TXDNS 2.0.0 has been released. TXDNS is a Win32 aggressive multithreaded DNS digger. Capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal is to expose a domain namespace trough a number of techniques: Typos TLD rotation Dictionary attack Brute force This new version features a distributed model which further […]
Archive | Hacking Tools
XSS Shell is a powerful XSS backdoor which allows interactively getting control over a Cross-site Scripting (XSS) vulnerability in a web application. Demonstrates the real power and damage of Cross-site Scripting attacks. WHAT IS XSS SHELL ? XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by XSS-Proxy (http://xss-proxy.sourceforge.net/). Normally […]
SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming to be obsolete. SinFP uses the aforementioned limitations […]
There has been a recent release of Backframe (Formerly Backweb) Attack Console. Backframe Attack Console was started as an experiment to create a full featured attack console for exploiting web browsers, web users and remote applications. Those who are familiar with XSS Proxy or even BEEF might already be familiar with the core principles of […]
This is just a simple warning to all NMAP users out there. If you’re registered on the announcement mailing list you already now this, otherwise, heads up. NMAP 4.20 has been released with something that looks promising. 2nd generation OS detection. The changelog is available here. Enjoy!
The Metasploit Framework is an advanced open-source exploit development platform. The 3.0 tree represents a complete rewrite of the 2.0 codebase and provides a scalable and extensible framework for security tool development. The 3.0 Beta 3 release includes support for exploit automation, 802.11 wireless packet injection, and kernel-mode payloads. Windows users are now presented with […]
The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment. Windows users are encouraged to update as soon […]
A dream come true, would I say… recently found this article on securityfocus, it’s awesome… all that you need (beside Firefox) is pointed out in the article, so go on, what are you waiting for… http://www.securityfocus.com/infocus/1879
w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:
Starting w3bfukk0r 0.2
Scanning http://nion.modprobe.de/ with 76 words from words.txt
Found http://nion.modprobe.de/tmp/ (HTTP 200)
Found http://nion.modprobe.de/blog/ (HTTP 200)
Found http://nion.modprobe.de/img/ (HTTP 200)
Found http://nion.modprobe.de/setup/ (HTTP 200)
Found 4 directories.
Server runs: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.4-0.1~bpo2
Scan finished (5 seconds).
Note: Not all webservers are handling HTTP status codes […]