PwnStar latest version with new Exploits released

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables.  Launches classic exploits such as evil-PDF. De-auth with aireplay, airdrop-ng or MDK3.

Changes and New Features

• “hotspot_3″ is a simple phishing web page, used with basic menu option 4.
• “portal_simple” is a captive portal which allows you to edit the index.html with the name of the portal eg “Joe’s CyberCafe”. It is used for sniffing.
• “portal_hotspot3″ phishes credentials, and then allows clients through the portal to the internet
• “portal_pdf” forces the client to download a malicious pdf in order to pass through the portal

Updated feature list:

• captive-portal with iptables and php
• more php scripts added
• exploits added
• mdk3 and airdrop deauth

General Features :

• manage interfaces and MACspoofing
• set up sniffing
• serve up phishing or malicious web pages
• launch karmetasploit
• grab WPA handshakes
• de-auth clients
• manage IPtables

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

SSLsplit v 0.4.5 - Man-in-the-middle attacks against SSL/TLS

SLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Change Log:

• Add support for 2048 and 4096 bit Diffie-Hellman
• Fix syslog error messages 
• Fix threading issues in daemon mode .
• Fix address family check in netfilter NAT lookup 
• Fix build on recent glibc systems 
• Minor code and build process improvements

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

NetSleuth : Open source Network Forensics And Analysis Tools

NetSleuth identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.

NetSleuth is an opensource network forensics and analysis tool, designed for triage in incident response situations. It can identify and fingerprint network hosts and devices from pcap files captured from Ethernet or WiFi data (from tools like Kismet).

It also includes a live mode, silently identifying hosts and devices without needing to send any packets or put the network adapters into promiscuous mode ("silent portscanning").

NetSleuth is a free network monitoring, cyber security and network forensics analysis (NFAT) tool that provides the following features:

• An easy realtime overview of what devices and what people are connected to any WiFi or Ethernet network.
• Free. The tool can be downloaded for free, and the source code is available under the GPL.
• Simple and cost effective. No requirement for hardware or reconfiguration of networks.
• “Silent portscanning” and undetectable network monitoring on WiFi and wired networks.
• Automatic identification of a vast array of device types, including smartphones, tablets, gaming consoles, printers, routers, desktops and more.
• Offline analysis of pcap files, from tools like Kismet or tcpdump, to aid in intrusion response and network forensics.

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

TXDNS v 2.2.1 - Aggressive multithreaded DNS digger

TXDNS is a Win32 aggressive multithreaded DNS digger. Capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal is to expose a domain namespace trough a number of techniques:

-- Typos: Mised, doouble and transposde keystrokes;

-- TLD/ccSLD rotation;

-- Dictionary attack;

-- Full Brute-force attack: alpha, numeric or alphanumeric charsets.

New features:

• Support AAAA(IPv6)record queries:
• -rr AAAA;
• Rewrite summarizing statistics using a thread-safe algorithm instead mutex.

Bug fixes:

• Fixed a problem when running under Windows XP;
• Fixed a problem when parsing a IPv6 address.
• November 9th, 2012 by Arley Silveira

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Scylla v1 Penetration Testing Tool - Because there's no patch for human stupidity

When there's no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works.

Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs dynamically. Scylla aims to be a better tool for security auditors, extremely fast, designed based on real scenarios, developed by experienced coders and constructed with actual IT work methods.

The words “Configuration Tracer” are the best definition for Scylla, a tool to help on IT audits. Scylla is a tool to audit different online application protocols and configurations, built over a brute-force core.

This tool acts as a tool for unifying auditing techniques, in other words, it does what oscanner, winfingerprint, Hydra, DirBuster, and other tools do, and also what those tools don't do.


Supported Protocols

• Terminal (Telnet, SSH, telnets)
• FTP (FTPS, FTP, SFTP)
• SMB (Also Windows RPC)
• LDAP
• POP3 (POP3S)
• SMTP (SMTPS)
• IMAP
• MySql
• MSSQL
• Oracle (Database and TNS Listener)
• DB2 (Database and DAS)
• HTTP(HTTPS; Basic AUTH Brute Force, Digest AUTH Brute Force, Form Brute Force, Directory and files Brute Force)
• DNS (DNS snooping)
• Postgres SQL

Basic features:

- User, password list based Brute force

- Multiple hosts support

- Multiple session support

- Nmap integration

- Non-synchronized threads (proof to be a bit faster)

- Ability to restore sessions

- Session auto-saving (based on SQL Server CE)

- Easy to use

- Auto configured options

- Hacker oriented

- Free, and always free

- Database browser (who have hacked a DB and don’t have a DB client to connect to it- And worse if you don’t have internet)

- Open source tool

Download Scylla v1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social-Engineer Toolkit (SET) 4.1.3 Released

TrustedSec Release the latest version of Social-Engineer Toolkit (SET) as 4.1.3. As most of us know that, It is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

Change version 4.1.3:

* Added multiple checks when importing file, no longer exits the entire application

Download Social Engineer Toolkit 4.1.3:

svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

WebSploit Framework 2.0.3 with Wifi Jammer

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability.

WebSploit Is An Open Source Project For :
[>]Social Engineering Works
[>]Scan,Crawler & Analysis Web
[>]Automatic Exploiter
[>]Support Network Attacks
----
[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service
[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin
[+]format infector - inject reverse & bind payload into file format
[+]phpmyadmin Scanner
[+]LFI Bypasser
[+]Apache Users Scanner
[+]Dir Bruter
[+]admin finder
[+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
[+]MITM - Man In The Middle Attack
[+]Java Applet Attack
[+]MFOD Attack Vector
[+]USB Infection Attack
[+]ARP Dos Attack
[+]Web Killer Attack
[+]Fake Update Attack
[+]Fake Access point Attack

Download WebSploit Framework 2.0.3

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

dSploit v1.0.23b -- Android network penetration suite

Have you ever wanted to dabble in network security testing? dSploit is an Android based network analysis & penetration suite. It is a comprehensive toolchain which can be used by anyone in order to perform a number of advanced network analysis and Pentests. dSploit contains a number of powerful functions for IT security experts/geeks, but is easy enough for just about any one to perform exploits.

dSploit allows you to analyze, capture, and manipulate network packets. You can scan networks for connected devices like other smartphones, laptops, & identify the operating system, running services and open ports on each device. Once open ports are known, you can go further by checking open ports for vulnerabilities. These features together make dSploit the most complete and advanced professional toolkit to perform network security assesments on any mobile device, ever.

Other than analysis, dSploit even allows man in the middle attacks for a number of network protocols i.e. you can monitor and inject packets into the network and spoof your identity. In simpler words, it allows you to intercept wireless network traffic and mess it with in the way you want. You can poison the DNS, for example, so that your family members go to Google+ everytime they try open facebook, or replace all the images with a custom PWNed/funny image. The ideas are what limit you, possibilities of fun are endless.

Available Modules in dSploit :

• RouterPWN
• Launch the http://routerpwn.com/ service to pwn your router.
• Port Scanner
• A syn port scanner to find quickly open ports on a single target.
• Inspector
• Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
• Vulnerability Finder
• Search for known vulnerabilities for target running services upon National Vulnerability Database.
• Login Cracker
• A very fast network logon cracker which supports many different services.
• Packet Forger
• Craft and send a custom TCP or UDP packet to the target.
• MITM
• A set of man-in-the-middle tools to command&conquer the whole network .

The app is currently in beta, so there may be bugs present. However, a large number of users are reporting good feedback in the thread. You need to be running at least Android 2.3 Gingerbread, and the device must be rooted.

Download dSploit

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Ettercap 0.7.5 released - codename "Assimilation"

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.

It is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.

Changes log:

• Fix versioning, flags.
• Need latest version of libnet that supports IPv6
• Fix gtk crash.
• Switched to git repo and CMAKE
• Now that IPv6 is supported the cli requires an extra “/”. To poison all hosts in a broadcast domain the command would be /// (Instead of // // in past versions.)
• Fixed Release tag and build flags, BZ 855504.
• Fixed Obsoletes, BZ 855067.
• Switch to git ettercap_rc branch for gtk crash, BZ 853791.
• Dropped UI and daemon patches.
• Merged subpackages, in part due to buildsystem change.
• Spec cleanup.
• Rebuilt for https ://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
• Add hardened build.
• libnet rebuild.
• New upstream.
• Rebuild against PCRE 8.30

Download Ettercap 0.7.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ModSecurity 2.7.0 Stable Release

The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.7.0 Stable Release.The stability of this release is good and includes many new features and bug fixes.

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

Highlights include:

• Internationalization (I18N) Support
• HMAC Token Injection to prevent data manipulation
• PCRE JIT Support to speed up regular expression operators
• Caching Lua VMs to speed up multiple scripts
• Ability to add exceptions based on TAG and MSG data
• Per-rule Performance information in audit log

Download ModSecurity 2.7.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

THC IPv6 Attack Toolkit v2.0 Released

The Hacker's Choice (THC) has release version 2.0 of THC IPv6 Attack Toolkit. New tool added for scanning ipv6 networks. New tools for local network denial of service against Windows and BSD based systems. Made feature 6to4, VLAN-Q/801.1q and PPPoE injection features public. Various updates and fixes.

The THC IPV6 ATTACK TOOLKIT (THC-IPV6) is a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library.

THC's IPv6 tools are made available under the GPLv3 and can be downloaded as a compressed source tarball for self compilation.

Download THC IPv6 Attack Toolkit v2.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Wireshark 1.8.3 Released

Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

Highlights of Wireshark 1.8.3:

• A lot of protocols were updated:

• A bug that caused the HSRP dissector could to go into an infinite loop has been fixed;

• A bug that causeD the PPP dissector to abort has been repaired;

• Martin Wilck discovered an infinite loop in the DRDA dissector. It was fixed;

• HDCP2 now used the correct protocol id;

• Markers are now showed when maps are displayed;

• Truncated/partial JPEG files are now dissected;

• Support for MPLS Packet Loss and Delay Measurement has been implemented;

• A bug that caused Wireshark to crash when VoIP Calls were selected was fixed;

DOWNLOAD WIRESHARK

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ARPwner - Arp poisoning and dns poisoning tool

ARPwner was released at BlackHat USA 2012 by Nicolas Trippar. It is a tool to do arp poisoning and dns poisoning attacks, with a simple gui and a plugin system to do filtering of the information gathered, also has a implementation of sslstrip and is coded 100% in python, so you can modify on your needs.

Download ARPwner

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Antiflood v-1.8.2 with IP tables bash script

This module provides security enhancements against (HTTP) Flood & Brute Force Attacks for native PHP or .NET scripts at web application level. Massive crawling/scanning tools, HTTP flood tools can be detected and blocked by this module via htaccess or iptables, etc. You can use this module by including "iosec.php" to any PHP file which wants to be protected.

Features :

This is a unique project and it is the world's first web application flood guard script.

At web application (scripting) level you can,

- Block proxies. (only via HTTP header)

- Detect flooding IP addresses.

- Slow down or restrict access for automated tools (HTTP flood, brute force tools, vulnerability scanners, etc.)

- Save your server resources (database, cpu, ram, etc.) under an attack.

- Restrict access permanently or temporarily for listed IP addresses in "banlist" file.

- Notify yourself via email alerts when attacks begin.

- Implicit deny for DDoS attacks

Download ANTIFLOOD

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social Engineer Toolkit 4.0 Released

Social Engineer Toolkit or SET updated to V4.0 . The latest version code named is “Balls of Steel.” The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

In New version the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. Additionally, all of the payloads have been heavily encrypted with a number of heavy anti-debugging tools.

The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder).

.

Download Social Engineer Toolkit 4.0:
svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Covert VPN - VPN pivoting technology added to Cobalt Strike / Armitage

Covert VPN is a VPN pivoting technology recently added to CobaltStrike (the commercial Armitage). Once deployed, you have a layer 2 tunnel into your target's network. This allows you to sniff packets,use external tools, host rogue services, and inject spoofed packets.

To activate Covert VPN, right-click a compromised host, go to Meterpreter -> Pivoting -> Deploy VPN. Select the remote interface you would like Covert VPN to bind to. If no local interface is present, press Add to create one.


Check Clone host MAC address to make your local interface have the same MAC address as the remote interface. It’s safest to leave this option checked.Select Inject VPN client into memory to deploy Covert VPN directly into memory. If this box is not checked, Cobalt Strike will upload and execute the Covert VPN client for you. The inject into memory option does not work reliably on Windows Vista, Windows 7, or 64-bit Windows XP.Press Deploy to start the Covert VPN client on the target. Covert VPN requires SYSTEM access to deploy.

A 21-day trial of Cobalt Strike is available to try it out.

Download Cobalt Strike

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Network Security Toolkit v2.16.0-4104 Released

The Network Security Toolkit is bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open SourceNetwork Security Tools. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the Network Security Toolkit distribution.

In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines. Network Security Toolkit also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.

Download Network Security Toolkit v2.16.0-4104

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

PacketFence 3.5.1 - Network access control (NAC) solution

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks

Enhancements

* Configuration item to notify of guest sponsorships by email: guests_self_registration.sponsorship_cc

* Developers guide was migrated from Docbook into the asciidoc format

* Important database performance improvement in VoIP and fingerprint checks

* Improved pfdhcplistener process surveillance (#1490)

Bug Fixes

• FreeRADIUS watchdog updated for 3.5.0 changes (#1514)
• debian packages improvements regarding FreeRADIUS configuration
• cosmetic fix in `pfcmd service status` regarding pfdhcplistener (#1515)
• Guests are not able to confirm registration in some cases – take 2 (#1302)
• Sponsored guests regressions (#1505)
• Keep the PID on node_deregister (#1501)
• Handle the release_date on violation modify (#1474)
• Billing screen does not appear when billing feature is enabled (#1525)
• Web extension point regression (#1507)
• Command parsing issue with `pfcmd person` (#1523)
• pfdhcplistener process name identifies listened to interface (#1478)
• Guest management login and authentication regressions (#1518)
• FreeRADIUS documentation aligned with current practices
• More characters are allowed in password types on CLI and WebAdmin (#848)
• illegal characters in webservices user / pass not properly escaped (#1516)

Download PacketFence 3.5.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ZackAttack - Firesheep NTLM Authentication relaying

It is a new toolkit that helps you with NTLM (NT LAN Manager) security protocol relaying. Not pass the hash kinds, but more on the lines of cross protocol relaying and allow clients to get MS Windows clients to automatically authenticate and relay hashes to via cross protocol relaying.

What is NTLM relaying?

It is a mechanism to relay authentication requests to another target. Interestingly, it does not require an administrative access which means it can be done by any client having no previous access on the network or the system – think a “guest” user! Again with almost all protocols, there is no authentication on the part of the client or the server either – think ARP spoofing.

Though, ZackAttack! is not exactly what it aims to be – FireSheep for NTLM authentication, we know it sure will be soon with the amount of efforts Zack Fasel is putting in.

Components of ZackAttack:

• The Rogue Servers - HTTP and SMB. These get the auth requests and keep recycling them
• The Clients - These connect to target servers and request NTLM creds from the Rogue Servers
• The Rules - Define auto actions to perform upon seeing a user.
• The Payloads - Methods to get users to autoauth with Integrated Windows Auth ergo not prompting the user for auth.

Download ZackAttack

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Etherwall v1.0 Beta 3 - Prevents Man in The Middle (MITM) Attack

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others.

Features

• Daemon Processing
• ARP Packet Filtering
• Point to Point & Point to Multipoint Protection
• Realtime Protection
• System Logging
• Early Warning
• Support for networks Statically, Dynamically, or Both
• Supports for Ethernet Wired & Wireless interface (IEEE 802.3 & IEEE 802.11)
• Plugins / Tools
• Included Man Pages
• Easy to Use and Free

Download Etherwall v1.0 Beta 3

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email