Hacking tools ( very basic)

Hacking tools ( very basic)

1. Nmap

I think everyone has heard of this one, recently evolved into the 4.x series.

Nmap (Network Mapper) is a free open source utility for network exploration
or security auditing. It was designed to rapidly scan large networks, although
it works fine against single hosts. Nmap uses raw IP packets in novel ways to
determine what hosts are available on the network, what services (application
name and version) those hosts are offering, what operating systems (and OS
versions) they are running, what type of packet filters/firewalls are in use,
and dozens of other characteristics. Nmap runs on most types of computers and
both console and graphical versions are available. Nmap is free and open source.

Can be used by beginners (-sT) or by pros alike (packet_trace). A very
versatile tool, once you fully understand the results.

Get Nmap here:

http://www.insecure.org/nmap/download.html

2. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client-
server framework.

Nessus is the worlds most popular vulnerability scanner used in over 75,000
organizations world-wide. Many of the worlds largest organizations are
realizing significant cost savings by using Nessus to audit business-critical
enterprise devices and applications.

Get Nessus Here – http://www.nessus.org/download/

3. John the Ripper

Yes, JTR 1.7 was recently released!

John the Ripper is a fast password cracker, currently available for many
flavors of Unix (11 are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect
weak Unix passwords. Besides several crypt(3) password hash types most commonly
found on various Unix flavors, supported out of the box are Kerberos AFS and
Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR Here – http://www.openwall.com/john/

4. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive
tests against web servers for multiple items, including over 3200 potentially
dangerous files/CGIs, versions on over 625 servers, and version specific
problems on over 230 servers. Scan items and plugins are frequently updated and
can be automatically updated (if desired).

Nikto is a good CGI scanner, there are some other tools that go well with Nikto
(focus on http fingerprinting or Google hacking/info gathering etc, another
article for just those).

Get Nikto Here –http://www.cirt.net/code/nikto.shtml 

5. SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the
highly popular Windows port scanning tool, SuperScan.

If you need an alternative for nmap on Windows with a decent interface, I
suggest you check this out, it’s pretty nice.

Get Super Scan Here – http://www.foundstone.com/index.htm subnav=resources/navigation.htm&subcontent=/resources/proddesc/superscan4.htm 

6. p0f

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the
operating system on:

- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot connect to (RST+ mode),
- machines whose communications you can observe.

Basically it can fingerprint anything, just by listening, it doesn’t make ANY
active connections to the target machine.

Get p0f Here – http://lcamtuf.coredump.cx/p0f/p0f.shtml

7. Wireshark (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you
capture and interactively browse the contents of network frames. The goal of
the project is to create a commercial-quality analyzer for Unix and to give
Wireshark features that are missing from closed-source sniffers.

Works great on both Linux and Windows (with a GUI), easy to use and can
reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark Here – http://www.wireshark.org/

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in
different Layer 2 protocols. It pretends to be a solid framework for analyzing
and testing the deployed networks and systems. Currently, the following network
protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery
Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration
Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch
Link Protocol (ISL), VLAN Trunking Protocol (VTP).

The best Layer 2 kit there is.

Get Yersinia Here – http://yersinia.sourceforge.net/

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to
completely remove sensitive data from your hard drive by overwriting it several
times with carefully selected patterns. Works with Windows 95, 98, ME, NT,
2000, XP and DOS. Eraser is Free software and its source code is released under
GNU General Public License.

An excellent tool for keeping your data really safe, if you’ve deleted it..make
sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser Here – http://www.heidi.ie/eraser/download.php

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms,
along with an xterm terminal emulator. A must have for any h4. 0r wanting to
telnet or SSH from Windows without having to use the crappy default MS command
line clients.

Get PuTTY Here. – http://www.chiark.greenend.org.uk/~sgtatham/putty/

 

 Hacking Tools

1. LCP

Main purpose of LCP program is user account passwords auditing and recovery in
Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute
force session distribution, Hashes computing.

A good free alternative to L0phtcrack.

LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack
article.

Get LCP Here – http://www.lcpsoft.com/english/download.htm

2. Cain and Abel

My personal favourite for password cracking of any kind.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It
allows easy recovery of various kind of passwords by sniffing the network,
cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis
attacks, recording VoIP conversations, decoding scrambled passwords, revealing
password boxes, uncovering cached passwords and analyzing routing protocols.
The program does not exploit any software vulnerabilities or bugs that could
not be fixed with little effort.

Get Cain and Abel Here – http://www.oxid.it/cain.html

3. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion
detection system. Kismet will work with any wireless card which supports raw
monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

A good wireless tool as long as your card supports rfmon (look for an orinocco
gold).

Get Kismet Here – http://www.kismetwireless.net/download.shtml

4. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux
counterparts, but it’s easy to use and has a nice interface, good for the
basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area
Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

Verify that your network is set up the way you intended.
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network.
Detect unauthorized rogue access points in your workplace.
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.

Get NetStumbler Here – http://www.stumbler.net/

5. hping

To finish off, something a little more advanced if you want to test your TCP/IP
packet monkey skills.

hping is a command-line oriented TCP/IP packet assembler/analyzer. The
interface is inspired to the ping unix command, but hping isn’t only able to
send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a
traceroute mode, the ability to send files between a covered channel, and many
other features.

Get hping Here – http://www.hping.org/

simple way to view saved facebook account password ?

simple way to view saved facebook account password ?

Whenever someone select remember password in facebook login form,the passwords will be automatically filled.  But the problem is that we can login but can not see the password.  Because the password will be shown as "astersik characters"(*).  Here is the trick to crack that also.

Visit facebook site which remembers passwords and show astersik characters in password box.

Copy the following code

javascript:alert(document.getElementById('pass').value);

Paste in the address bar.

Press enter key

Now the hidden password behind the astersik character will be shown.

How to view saved password in google chrome ?

How to view saved password in google chrome ?

 Open Google Chrome

    Copy the following code

    chrome://settings/passwords
    Paste in the address bar.
    Press enter key
    Then list of all websites whose passwords are saved on browser will be listed.
    Click on show to view those passwords.
    Now the hidden password behind the astersik character will be shown.

Best encryption for network security.

Best encryption for network security.

Encrypt or Decrypt sensitive data using AES/DES/RCA encryptors (security tools).

http://crypo.in.ua/tools/

Common Methods for Hacking :

Common Methods for Hacking :

This comprises of either taking control over terminal(or Server) or render it useless or to crash it.. following methods are used from a long time and are still used..

1. Denial of Service -

DoS attacks give hackers a way to bring down a network without gaining internal access. DoS attacks work by flooding the access routers with bogus traffic(which can be e-mail or Transmission Control Protocol, TCP, packets).

2. Distributed DoSs -

Distributed DoSs (DDoSs) are coordinated DoS attacks from multiple sources. A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.

3. Sniffing -

Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.

4. Spoofing -

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping

5. SQL injection -

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. It uses normal SQL commands to get into database with elivated privellages..

6. Viruses and Worms -

Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.

7. Back Doors -

Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in the network.

So, not interested in these stuffs.. huh??? wait there is more for you.. So, how about the one related to hacking the passwords of email and doing some more exciting stuffs.. The various methods employed for this are:

8. Trojan Horses -

Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the software can take the full control over the system and you can remotely control the whole system.. great..!!! They are also reffered as RATs(Remote Administration tools)

9. Keyloggers -

Consider the situation, everything you type in the system is mailed to the hacker..!! Wouldn't it be easy to track your password from that.. Keyloggers perform similar functionallities.. So next time you type anything.. Beware..!! Have already posted about keyloggers and ways to protect yourself from them..

10. BruteForcing -

The longest and most tiring job.. don't even consider this if you don't know the SET of password for your victim..

11. Secret Question -

According to a survey done by security companies, it is found that rather than helping the legitimate users the security questions are more useful to the hackers.. So if you know the victim well try this..

12. Social Engineering -

Ya this was one of the oldest trick to hack.. Try to convince your user that you are a legitimate person from the system and needs your password for the continuation of the service or some maintainence.. This won't work now since most of the users are now aware about the Scam.. But this Social Engginering concept is must for you to have to convince victim for many reasons..!!!

13. Phishing -

This is another type of keylogging, here you have to bring the user to a webpage created by you resembling the legitimate one and get him to enter his password, to get the same in your mail box..!! Use social engginering..

14. Fake Messengers -

So its a form of phishing in the application format.. getting user, to enter the login info in the software and check your maill..!!!

15. Cookie Stealer -

Here the cookie saved by the sites are taken and decoded and if you get lucky.. You have the password..!!!

Hmmm.. not satisfied with single account at a time..?? so there are ways to hack lots of accounts together.. I know few but there exists many..!! listed are the ones i know and will teach you in coming posts...

16. DNS Poisoning or PHARMING -

So, phisihing is a tough job.. isn't it..?? convincing someone to enter their password at your page..?? what if you don't have to convince..?? what if they are directed automatically to your site without having a clue..?? Nice huh..?? Pharming does the same for you.. More about it in my next post..

17. Whaling -

This method gets you the password of the accounts which are used by the hackers to recive the passwords.. So you just have to hack one ID, which is simplest method( Easy then hacking any other account, will tell you how in coming posts..) and you will have loads of passwords and so loads of accounts at your mercy..!!!

This is for Educational Purpose only........

Web Application Exploiter (WAppEx)

Web Application Exploiter (WAppEx)

WAppEx is an integrated Web Application security assessment and exploitation platform designed with the whole spectrum of security professionals to web application hobbyists in mind. It suggests a security assessment model which revolves around an extensible exploit database. Further, it complements the power with various tools required to perform all stages of a web application attack.

The Exploit Database contains the all the logic associated with trivial fingerprinting, exploitation techniques, and payloads that address a wide range of web application vulnerabilities with the emphasis being on high-risk and zero-day vulnerabilities.

Some of the vulnerabilities already bundled within the Exploit Database include Local File Disclosure (LFD), Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL Injection (SQLI), Remote OS Command Execution (RCE), and Server-side Code Injection (SCI). WAppEx can detect these vulnerabilities in a target, take full advantage of it, and through neatly designed payload codes get as much access to the exploited target as possible in as short a time as possible. Some of the payloads included within the database are various reverse shells, arbitrary code execution, command execution, arbitrary file upload…

Since all the attack logic rests in the form of scripts within the Exploit Database, it is easily extensible, flexible and updatable through community servers. Users, too, can add mature, sophisticated exploits and payloads in the same fashion. The database grows on a daily basis, and our dedicated team of research and development are working non-stop to maintain the richest, most up-to-date aggregate of exploits. The number of exploits is soon bound to surpass hundreds. Meanwhile, users can share their own created exploits and payloads with the community and contribute to this growing momentum.

The scripting language used to create new exploits and payloads is JavaScript with the addition of a few accessory objects and functions that automate daily penetration testing tasks and help integrate the script with the database. Using this feature, you can easily create and execute an exploit based on a newly discovered vulnerability.

WAppEx is also equipped with a penetration testing toolbox that makes an effective synergy with the Exploit Database and a crafty security expert. The provided tools include Manual Request, Exploit Editor, Dork Finder, Hidden File Checker… More tools, such as a crawler, a multi-purpose fuzzer… are to be added to the arsenal in the future releases of WAppEx.

Still, keep your eyes peeled as this is just the beginning of a new, powerful war machine in the pentest battleground.

Download and Source

A tcpdump Tutorial and Primer

A tcpdump Tutorial and Primerer

Image from securitywizardry.com

Read more

credit and source 

PenTBox - tool

 PenTBox is a security suite
 

Download :- http://www.pentbox.net/download-pentbox/

PenTBox is a security suite that can be used in penetration testing engagements to perform a variety of activities.Specifically these activities include from cracking hashes,DNS enumeration and stress testing to HTTP directory brute force.In this article we will see this tool in action and what kind of results we can have.

PenTbox – Menu

Cryptography Tools

PenTBox currently includes the following four cryptography tools:

1.     Base64 Encoder & Decoder

2.     Multi-Digest

3.     Hash Password Cracker

4.     Secure Password Generator

Especially in web application penetration tests we often discover encoded Base64 strings.Such strings can contain important information that’s why we need to have a decoder in our tool repository.Many tools now have integrated a Base64 Encoder-Decoder like Burp but PenTBox has also a Base64 decoder in his suite.

Base64 Encoder-Decoder

In case that we have obtain a password hash PenTBox provides a module that can crack different types of password hashes.The Hash Password Cracker can crack common password hashes very fast so it is a good practice to try it in any case.In the next image we can see that the Hash Password Cracker has managed to crack an MD5 hash.

Hash Cracker Module – PenTBox

Network Tools

In this category there are tools for stress testing,fuzzing and information gathering.Specifically the tools that we can find here are the following:

1.     Net DoS Tester

2.     TCP Port Scanner

3.     Honeypot

4.     Fuzzer

5.     DNS and Host Gathering

6.     MAC Address Geo-location

Even though that most penetration testers will use Nmap for their port scanning activities a simple TCP port scanner is available and through PenTBox.

PenTBox – TCP Port Scanner

Also a very fast module that can collect information about a specific host can be used for our information gathering activities.A sample of the output of this module can be seen in the next image:

DNS & Host Gathering – PenTBox

Web

PenTBox includes also and tools for web reconnaissance.Specifically it contains two tools for directory brute forcing and for discovering common files that exists in web servers.In the next image you can see the directory brute forcing tool in action.

Directory Brute Force – PenTBox

 Source and download