Archive | Hacking Tools


09 October 2006 | 12,740 views

Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and […]

Continue Reading


04 October 2006 | 11,964 views

Echo Mirage – A Generic Network Proxy

Echo Mirage is a generic network proxy. It uses DLL injection and function hooking to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Think of it as Odysseus (or Burp, if you prefer) that will proxy (almost) anything… Windows encryption and OpenSSL functions are […]

Continue Reading


02 October 2006 | 22,047 views

arp-sk – ARP Swiss Army Knife Tool

arp-sk is basically an ARP Traffic Generation Tool. It’s quite old but still very useful! There are 2 basics mode: – who-has: build a request ARP message. – reply: build a reply ARP message (default) Other advanced modes should come very soon – arping: send a who-has to every host on the LAN to see […]

Continue Reading


01 October 2006 | 16,202 views

BeEF – Browser Exploitation Framework

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]

Continue Reading


28 September 2006 | 9,449 views

Security Compass Web Application Analysis Tool – SWAAT

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature […]

Continue Reading


22 September 2006 | 5,272 views

SIFT Web Method Search Tool

SIFT has just published a world-first tool for identifying rogue web methods. The Web Method Search tool is a Windows based application that uses a hybrid dictionary attack in an attempt to find unpublished administrative and other web services functions. As web services are becoming more prevalent, poor security practices from previous generations of application […]

Continue Reading


11 September 2006 | 69,361 views

LCP – A Good FREE Alternative to L0phtcrack (LC5)

Since Symantec stopped development of L0phtcrack many people have been looking for alternatives. So don’t forget.. Jack the Ripper is still king Medusa is good Ophcrack for Rainbow Tables And now one more, introducting LCP, which we have talked about before in the article Password Cracking with Rainbowcrack and Rainbow Tables. LCP is freeware! The […]

Continue Reading


06 September 2006 | 1,068,298 views

Brutus Password Cracker – Download brutus-aet2.zip AET2

If you don’t know, Brutus is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made […]

Continue Reading


30 August 2006 | 7,507 views

AttackAPI 0.5 – JavaScript Security Tools

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors. The project was primary inspired by the JythonShell applet. At its very early stage AttackAPI was a single extensible web enabled python console with a few modules. The 0.5 release of AttackAPI is purely JavaScript based. This is not a shift in the […]

Continue Reading


07 August 2006 | 11,558 views

Wapiti – Web Application Scanner / Black-box testing

Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, […]

Continue Reading