[ad] AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found […]
darknet
w3bfukk0r 0.2 Forced Browsing Tool Released
w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
w3bfukk0r http://nion.modprobe.de Starting w3bfukk0r 0.2 Scanning http://nion.modprobe.de/ with 76 words from words.txt Found http://nion.modprobe.de/tmp/ (HTTP 200) Found http://nion.modprobe.de/blog/ (HTTP 200) Found http://nion.modprobe.de/img/ (HTTP 200) Found http://nion.modprobe.de/setup/ (HTTP 200) Found 4 directories. Server runs: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.4-0.1~bpo2 Scan finished (5 seconds). |
Note: Not all webservers are handling HTTP status codes […]
MySpace Paedo Caught by PERL Script
[ad] Now for once, this is a really neat use of technology, someone using their brains and a suitable tech to solve a problem that is very apparent. PERL may be frowned upon by some as being old or outdated, but seriously for parsing data, pattern matching and trawling, it’s still excellent and you can […]
Taof 0.1 Network Protocol Fuzzer Released
[ad] Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests […]
Wyd – Automated Password Profiling Tool
Wyd is a neat tool I found recently for Password Profiling. In current IT security environments, files and services are often password protected. In certain situation it is required to get access to files and/or data even when they are protected and the password is unknown. wyd.pl was born out of those two of situations: […]