THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this [...]
Tag Archive | "thc"
The number one biggest security hole is passwords, as every password security study shows. Hydra is a parallelized (multi-threaded) login cracker which supports attacking/cracking numerous protocols. New modules are easy to add, beside that, it is flexible and very fast. We haven’t mentioned Hydra since way back in 2007 – THC-Hydra – The Fast and [...]
A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. Please note to get full access to all the available tools you need to develop IPV6 tools yourself or submit patches, tools and feedback to the thc-ipv6 project. The Tools parasite6: icmp [...]
I guess most people have been led to believe this new generation of ePassports or biometric passports are more secure, will help us keep our privacy intact and help us mitigate against identity theft. Well how wrong the propaganda is! THC (famous for their tools and research in security) has just released some technical information, [...]
thc-Amap (Application MAPper) is another excellent tool more towards banner grabbing and protocol detection than OS-fingerprinting. But from the services running on a machine you can get a good idea of the OS and the purpose of the server. Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they [...]
THC-Hydra rocks, it’s pretty much the most up to date and currently developed password brute forcing tool around at the moment. It supports a LOT of services and protocols too. Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallelized login cracker which supports numerous protocols [...]
I have to agree with their sentiment, I’m all for open hardware standards. Even if you don’t open it, people will copy it anyway (See the mass of Cisco knock-offs in China for a fraction of the price with almost exactly the same functions and IOS) So why not open it, let us play with [...]