Pentoo 2013.0 RC1.1 Released

Pentoo is a security-focused live CD based on Gentoo It's basically a Gentoo install with lots of customized tools, customized kernel, and much more.

Pentoo 2013.0 RC1.1 features :

• Changes saving
• CUDA/OpenCL Enhanced cracking software
• John the ripper
• Hashcat Suite of tools
• Kernel 3.7.5 and all needed patches for injection
• XFCE 4.10
• All the latest tools and a responsive development team!

Here is a non-exhaustive list of the features currently included :

• Hardened Kernel with aufs patches
• Backported Wifi stack from latest stable kernel release
• Module loading support ala slax
• Changes saving on usb stick
• XFCE4 wm
• Cuda/OPENCL cracking support with development tools
• System updates if you got it finally installed

Download Pentoo 2013.0 RC1.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Snort 2.9.4.1 - Network intrusion detection system

Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) . Snort having the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching.

The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans. Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection.

Improvements in Snort 2.9.4.1

• Updated File processing for partial HTTP content and MIME attachments.
• Addition of new config option max_attribute_services_per_host and improve memory usage within attribute table.
• Handle excessive overlaps in frag3.
• Stream API updates to return session key for a session.
• Reduce false positives for TCP window slam events.
• Updates to provide better encoding for TCP packets generated for respond and react.
• Disable non-Ethernet decoders by default for performance reasons. If needed, use --enable-non-ether-decoders with configure.

Download Snort 2.9.4.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Unhide Forensic Tool, Find hidden processes and ports

Unhide is a forensic tool to find processes hidden by rootkits, Linux kernel modules or by other techniques. It detects hidden processes using six techniques:

• Compare /proc vs /bin/ps output
• Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for Linux 2.6 version
• Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning).
• Full PIDs space ocupation (PIDs bruteforcing). ONLY for Linux 2.6 version
• Compare /bin/ps output vs /proc, procfs walking and syscall. ONLY for Linux 2.6 version
• Reverse search, verify that all thread seen by ps are also seen in the kernel.
• 6- Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for Linux 2.6 version.
• Unhide-TCP

unhide-tcp is a forensic tool that identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.

How to Use ?

• -f    Write a log file (unhide.log) in the current directory.
• -h    Display help
• -m  Do more checks. As of 2010-11-21 version, this option has only effect for the procfs, procall, checkopendir and checkchdir tests.
• -r   Use alternate version of sysinfo check in standard tests
• -V  Show version and exit
• -v   Be verbose, display warning message (default : don't display). This option may be repeated more than once.

Compiling :
gcc –static unhide.c -o unhide
gcc -Wall -O2 –static unhide-tcp.c -o unhide-tcp
gcc -Wall -O2 –static -pthread unhide-linux26.c -o unhide-linux26
gcc -Wall -O2 -static -o unhide_rb unhide_rb.c

Available for Windows & Linux Platform. Download latest Version : Windows or Linux

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

PwnPi v2.0 - A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 114 network security tools pre-installed to aid the penetration tester. It is built on the debian squeeze image from the raspberry pi foundation’s website and uses Xfce as the window manager

Login username and password is root:root

Tools List:

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

TXDNS v 2.2.1 - Aggressive multithreaded DNS digger

TXDNS is a Win32 aggressive multithreaded DNS digger. Capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal is to expose a domain namespace trough a number of techniques:

-- Typos: Mised, doouble and transposde keystrokes;

-- TLD/ccSLD rotation;

-- Dictionary attack;

-- Full Brute-force attack: alpha, numeric or alphanumeric charsets.

New features:

• Support AAAA(IPv6)record queries:
• -rr AAAA;
• Rewrite summarizing statistics using a thread-safe algorithm instead mutex.

Bug fixes:

• Fixed a problem when running under Windows XP;
• Fixed a problem when parsing a IPv6 address.
• November 9th, 2012 by Arley Silveira

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ExploitShield Browser Edition - Forget about browser vulnerabilities

ExploitShield Browser Edition protects against all known and unknown 0-day day vulnerability exploits, protecting users where traditional antivirus and security products fail. It consists of an innovative patent-pending vulnerability-agnostic application shielding technology that prevents malicious vulnerability exploits from compromising computers.

Includes "shields" for all major browsers (IE, Firefox, Chrome, Opera) and browser all components such as Java, Adobe Reader, Flash, Shockwave. Blocks all exploit kits such as Blackhole, Sakura, Phoenix, Incognito without requiring any signature updates.

No need to train or configure, ExploitShield is 100% install-and-forget anti-exploit solution. Read more: ExploitShield Browser Edition. The ZeroVulnerabilityLabs website maintains a realtime list of detected threats and their VirusTotal results.

Download

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Wifi Honey - Creates fake APs using all encryption

This is a script, attack can use to creates fake APs using all encryption and monitors with Airodump. It automate the setup process, it creates five monitor mode interfaces, four are used as APs and the fifth is used for airdump-ng. To make things easier, rather than having five windows all this is done in a screen session which allows you to switch between screens to see what is going on. All sessions are labelled so you know which is which.

Installing wifi honey
chmod a+x wifi_honey.sh
./wifi_honey.sh fake_wpa_net
./wifi_honey.sh fake_wpa_net 1 waln1

Download Wifi Honey

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Burp Suite Free Edition v1.5 released

Burp Suite helps you secure your web applications by finding the vulnerabilities they contain.  Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, upstream proxies, logging, alerting and extensibility.

Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.

User Interface:

• Burp's UI has been completely overhauled, to improve looks and usability:
• Fonts are now available throughout the UI, with corresponding resizing of all UI elements (tables, dialogs, buttons, etc.).
• There are configurable hotkeys for all common functions.
• Intruder and Repeater now have smart tabs, which you can drag to reorder, and click to create, close or rename.
• Tables are natively sortable everywhere, except where the row ordering is part of the options you are configuring.
• Text fields now have context-aware auto-complete memory.

Burp now implements sslstrip-style functionality, allowing you to use non-SSL-capable tools against HTTPS applications, or to perform active MITM attacks against users who begin browsing using HTTP.

Download Burp Suite Free Edition v1.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Penetration Testing Cheat Sheet from 'Average Security Guy'

'Average Security Guy' upload a cool Cheat sheet on their website, that are really useful on one's pentest engagements. We have make a image of the sheet for your easiness, you can Download the image from Here, or get the Text version from their website Here.

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

BackBox Linux version 3.0 released

BackBox is a Linux distribution based on Ubuntu Desktop, and designed for performing penetration testing, incident response, computer forensics, and intelligence gathering. It uses the Xfce desktop environment, and is developed by Raffaele Forte and a small but dedicated team.

This release include features such as the new Linux Kernel 3.2 flower and Xfce 4.8. Apart from the system major upgrade, all auditing tools are up to date as well.

What's new

• System upgrade
• Bug corrections
• Performance boost
• Improved start menu
• Improved Wi-Fi dirvers (compat-wireless aircrack patched)
• New and updated hacking tools

System requirements

• 32-bit or 64-bit processor
• 512 MB of system memory (RAM)
• 4.4 GB of disk space for installation
• Graphics card capable of 800×600 resolution
• DVD-ROM drive or USB port

Download BackBox Linux version 3.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

DEFT 7.2 Released - Computer Forensic live system

DEFT 7.2 released its last 32bit release but we will support bugfix until 2020. DEFT is a new concept of Computer Forensic live system that uses LXDE as desktop environment and thunar file manager and mount manager as tool for device management. It is a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics

New in this release:

• Virtual appliance based on Vmware 5 with USB3 support
• Kernel 3.0.0-26
• Autopsy 3 beta 5 (using Wine – please note that you need minimum 1GB ram)
• Log2tmeline 0.65
• Guymager 0.6.12-1
• Vmfs support
• Some mirror fix

Download DEFT 7.2 iso

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Android Privacy Guard v1.0.8 - OpenPGP for Android

There's no public key encryption for Android yet, but that's an important feature for many of us. Android Privacy Guard is to manage OpenPGP keys on your phone, use them to encrypt, sign, decrypt emails and files.

Change log v1.0.8

• HKP key server support
• app2sd support
• more pass phrase cache options: 1, 2, 4, 8 hours
• bugfixes

Download Android Privacy Gaurd

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

OWASP Zed Attack Proxy (ZAP) Weekly Releases

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox.

Team is now releasing weekly updates on every Monday. These are not the full releases , like stable one, but to give more enhancements as soon as possible, ZAP team decide to release weekly updates also.

The following new features are included in weekly releases:

• Completely rewritten 'traditional' Spider (c/o Cosmin Stefan and the GSoC)
• New Ajax Spider (using Crawljax, c/o Guifre Ruiz and the GSoC)
• Web sockets support (c/o Robert Koch and the GSoC)
• Performance improvements (both speed and memory)
• Session awareness
• Authentication handling
• Contexts
• Modes (Safe, Protected and Standard)
• Online links in menu

Download ZAP week update

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ModSecurity 2.7.0 Stable Release

The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.7.0 Stable Release.The stability of this release is good and includes many new features and bug fixes.

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

Highlights include:

• Internationalization (I18N) Support
• HMAC Token Injection to prevent data manipulation
• PCRE JIT Support to speed up regular expression operators
• Caching Lua VMs to speed up multiple scripts
• Ability to add exceptions based on TAG and MSG data
• Per-rule Performance information in audit log

Download ModSecurity 2.7.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

The Autopsy Forensic Browser v 3.0.0 released

The Autopsy Forensic Browser is a graphical interface to The Sleuth Kit. Together, they can analyze Windows and UNIX disks and file systems (NTFS, FAT, UFS1/2, Ext2/3). Version 3.0 of Autopsy is a complete re-write and this page describes its features.

Autopsy 3 has been designed to be a graphical platform for open source digital forensics tools. It was written in Java using the NetBeans Platform. This approach allows Autopsy to run on multiple platforms (Windows, OS X, Linux, etc.) and have a modular framework that makes it easy to incorporate other open source forensics tools and create an end-to-end solution. Autopsy 3.0 is faster and easier to use than Autopsy 2.0

New features:

- Using Sleuthkit 4.0.0

- Integrated plugin installer.

- New options menu to globally access module options.

- Added custom ingest module loader and ingest module auto-discovery

Improvements:

- Updated ingest framework APIs.

- Merged the main modules into Autopsy-Core and Autopsy-CoreLibs.

- Improved logging infrastructure.

- Improved configuration infrastructure.

- Keyword search: upgraded Lucene from 34 to 36.

- Build system improvements.

- Updated documentation.

Download The Autopsy Forensic Browser v 3.0.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Server Analyser : Simple Server Malware Scanner

Server Analyser  is a service for detecting and analyzing web-based threats. It currently handles shells, obfuscated JavaScript, Executables, Iframes and port scans.

Featured added:

+ Logging scans

+ Just paste the results ( option 1 )

+ Added new Exploit methods to option 1

+ Latest infections ( will be updated automaticly )

+ Added PHP Shell detection exec()/system() etc. ( more will be added soon )

+ The code has been changed into a smaller one

+ Added new BlackHole methods

+ Added different javascript methods

+ Added decoded php syntaxes

+ gzinflate

+ var url

+ base64_decode

+ The Beta has been releases and uploaded

+ code improvements

+ fixed the dos2unix issue

Download Server Analyser

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Server Shield v1.0.2 - Protect your Linux machine in 1 minute

Server Shield is a lightweight method of protecting and hardening your Linux server. It is easy to install, hard to mess up, and makes your server instantly and effortlessly resilient to many basic and advanced attacks.

Features

• Firewall Hardening
• TCP Hardening
• Data Leakage Protection
• ICMP/Ping Flood Protection
• Rootkit Protection
• DoS Protection
• Spoof Protection
• Bogus TCP Protection
• SYN Flood Protection
• Requires
• iptables ("yum install iptables")

Installation

git clone https://github.com/Brian-Holt/server-shield

cd server-shield;chmod +x sshield;mv sshield /etc/init.d

/etc/init.d/sshield start

Download Server Shield v1.0.2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Whonix ALPHA 0.4.5 - Anonymous Virtual operating system

Whonix (called TorBOX or aos in past) is an anonymous general purpose operating system based on Virtual Box, Debian GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location.

Whonix consists of two machines, which are connected through an isolated network. One machine acts as the client or Whonix-Workstation, the other as a proxy or Whonix-Gateway, which will route all of the Whonix-Workstation's traffic through Tor. This setup can be implemented either through virtualization and/or Physical Isolation.

Whonix advantages:

• All applications, including those, which do not support proxy settings, will automatically be routed through Tor.
• Installation of any software package possible.
• Safe hosting of Hidden services possible.
• Protection against side channel attacks, no IP or DNS leaks possible^3^ To test for leaks, see LeakTests.
• Advantage over Live CD's: Tor's data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save it's Entry Guards.
• Java / JavaScript / flash / Browser Plugins / misconfigured applications cannot leak your real external IP.
• Whonix does even protect against root exploits (Malware with root rights) on the Workstation.
• Uses only Free Software.
• Building Whonix from source is easy.
• Tor+Vidalia and Tor Browser are not running inside the same machine. That means that for example an exploit in the browser can't affect the integrity of the Tor process.
• It is possible to use Whonix setup in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
• Loads of Optional Configurations (additional features / Add-Ons) available.
• Best possible Protocol-Leak-Protection and Fingerprinting-Protection.

Download Whonix ALPHA 0.4.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

SANS Investigative Forensic Toolkit 2.14 Released

The SANS Investigative Forensic Toolkit (SIFT) Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.

New in SIFT 2.14

• iPhone, Blackberry, and Android Forensic Capabilities
• Registry Viewer (YARU)
• Compatibility with F-Response Tactical, Standard, and Enterprise
• PTK 2.0 (Special Release – Not Available for Download)
• Automated Timeline Generation via log2timeline
• Many Firefox Investigative Plugins
• Windows Journal Parser and Shellbags Parser (jp and sbag)
• Many Windows Analysis Utilities (prefetch, usbstor, event log, and more)
• Complete Overhaul of Regripper Plugins (added over 80 additional plugins)

Download SANS Investigative Forensic Toolkit (SIFT)

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Nessus 5.0.2 vulnerability scanner updates

Nessus is the world’s most widely-deployed vulnerability and configuration assessment product updated to version 5.0.2 .Nessus 5 features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis of your security posture with features that enhance usability, effectiveness, efficiency, and communication with all parts of your organization.

Nessus 5.0.2 change logs:

• UTF8 encoding problems would sometimes cause the generation of reports to fail
• Fixed a case where generating some compliance checks reports would cause the scanner to hang, using 100% of the CPU
• Resolved a resource leak issue occurring when a large number of different users are connected at the same time .
• Network congestion errors are now detected more conservatively
• Upgraded libxml2, libxslt, openssl to their newest versions
• Some nessusd.rules directives were not honored by the port scanners
• Solaris 10 build

Download Nessus 5.0.2 Windows version

Download Nessus 5.0.2 Linux Version

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email