[ad] Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a […]
network-security
keimpx – Open Source SMB Credential Scanner
[ad] keimpx is an open source tool, released under a modified version of Apache License 1.1. It can be used to quickly check for the usefulness of credentials across a network over SMB. Credentials can be: Combination of user / plain-text password. Combination of user / NTLM hash. Combination of user / NTLM logon session […]
hostmap 0.2 – Automatic Hostname & Virtual Hosts Discovery Tool
[ad] hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby, licensed under GNU General Public License version 3 (GPLv3). Its goal is to enumerate all hostnames and configured virtual hosts on an IP address. The primary users of hostmap are professionals performing vulnerability assessments and penetration tests. hostmap helps you […]
SSL Renegotiation Bug Succesfully Used To Attack Twitter
[ad] When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world. But then people tend to say that about most things don’t they until they get pwned up the face. It turns out the rather obscure SSL flaw can […]
KrbGuess – Guess/Enumerate Kerberos User Accounts
KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition […]