Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. Supported Platforms […]
Hacking Tools
Hacking Tools are pieces of software or programs created to help you with hacking or that users can utilise for hacking purposes.
Examples include Wep0ff โ Wifi Cracking Tool, Brutus Password Cracker, wwwhack Web Hacking, THC-Hydra Network Login Hacking and pwdump/fgdump Windows Password Dumping Tools.
You can find the latest and best hacking tools below and more on Wikipedia.
Script Kiddie Hacking Tools
There are various tools that are classified as too easy to use, or too automated and these fall into the category of Script Kiddie Tools. These are people who just follow instructions from a manual or tutorial without really understanding the technology or process happening.
Examples of these tools would mainly be password cracking tools like Cain and Abel Password Cracker, Brutus Password Cracker and John the Ripper for Password Cracking.
Exploit Next Generation SQL Fingerprint (ESF) – MS-SQL Server Fingerprinting Tool
SQL Server fingerprinting can be a time consuming process. It involves a lot many trial and error methods to fingerprint the exact SQL Server version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for a certain server are two of the ways to possibly fingerprint […]
OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners […]
THC-Hydra 5.8 Released – Extremely Fast Multi-Threaded Login/Password Cracker
The number one biggest security hole is passwords, as every password security study shows. Hydra is a parallelized (multi-threaded) login cracker which supports attacking/cracking numerous protocols. New modules are easy to add, beside that, it is flexible and very fast. We haven’t mentioned Hydra since way back in 2007 – THC-Hydra โ The Fast and […]
inspathx – Tool For Finding Path Disclosure Vulnerabilities
inspathx is a tool that uses local source tree to make requests to the URL and searches for path inclusion (Full Path Disclosure) error messages. It’s a very common problem in PHP web applications that crops up a lot. PHP Web application developers sometimes fail to add safety checks against authentications, file inclusion etc and […]