Archive | Hacking Tools


19 May 2006 | 10,438 views

Paros Proxy 3.2.12 Released – MITM HTTP and HTTPS Proxy

Paros 3.2.12 is released. This version is a maintenance release which fix a potental 100% cpu consumption issue. All users are recommended to upgrade to this version. The changes are: – Use newest external library for HTTP handling. – Enable/disable spider to POST forms in options panel to avoid generating unwanted traffic (default to enable). [...]

Continue Reading


18 May 2006 | 11,188 views

Sprajax – An Open Source AJAX Security Scanner

Denim Group Ltd. announced today the public release of Sprajax, an open source web application security scanner developed to assess the security of AJAX-enabled web applications. Sprajax is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Denim Group, an IT consultancy specializing in web application security, recognized that [...]

Continue Reading


17 May 2006 | 5,306 views

Source Code & Software Security Analysis with BogoSec

Bogosec is essentially a tool for finding security vulnerabilities in source code. BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively. BogoSec is a [...]

Continue Reading


16 May 2006 | 39,067 views

Anonymity – Hiding Your Identity in 2006

Introduction Anonymity is derived from the greek word ἀνωνυμία (anonymia), meaning without a name or name-less. In colloquial use, the term typically refers to a person, and often means that the Ppersonal identity, or personally identifiable information of that person is not known. The main question is of course, what are you trying to hide? [...]

Continue Reading


10 May 2006 | 25,048 views

SecureDVD – Multiboot Live Security Distro’s

SecureDVD is a DVD with the 10 Best Security related Live CD’s. Yes that’s right, they authored this DVD based on the recommendations made by Darknet! Now you can have all your favorite CDs ‘compiled’ into a single DVD. I love this idea. SecureDVD is available to download, but due to it’s size, only in [...]

Continue Reading


08 May 2006 | 8,163 views

SinFP – Next Generation OS Detection Tool

OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2. SinFP is a new approach to [...]

Continue Reading


03 May 2006 | 71,136 views

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. While [...]

Continue Reading


28 April 2006 | 20,702 views

Paros Proxy 3.2.11 Released – MITM HTTP and HTTPS Proxy

Paros 3.2.11 has been released. This version is a maintenance release with a useful feature requested by various users. All users are recommended to upgrade to this version. One of my favourite proxy options, along side the Burp Proxy (evolved into Burp Suite). Paros labels itself as MITM Proxy + Spider + Scanner plus anything [...]

Continue Reading


27 April 2006 | 12,656 views

Oracle Releases a Default Password Scanner

Oracle is getting serious with security? Again..? Oracle Corp. has published a collection of software patches that address security vulnerabilities in a range of the company’s products, including its database and application server software. As part of this update, it also released a tool designed to ferret out commonly used default passwords that theoretically could [...]

Continue Reading


26 April 2006 | 35,015 views

Alternatives to FrSIRT – Where to Download Exploits?

Since FrSIRT closed it’s public archives and starting charging for access (blaming it on French laws…), people have been wondering where they can their dose of Exploits..For legitimate purposes obviously. Security Forest The most comprehensive collection in my opinion comes from SecurityForest. They also have a BETA exploitation framework in development, something like a Metasploit, [...]

Continue Reading