Phishing Frenzy - Manage Phishing Campaigns

Phishing Frenzy – E-mail Phishing Framework

Phishing Frenzy is an Open Source Ruby on Rails e-mail phishing framework designed to help penetration testers manage multiple, complex phishing campaigns. The goal of the project is to streamline the phishing process while still providing clients the best realistic phishing campaign possible. This goal is obtainable through campaign management, template reuse, statistical generation, and […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Phishing, Social Engineering | Add a Comment
Responder - LLMNR, MDNS and NBT-NS Poisoner

Responder – LLMNR, MDNS and NBT-NS Poisoner

Responder is an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: NetBIOS Suffixes). By default, the tool will only answer to File Server Service request, which is for SMB. The concept behind this is to target our answers, and be stealthier on […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Windows Hacking | Add a Comment
tempracer - Windows Privilege Escalation Tool

TempRacer – Windows Privilege Escalation Tool

TempRacer is a Windows Privilege Escalation Tool written in C# designed to automate the process of injecting user creation commands into batch files with administrator level privileges. The code itself is not using that many resources because it relies on callbacks from the OS. You can keep it running for the the whole day to […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Windows Hacking | Add a Comment
PEiD - Detect PE Packers, Cryptors & Compilers

PEiD – Detect PE Packers, Cryptors & Compilers

PEiD is an intuitive application that relies on its user-friendly interface to detect PE packers, cryptors and compilers found in executable files – its detection rate is higher than that of other similar tools since the app packs more than 600 different signatures in PE files. PEiD comes with three different scanning methods, each suitable […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Cryptography, Malware | Add a Comment
FBI Backs Off Apple In iPhone Cracking Case

FBI Backed Off Apple In iPhone Cracking Case

So the big furore this week is because the FBI backed off Apple in the whole Apple vs the World privacy case regarding cracking the iPhone Passcode of the phone belonging to the San Bernardino gunman Syed Farook. If you’re not familiar with the case, catch up with it here: FBI–Apple encryption dispute. The latest […]

Tags: , , , , , , , , ,

Posted in: Apple, Legal Issues | Add a Comment
NAXSI - Open-Source WAF For Nginx

NAXSI – Open-Source WAF For Nginx

NAXSI is an open-source WAF for Nginx (Web Application Firewall) which by default can block 99% of known patterns involved in website vulnerabilities. NAXSI means Nginx Anti XSS & SQL Injection Technically, it is a third party Nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Frida - Dynamic Code Instrumentation Toolkit

Frida – Dynamic Code Instrumentation Toolkit

Frida is basically Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps on Windows, Mac, Linux, iOS and Android. Frida also provides you with some simple tools built on top of the Frida API. These can be used […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Defence In Depth For Web Applications

Defence In Depth For Web Applications

Defence in depth for web applications is something that not many companies apply even though the model itself is nothing new. Defence in depth refers to applying security controls across multiple layers, typically Data, Application, Host, Internal Network, Perimeter, Physical + Policies/Procedures/Awareness. Defence in depth is a principle of adding security in layers in order […]

Tags: , , , , , , , ,

Posted in: Advertorial, Countermeasures | Add a Comment
BetterCap - Modular, Portable MiTM Framework

BetterCap – Modular, Portable MiTM Framework

BetterCAP is a powerful, modular, portable MiTM framework that allows you to perform various types of Man-In-The-Middle attacks against the network. It can also help to manipulate HTTP and HTTPS traffic in real-time and much more. BetterCap has some pretty impressive Spoofing abilities with multiple host discovery (just launch the tool and it will start […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Mac OS X Ransomware KeRanger

Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

So there’s been a fair bit of noise this past week about the Mac OS X Ransomware, the first of its’ kind called KeRanger. It also happens to be the first popular Mac malware of any form for some time. It’s also a lesson to all the Apple fanbois that their OS is not impervious […]

Tags: , , , , , , , , , ,

Posted in: Apple, Malware | Add a Comment