Proxmon – Proxy Log Monitoring Tool

ProxMon is an extensible Python based framework that reduces testing effort, improves consistency and reduces errors. Its use requires limited additional effort as it processes the proxy logs that you’re already generating and reports discovered issues. In addition to penetration testing, ProxMon is useful in QA, developer testing and regression testing scenarios. Formerly announced as […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Kardphisher

Trojan Mimicks Windows Activation Interface – KardPhisher

Recently a new Trojan popped up that mimics the Windows activation interface, phishing for credit card details and even the PIN number. The Trojan itself isn’t particularly advanced technically, it’s mostly just a social engineering attack. Symantec is reporting on a Trojan horse that mimics the Windows activation interface. What they are calling Trojan.Kardphisher doesn’t […]

Tags: , , , , , , ,

Posted in: Malware, Social Engineering, Windows Hacking | Add a Comment

Selenium – JavaScript Web Application Security Testing Tool

Selenium is a test tool for web applications. Selenium tests run directly in a browser, just as real users do. And they run in Internet Explorer, Mozilla and Firefox on Windows, Linux, and Macintosh. No other test tool covers such a wide array of platforms. Browser compatibility testing. Test your application to see if it […]

Tags: , , , , ,

Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment

tcpxtract – Extract Files from Network Traffic AKA Carving

tcpxtract is a tool for extracting files from network traffic based on file signatures. Extracting files based on file type headers and footers (sometimes called “carving”) is an age old data recovery technique. Tools like Foremost employ this technique to recover files from arbitrary data streams. tcpxtract uses this technique specifically for the application of […]

Tags: , , , , , ,

Posted in: Forensics, Hacking Tools, Network Hacking | Add a Comment
GFI Goodies

June 2007 Commenter of the Month Competition Winner!

Ah so this is what you’ve been waiting for! As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June, we are now in the second month of the competition with new runnings starting yesterday, July 1st – Sponsored by GFI. We are […]

Tags: , , , , , , , ,

Posted in: Site News | Add a Comment

OAPScan – Oracle Application Server Scanner

We got an e-mail a while back about this new and apparently simple Oracle Application Server scanner. It detects web pages, DADs (Database Access Descriptors) and test applications installed by default. It may be useful for system hardening and pen-test. You can download OAPScan here: OAPScan.tar.gz

Tags: , , , , , ,

Posted in: Database Hacking, Hacking Tools | Add a Comment

VBootkit Bypasses Vista’s Digital Code Signing

At Black Hat Europe (in Amsterdam) security experts from India (Nitin and Vipin Kumar of NV labs) demonstrated a special boot loader that gets around Vista’s code-signing mechanisms. Known as VBoot and launching from a CD and booting Vista it can make on-the-fly changes in memory and in files being read. In a demonstration, the […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Malware, Windows Hacking | Add a Comment

ProxyFuzz – MITM Network Fuzzer in Python

ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication. ProxyFuzz is a good tool […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

The Kcpentrix Project – Penetration Testing Toolkit LiveDVD

The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators What’s New in KcPentrix 2.0 Now release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking | Add a Comment