0x00: Preface Media, kindly supported by AV “experts”, drawn apocalyptical vison of desctruction caused by stupid M$ Outlook / VisualBasic worm, called “ILOVEYOU”. Absurdal estimations – $10M lost for “defending the disease”, especially when you take a look at increasing with the speed of light value of AV companies market shares, made many people sick. […]
The Metasploit Framework is an advanced open-source exploit development platform. The 2.7 release includes three user interfaces, 157 exploits and 76 payloads.The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment. Windows users are encouraged to update as soon […]
AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found at […]
w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
w3bfukk0r http://nion.modprobe.de Starting w3bfukk0r 0.2 Scanning http://nion.modprobe.de/ with 76 words from words.txt Found http://nion.modprobe.de/tmp/ (HTTP 200) Found http://nion.modprobe.de/blog/ (HTTP 200) Found http://nion.modprobe.de/img/ (HTTP 200) Found http://nion.modprobe.de/setup/ (HTTP 200) Found 4 directories. Server runs: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.4-0.1~bpo2 Scan finished (5 seconds). |
Note: Not all webservers are handling HTTP status codes […]
Now for once, this is a really neat use of technology, someone using their brains and a suitable tech to solve a problem that is very apparent. PERL may be frowned upon by some as being old or outdated, but seriously for parsing data, pattern matching and trawling, it’s still excellent and you can get […]
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from […]
