Archive | Hacking Tools

Advertisements


02 November 2006 | 51,638 views

Wyd – Automated Password Profiling Tool

Wyd is a neat tool I found recently for Password Profiling. In current IT security environments, files and services are often password protected. In certain situation it is required to get access to files and/or data even when they are protected and the password is unknown. wyd.pl was born out of those two of situations: […]

Continue Reading


28 October 2006 | 17,600 views

BobCat SQL Injection Tool based on Data Thief

BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named “Data Thief” that was published as PoC by appsecinc. BobCat can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user […]

Continue Reading


22 October 2006 | 22,855 views

Odysseus Proxy for MITM Attacks Testing Security of Web Applications.

Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, […]

Continue Reading


16 October 2006 | 219,521 views

Download pwdump 1.4.2 and fgdump 1.3.4 – Windows Password Dumping

New versions of the ultracool tools pwdump (1.4.2) and fgdump (1.3.4) have been released. Both versions provide some feature upgrades as well as bug fixes. Folks with really old versions of either program should definitely look at upgrading, since there are numerous performance improvements and full multithreading capabilities in both packages. If you don’t know..what […]

Continue Reading


09 October 2006 | 12,770 views

Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and […]

Continue Reading


04 October 2006 | 12,271 views

Echo Mirage – A Generic Network Proxy

Echo Mirage is a generic network proxy. It uses DLL injection and function hooking to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Think of it as Odysseus (or Burp, if you prefer) that will proxy (almost) anything… Windows encryption and OpenSSL functions are […]

Continue Reading


02 October 2006 | 22,151 views

arp-sk – ARP Swiss Army Knife Tool

arp-sk is basically an ARP Traffic Generation Tool. It’s quite old but still very useful! There are 2 basics mode: – who-has: build a request ARP message. – reply: build a reply ARP message (default) Other advanced modes should come very soon – arping: send a who-has to every host on the LAN to see […]

Continue Reading


01 October 2006 | 16,409 views

BeEF – Browser Exploitation Framework

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]

Continue Reading


28 September 2006 | 9,652 views

Security Compass Web Application Analysis Tool – SWAAT

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature […]

Continue Reading


22 September 2006 | 5,290 views

SIFT Web Method Search Tool

SIFT has just published a world-first tool for identifying rogue web methods. The Web Method Search tool is a Windows based application that uses a hybrid dictionary attack in an attempt to find unpublished administrative and other web services functions. As web services are becoming more prevalent, poor security practices from previous generations of application […]

Continue Reading


Advertisements