Showing posts with label MITM. Show all posts
Showing posts with label MITM. Show all posts

Social Engineer Toolkit 4.0 Released

Labels:
, , , , , , , , , , , ,

Social Engineer Toolkit or SET updated to V4.0 . The latest version code named is “Balls of Steel.” The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.
Social Engineer Toolkit 4.0 Released

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

In New version the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. Additionally, all of the payloads have been heavily encrypted with a number of heavy anti-debugging tools.

The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder).
.

Download Social Engineer Toolkit 4.0:
svn co http://svn.trustedsec.com/social_engineering_toolkit set/


Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email

Posted by Mohit Kumar at Thursday, September 20, 2012  

WiFiKill v1.7 - Eject any WiFi device from network

Labels:
, , , ,

WiFiKill
If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. This is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can get rid of network hoggers. It gives option to redirect HTTP traffic to specific IP, this feature can be used even to do phishing smartly.

Changelog:
- fixed the counter bug (I hope for the last time)
- added an option to redirect HTTP traffic to specific IP (caution! this may lead to significant CPU load)
- now successful kills are tagged by green icon on the left of IP (this is not 100% correct)


Download this application from LINK 1 or LINK 2


Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email

Posted by Mohit Kumar at Thursday, September 13, 2012  

ZackAttack - Firesheep NTLM Authentication relaying

Labels:
, , , , ,

It is a new toolkit that helps you with NTLM (NT LAN Manager) security protocol relaying. Not pass the hash kinds, but more on the lines of cross protocol relaying and allow clients to get MS Windows clients to automatically authenticate and relay hashes to via cross protocol relaying.

What is NTLM relaying?
It is a mechanism to relay authentication requests to another target. Interestingly, it does not require an administrative access which means it can be done by any client having no previous access on the network or the system – think a “guest” user! Again with almost all protocols, there is no authentication on the part of the client or the server either – think ARP spoofing.

Though, ZackAttack! is not exactly what it aims to be – FireSheep for NTLM authentication, we know it sure will be soon with the amount of efforts Zack Fasel is putting in.

Components of ZackAttack:
  • The Rogue Servers - HTTP and SMB. These get the auth requests and keep recycling them
  • The Clients - These connect to target servers and request NTLM creds from the Rogue Servers
  • The Rules - Define auto actions to perform upon seeing a user.
  • The Payloads - Methods to get users to autoauth with Integrated Windows Auth ergo not prompting the user for auth.


Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email

Posted by Mohit Kumar at Saturday, September 01, 2012  

Etherwall - prevents Man in The Middle (MITM) Attacks

Labels:
, ,

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others.
ethwconsole

Features
  • Daemon Processing
  • ARP Packet Filtering
  • Point to Point & Point to Multipoint Protection
  • Realtime Protection
  • System Logging
  • Early Warning
  • Support for networks Statically, Dynamically, or Both
  • Supports for Ethernet Wired & Wireless interface (IEEE 802.3 & IEEE 802.11)
  • Plugins / Tools
  • Included Man Pages
  • Easy to Use and Free


Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email

Posted by Mohit Kumar at Friday, August 31, 2012  

Subscribe to: Posts (Atom)