Archive | Hacking Tools


03 May 2006 | 71,328 views

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. While [...]

Continue Reading


28 April 2006 | 20,714 views

Paros Proxy 3.2.11 Released – MITM HTTP and HTTPS Proxy

Paros 3.2.11 has been released. This version is a maintenance release with a useful feature requested by various users. All users are recommended to upgrade to this version. One of my favourite proxy options, along side the Burp Proxy (evolved into Burp Suite). Paros labels itself as MITM Proxy + Spider + Scanner plus anything [...]

Continue Reading


27 April 2006 | 12,659 views

Oracle Releases a Default Password Scanner

Oracle is getting serious with security? Again..? Oracle Corp. has published a collection of software patches that address security vulnerabilities in a range of the company’s products, including its database and application server software. As part of this update, it also released a tool designed to ferret out commonly used default passwords that theoretically could [...]

Continue Reading


26 April 2006 | 35,019 views

Alternatives to FrSIRT – Where to Download Exploits?

Since FrSIRT closed it’s public archives and starting charging for access (blaming it on French laws…), people have been wondering where they can their dose of Exploits..For legitimate purposes obviously. Security Forest The most comprehensive collection in my opinion comes from SecurityForest. They also have a BETA exploitation framework in development, something like a Metasploit, [...]

Continue Reading


20 April 2006 | 22,590 views

Symantec Dumps L0phtcrack Password Cracker

Man this blows. It seems it happened quite a while ago, I only just found out about it recently though when I was checking to see if L0phtcrack had been updated past version 5. Symantec has quietly pulled the plug on sales of L0phtCrack, the venerable password auditing and recovery application. The decision to discontinue [...]

Continue Reading


17 April 2006 | 1,865,486 views

Top 15 Security/Hacking Tools & Utilities

1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to [...]

Continue Reading


14 April 2006 | 53,704 views

bsqlbf 1.1 – Blind SQL Injection Tool

bsqlbf is a tool for Blind SQL Injection attacks, a pretty nifty one too! The author says there are similar tools about, but he’s tried to combine all the techniques into one compact but complete tool. # CHANGELOG: # -get now support resume (with -start option) # -get to fetch files (thank you ilo AGAIN) [...]

Continue Reading


12 April 2006 | 21,702 views

Paros Proxy 3.2.10 Released – MITM HTTP and HTTPS Proxy

One of my favourite proxy options, along side the Burp Proxy (evolved into Burp Suite). I’ll definately talk more about the Burp Suite later as it’s excellent for testing anything web-based. Paros labels itself as MITM Proxy + Spider + Scanner plus anything else you want it to be, it is a pretty neat piece [...]

Continue Reading


28 March 2006 | 136,871 views

Ophcrack 2.2 Password Cracker Released

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. We mentioned it in our RainbowCrack and Rainbow Tables article. Changes: (feature) support of the new table set (alphanum + 33 [...]

Continue Reading


23 March 2006 | 9,024 views

kArp – Linux Kernel Level ARP Hijacking/Spoofing Utility

Introduction kArp is a linux patch that allows one to implement ARP hijacking in the kernel, but control it easily via userland. You may configure, enable and disable kArp via ProcFS or the sysctl mechanism. kArp is implemented almost on the device driver level. Any ethernet driver (including 802.11 drivers) is supported. The kArp code [...]

Continue Reading