Tag Archive | "hacking-windows"


11 December 2008 | 7,146 views

Microsoft IE7 Exploit Allows Remote Code Execution on XP & Vista

It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground. The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates. ISC reports [...]

Continue Reading


18 November 2008 | 5,779 views

Microsoft Security Assessment Tool – Free for Windows

The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and [...]

Continue Reading


24 October 2008 | 5,805 views

Microsoft Rushes Out Critical RPC Bug Fix

Now this doesn’t happen all that often, it must be really serious! An Out-of-Band patch from Microsoft (since it’s famous ‘Patch Tuesday‘ it only releases patches on the second Tuesday of each month) has been released for a new RPC flaw. I’d imagine it’s similar to the RPC flaw that spawned such disasters as Blaster [...]

Continue Reading


21 October 2008 | 42,496 views

lm2ntcrack – Microsoft Windows NT Hash Cracker (MD4 -LM)

We have covered quite a lot of Password Cracking tools and it’s not often a new one comes out, this one is for quite a specialised purpose (not a general all-purpose password cracker like John the Ripper or Cain & Abel), although you do need to use it alongside JTR. This tool is for instantly [...]

Continue Reading


11 August 2008 | 11,360 views

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows

PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket [...]

Continue Reading


30 July 2008 | 21,670 views

Pass-The-Hash Toolkit v1.4 Released for Download

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM [...]

Continue Reading


22 July 2008 | 81,338 views

TSGrinder – Brute Force Terminal Services Server

This is a tool that has been around quite some time too, it’s still very useful though and it’s a very niche tool specifically for brute forcing Windows Terminal Server. TSGrinder is the first production Terminal Server brute force tool, and is now in release 2. The main idea here is that the Administrator account, [...]

Continue Reading


28 May 2008 | 14,022 views

fgdump 2.1.0 and pwdump 1.7.1 Released – Dump LanMan & NTLM Hashes

The major change is both tools now support 64-bit targets! Good news for us. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on XP SP2 and 2K3. [...]

Continue Reading


05 May 2008 | 14,988 views

Sandman – Read the Windows Hibernation File

This is a pretty new tool and a very cool one, Hibernation is a fairly new feature for Windows so it’s good to see a new tool targeting that. Microsoft provides a feature called Hibernation also know as suspend to disk that aims to save the system state into an undocumented file called hiberfil.sys. This [...]

Continue Reading


24 April 2008 | 9,580 views

Pass-The-Hash Toolkit v1.3 is Available for Download

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·