Archive | Hacking Tools


18 May 2006 | 11,223 views

Sprajax – An Open Source AJAX Security Scanner

Denim Group Ltd. announced today the public release of Sprajax, an open source web application security scanner developed to assess the security of AJAX-enabled web applications. Sprajax is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Denim Group, an IT consultancy specializing in web application security, recognized that […]

Continue Reading


17 May 2006 | 5,306 views

Source Code & Software Security Analysis with BogoSec

Bogosec is essentially a tool for finding security vulnerabilities in source code. BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively. BogoSec is a […]

Continue Reading


16 May 2006 | 39,081 views

Anonymity – Hiding Your Identity in 2006

Introduction Anonymity is derived from the greek word ἀνωνυμία (anonymia), meaning without a name or name-less. In colloquial use, the term typically refers to a person, and often means that the Ppersonal identity, or personally identifiable information of that person is not known. The main question is of course, what are you trying to hide? […]

Continue Reading


10 May 2006 | 25,068 views

SecureDVD – Multiboot Live Security Distro’s

SecureDVD is a DVD with the 10 Best Security related Live CD’s. Yes that’s right, they authored this DVD based on the recommendations made by Darknet! Now you can have all your favorite CDs ‘compiled’ into a single DVD. I love this idea. SecureDVD is available to download, but due to it’s size, only in […]

Continue Reading


08 May 2006 | 8,191 views

SinFP – Next Generation OS Detection Tool

OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2. SinFP is a new approach to […]

Continue Reading


03 May 2006 | 71,777 views

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. While […]

Continue Reading


28 April 2006 | 20,763 views

Paros Proxy 3.2.11 Released – MITM HTTP and HTTPS Proxy

Paros 3.2.11 has been released. This version is a maintenance release with a useful feature requested by various users. All users are recommended to upgrade to this version. One of my favourite proxy options, along side the Burp Proxy (evolved into Burp Suite). Paros labels itself as MITM Proxy + Spider + Scanner plus anything […]

Continue Reading


27 April 2006 | 12,676 views

Oracle Releases a Default Password Scanner

Oracle is getting serious with security? Again..? Oracle Corp. has published a collection of software patches that address security vulnerabilities in a range of the company’s products, including its database and application server software. As part of this update, it also released a tool designed to ferret out commonly used default passwords that theoretically could […]

Continue Reading


26 April 2006 | 35,030 views

Alternatives to FrSIRT – Where to Download Exploits?

Since FrSIRT closed it’s public archives and starting charging for access (blaming it on French laws…), people have been wondering where they can their dose of Exploits..For legitimate purposes obviously. Security Forest The most comprehensive collection in my opinion comes from SecurityForest. They also have a BETA exploitation framework in development, something like a Metasploit, […]

Continue Reading


20 April 2006 | 22,602 views

Symantec Dumps L0phtcrack Password Cracker

Man this blows. It seems it happened quite a while ago, I only just found out about it recently though when I was checking to see if L0phtcrack had been updated past version 5. Symantec has quietly pulled the plug on sales of L0phtCrack, the venerable password auditing and recovery application. The decision to discontinue […]

Continue Reading