Archive | January, 2018

USBPcap – USB Packet Capture For Windows

The New Acunetix V12 Engine


USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.

USBPcap - USB Packet Capture For Windows


Currently, the live capture can be done on “standard input” capture basis: you write a magic command in cmd.exe and you get the Wireshark to capture raw USB traffic on Windows.

USBPcapDriver has three “hats”:

  • Root Hub (USBPCAP_MAGIC_ROOTHUB)
  • Control (USBPCAP_MAGIC_CONTROL)
  • Device (USBPCAP_MAGIC_DEVICE)

What you won’t see using USBPcap

As USBPcap captures URBs passed between functional device object (FDO) and physical device object (PDO) there are some USB communications elements that you will notice only in hardware USB sniffer.

These are:

  • Bus states (Suspended, Power ON, Power OFF, Reset, High Speed Detection Handshake)
  • Packet ID (PID)
  • Split transactions (CSPLIT, SSPLIT)
  • Duration of bus state and time used to transfer packet over the wire
  • Transfer speed (Low Speed, Full Speed, High Speed)

Moreover, you won’t see complete USB enumeration. You will only see the USB control transfer send to device after the device has been assigned its address.

There is also this to check out:

SnoopyPro – Windows USB Sniffer Tool

You can download USBPcap here:

Windows: USBPcapSetup-1.2.0.3.exe
Source: USBPcap-1.2.0.3.zip

Or read more here.

Posted in: Hacking Tools

Topic: Hacking Tools


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


OWASP ZSC – Obfuscated Code Generator Tool

Use Netsparker


OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.

OWASP ZSC - Obfuscated Code Generator Tool


Shellcodes are small codes in Assembly language which could be used as the payload in software exploitation. Other usages are in malware, bypassing antivirus software, obfuscating code for protection and so on.

This software can be run on Windows/Linux/OSX under Python.

Why use OWASP ZSC Obfuscated Code Generator Tool

Another good reason for obfuscating files or generating shellcode with ZSC is that it can be used for pen-testing assignments. Malicious hackers use these techniques to bypass anti-virus and load malicious files in systems they have hacked using customized shellcode generators. Anti-virus tend to utilise signatures in order to identify harmful files. When using very well known encoders such as msfvenom, files generated by this program might be already flagged by anti-virus programs.

According to other shellcode generators same as Metasploit tools etc, OWASP ZSC using new encodes and methods which antiviruses won’t detect. OWASP ZSC encoders are able to generate shell codes with random encodes and that allows you to generate thousands of new dynamic shellcodes with the same job in just a second, that means, you will not get the same code if you use random encodes with same commands.

There is also this tool to check out:

Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files

You can download OWASP ZSC here:

OWASP-ZSC-master.zip

Or read more here.

Posted in: Hacking Tools

Topic: Hacking Tools


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


A Look Back At 2017 – Tools & News Highlights

The New Acunetix V12 Engine


So here we are in 2018, taking a look back at 2017, quite a year it was. We somehow forgot to do this last year so just have the 2015 summary and the 2014 summary but no 2016 edition.

A Look Back At 2017 – Tools & News Highlights


2017 News Stories

All kinds of things happened in 2017 starting with some pretty comical shit and the MongoDB Ransack – Over 33,000 Databases Hacked, I’ve personally had very poor experienced with MongoDB in general and I did notice the sloppy defaults (listen on all interfaces, no password) when I used it, I believe the defaults have been corrected – but I still don’t have a good impression of it. It also didn’t stop there with Another MongoDB Hack Leaks Two Million Recordings Of Kids

Everyone scrambled in March when they found out Ubiquiti Wi-Fi Gear Hackable Via 1997 PHP Version.

There was also the regular dodgy Government legislation based activity like the European Commission Pushing For Encryption Backdoors and the US demanding people to hand over their social media passwords when entering the country.

Plus the governments themselves getting owned when Shadow Brokers Release Dangerous NSA Hacking Tools.

There was also a spate of high profile hacks, many involving publically accessibly AWS S3 buckets like the Time Warner Hacked – AWS Config Exposes 4M Subscribers and Terabytes Of US Military Social Media Spying S3 Data Exposed.

2017 Best Hacking Tools


There’s been some pretty neat stuff released this year, the below are tools that’s I’ve personally found interesting but haven’t been super high traffic:

You may have overlooked some of these, so do check them out if you did!

You’ve probably already seen those below in the most viewed list, but well if you haven’t check out the below for the hottest posts published in 2017.

Bonus – Top 10 Most Viewed Posts From 2017

  1. Angry IP Scanner Download – Fast Network IP Scanner
  2. Fluxion – Automated EvilAP Attack Tool
  3. Reaver Download – Hack WPS Pin WiFi Networks
  4. LOIC Download – Low Orbit Ion Cannon DDoS Booter
  5. RDPY – RDP Security Tool For Hacking Remote Desktop Protocol
  6. Sn1per – Penetration Testing Automation Scanner
  7. Yuki Chan – Automated Penetration Testing Tool
  8. LastPass Hacked – Leaking Passwords Via Chrome Extension
  9. Shadow Brokers Release Dangerous NSA Hacking Tools
  10. SQLiv – SQL Injection Dork Scanning Tool

Enjoy 2018, it’s gonna be a crazy, decentralised year!

Posted in: Site News

Topic: Site News


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux

Use Netsparker


Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 “speculative execution” CVEs that were made public early 2018.

Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux


Without options, it’ll inspect you currently running kernel. You can also specify a kernel image on the command line, if you’d like to inspect a kernel you’re not running.

The script will do its best to detect mitigations, including backported non-vanilla patches, regardless of the advertised kernel version number.

Summary of the CVEs in Spectre & Meltdown Checker

CVE-2017-5753 bounds check bypass (Spectre Variant 1)

  • Impact: Kernel & all software
  • Mitigation: recompile software and kernel with a modified compiler that introduces the LFENCE opcode at the proper positions in the resulting code
  • Performance impact of the mitigation: negligible

CVE-2017-5715 branch target injection (Spectre Variant 2)

  • Impact: Kernel
  • Mitigation 1: new opcode via microcode update that should be used by up to date compilers to protect the BTB (by flushing indirect branch predictors)
  • Mitigation 2: introducing “retpoline” into compilers, and recompile software/OS with it
  • Performance impact of the mitigation: high for mitigation 1, medium for mitigation 2, depending on your CPU

CVE-2017-5754 rogue data cache load (Meltdown)

  • Impact: Kernel
  • Mitigation: updated kernel (with PTI/KPTI patches), updating the kernel is enough
  • Performance impact of the mitigation: low to medium

There are some other more generic BASH scripts for security scanning like:

unix-privesc-check – Unix/Linux User Privilege Escalation Scanner
LinEnum – Linux Enumeration & Privilege Escalation Tool

You can download Spectre & Meltdown Checker here:

spectre-meltdown-checker.sh

Or read more here.

Posted in: Security Software

Topic: Security Software


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


Hijacker – Reaver For Android Wifi Hacker App

The New Acunetix V12 Engine


Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.

Hijacker - Reaver For Android Wifi Hacker App


It offers a simple and easy UI to use these tools without typing commands in a console and copy & pasting MAC addresses.

Features of Hijacker Reaver For Android Wifi Hacker App

Information Gathering

  • View a list of access points and stations (clients) around you (even hidden ones)
  • View the activity of a specific network (by measuring beacons and data packets) and its clients
  • Statistics about access points and stations
  • See the manufacturer of a device (AP or station) from the OUI database
  • See the signal power of devices and filter the ones that are closer to you
  • Save captured packets in .cap file

Reaver for Android Wifi Cracker Attacks

  • Deauthenticate all the clients of a network (either targeting each one or without specific target)
  • Deauthenticate a specific client from the network it’s connected
  • MDK3 Beacon Flooding with custom options and SSID list
  • MDK3 Authentication DoS for a specific network or to every nearby AP
  • Capture a WPA handshake or gather IVs to crack a WEP network
  • Reaver WPS cracking (pixie-dust attack using NetHunter chroot and external adapter)

Other Wifi Hacker App Features

  • Leave the app running in the background, optionally with a notification
  • Copy commands or MAC addresses to clipboard
  • Includes the required tools, no need for manual installation
  • Includes the nexmon driver and management utility for BCM4339 devices
  • Set commands to enable and disable monitor mode automatically
  • Crack .cap files with a custom wordlist
  • Create custom actions and run them on an access point or a client easily
  • Sort and filter Access Points and Stations with many parameters
  • Export all gathered information to a file
  • Add a persistent alias to a device (by MAC) for easier identification

Requirements to Crack Wifi Password with Android

This application requires an ARM Android device with an internal wireless adapter that supports Monitor Mode. A few android devices do, but none of them natively. This means that you will need a custom firmware. Any device that uses the BCM4339 chipset (MSM8974, such as Nexus 5, Xperia Z1/Z2, LG G2, LG G Flex, Samsung Galaxy Note 3) will work with Nexmon (which also supports some other chipsets). Devices that use BCM4330 can use bcmon.

An alternative would be to use an external adapter that supports monitor mode in Android with an OTG cable.

The required tools are included for armv7l and aarch64 devices as of version 1.1. The Nexmon driver and management utility for BCM4339 are also included.

Root is also necessary, as these tools need root to work.

Other tools to check out would be:

wifite – Mass Wifi WEP / WPA Key Cracking Tool
Fern Wifi Cracker – Wireless Security Auditing Tool
Infernal Twin – Automatic Wifi Hacking Tool

You can download Hijacker Reaver for Android Wifi Hacker App here:

APK: Hijacker-release-v1.4-stable.3.apk
Source: Hijacker-v1.4-stable.zip

Or read more here.

Posted in: Wireless Hacking

Topic: Wireless Hacking


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.