Archive | Hacking Tools


22 November 2006 | 14,934 views

Web 2.0 Hacking with Firefox and it’s plugins

A dream come true, would I say… recently found this article on securityfocus, it’s awesome… all that you need (beside Firefox) is pointed out in the article, so go on, what are you waiting for…

Continue Reading

21 November 2006 | 7,844 views

AttackAPI 0.8 JavaScript Hacking Suite Available

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found at […]

Continue Reading

17 November 2006 | 5,754 views

w3bfukk0r 0.2 Forced Browsing Tool Released

w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:

Note: Not all webservers are handling HTTP status codes […]

Continue Reading

15 November 2006 | 18,645 views

Windows XP ToolBox

This a very old article based on my tiny document “WinDOS tools” which was for a short while on Blackcode, before it was shutdown… It was an article to impres my friends, but found some usefull stuff two when writing it… so let’s take a look at some “hidden” Windows XP programs… MAC Address (getmac) […]

Continue Reading

14 November 2006 | 22,747 views

Installing Nessus on Debian-based OSs like Ubuntu

With this simple tutorial I will explain how to install Nessus client (nessus) and Nessus Daemon (nessusd) and properly register it, so you don’t end up with the limitations of a non-registered version of the vulnerability scanner. Installing: I personally use apt-, however, you may choose any other package manager. apt-get install nessus nessusd -y […]

Continue Reading

11 November 2006 | 32,038 views

Medusa Fast Parallel Password Cracker 1.3 Released

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. […]

Continue Reading

08 November 2006 | 5,267 views

Taof 0.1 Network Protocol Fuzzer Released

Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from […]

Continue Reading

02 November 2006 | 51,940 views

Wyd – Automated Password Profiling Tool

Wyd is a neat tool I found recently for Password Profiling. In current IT security environments, files and services are often password protected. In certain situation it is required to get access to files and/or data even when they are protected and the password is unknown. was born out of those two of situations: […]

Continue Reading

28 October 2006 | 17,646 views

BobCat SQL Injection Tool based on Data Thief

BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named “Data Thief” that was published as PoC by appsecinc. BobCat can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user […]

Continue Reading

22 October 2006 | 22,865 views

Odysseus Proxy for MITM Attacks Testing Security of Web Applications.

Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, […]

Continue Reading