 Attack Toolkit v2.0
Arachni version 0.4.1.1
Arachni scanner updated to version 0.4.1.1 !! Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives.
- Auditor#log and Auditor#log_remote_file bugfixed to pass a Hash of the response headers instead of a String — also solving another bug causing response bodies not to be logged in the Issues. [Issue #294]
- Issue — Response headers are now always Hash.
- Reports
- HTML — Removed response headers handling code and added the option to not include HTTP response bodies. [Issue #296]
- XML — Removed response headers handling code and added the option to not include HTTP response bodies. [Issue #296]
- HTTP debugging output now includes Response data. [Issue #297]
- Executables
- arachni_rpcd_monitor — Laxed standards enforced on the Dispatcher URL argument. [Issue #293]
- Path extractors
- Added path extractor for the area HTML tag (href attribute). [Issue #300]