Archive | Network Hacking


22 November 2013 | 2,661 views

LANs.py ARP Spoofer – Multithreaded Asynchronous Packet Parsing/Injecting

LANs.py is a multithreaded asynchronous packet parsing/injecting ARP spoofer & poisoner. Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the interesting bits of their traffic and can inject custom html into pages they visit. Cleans [...]

Continue Reading


16 November 2013 | 3,225 views

Linux Backdoor Fokirtor Injects Traffic Into SSH Protocol

Earlier this week we wrote about an Internet Explorer 0-day which used an in-memory drive by attack, which was pretty smart. Now another new type of malware (a backdoor in this case), this time targeting Linux known as Fokirtor. There is no real discussion of the exploit used to plant this backdoor (if it was [...]

Continue Reading


10 July 2013 | 6,944 views

Smooth-Sec – IDS/IPS (Intrusion Detection/Prevention System) In A Box

We haven’t written about Smooth-Sec for a while since we first heard about it at v1 in March 2011. For those who are not familiar, Smooth-Sec is a fully-ready IDS & IPS (Intrusion Detection & Prevention System) Linux distribution based on Debian 7 (wheezy), available for 32 and 64 bit architecture. The distribution includes the [...]

Continue Reading


03 April 2013 | 5,527 views

HoneyDrive Desktop v0.2 Released – Honeypot LiveCD

HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot, Glastopf web honeypot along with Wordpot, Thug honeyclient and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data [...]

Continue Reading


13 March 2013 | 3,381 views

SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers. Features SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility Performance testing: session resumption and TLS tickets support Security testing: [...]

Continue Reading


27 February 2013 | 7,807 views

ARPwner – ARP & DNS Poisoning Attack Tool

ARPwner is a tool to do ARP poisoning and DNS poisoning attacks, with a simple GUI and a plugin system to do filtering of the information gathered, also has a implementation of sslstrip and is coded 100% in python and on Github, so you can modify according to your needs. This tool was released by [...]

Continue Reading


20 November 2012 | 4,573 views

HoneyDrive – Honeypots In A Box

HoneyDrive is a pre-configured honeypot system in virtual hard disk drive (VMDK format) with Ubuntu Server 11.10 32-bit edition installed. It currently contains Kippo SSH honeypot. Additionally it includes useful scripts and utilities to analyze and visualize the data it captures. Lastly, other helpful tools like tshark (command-line Wireshark), pdftools, etc. are also present. In [...]

Continue Reading


27 August 2012 | 6,167 views

XMPPloit – A Tool to Attack XMPP Connections

XMPPloit is a command-line tool to attack XMPP connections, allowing the attacker to place a gateway between the client and the server and perform different attacks on the client stream. The tool exploit implements vulnerabilities at the client & server side utilizing the XMPP protocol. The main goal is that all the process is transparently [...]

Continue Reading


19 June 2012 | 3,511 views

Graphical Web Interface for OSSEC WUI AnaLogi v1.1

‘Analytical Log Interface’ was built to sit on top of OSSEC (built on OSSEC 2.6) and requires 0 modifications to OSSEC or the database schema that ships with OSSEC. AnaLogi requires a Webserver sporting PHP and MySQL. Written for inhouse analysis work, released under GPL to give something back – it’s intended to help you [...]

Continue Reading


28 May 2012 | 2,137 views

Complex Cyberwar Tool ‘Flamer’ Found Infecting Computers In Iran & Israel

In December last year, Microsoft released the patch for the vulnerability used by Duqu to propogate itself across Windows desktops. The other nasty worm going around was Stuxnet – both cyberwarfare tools, and most recently a piece of malware claimed to be more sophisticated than both has been found infecting computers in the middle east. [...]

Continue Reading