TXDNS v 2.2.1 - Aggressive multithreaded DNS digger

TXDNS is a Win32 aggressive multithreaded DNS digger. Capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal is to expose a domain namespace trough a number of techniques:

-- Typos: Mised, doouble and transposde keystrokes;

-- TLD/ccSLD rotation;

-- Dictionary attack;

-- Full Brute-force attack: alpha, numeric or alphanumeric charsets.

New features:

• Support AAAA(IPv6)record queries:
• -rr AAAA;
• Rewrite summarizing statistics using a thread-safe algorithm instead mutex.

Bug fixes:

• Fixed a problem when running under Windows XP;
• Fixed a problem when parsing a IPv6 address.
• November 9th, 2012 by Arley Silveira

Download Here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Wireshark 1.8.3 Released

Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

Highlights of Wireshark 1.8.3:

• A lot of protocols were updated:

• A bug that caused the HSRP dissector could to go into an infinite loop has been fixed;

• A bug that causeD the PPP dissector to abort has been repaired;

• Martin Wilck discovered an infinite loop in the DRDA dissector. It was fixed;

• HDCP2 now used the correct protocol id;

• Markers are now showed when maps are displayed;

• Truncated/partial JPEG files are now dissected;

• Support for MPLS Packet Loss and Delay Measurement has been implemented;

• A bug that caused Wireshark to crash when VoIP Calls were selected was fixed;

DOWNLOAD WIRESHARK

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Snort 2.9.4Beta Released

Snort 2.9.4 Beta is now available on snort.org. Snort is a powerful network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks.

Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.

Snort 2.9.4Beta release

• Consolidation of IPv6 — now only a single build supports both IPv4 & IPv6, and removal of the IPv4 “only” code paths.
• File API and infrastructure improvements to file processing for HTTP downloads and email attachments via SMTP, POP, and IMAP to facilitate broader file support
• Use of address space ID for tracking Frag & Stream connections when it is available with the DAQ
• Logging of packet data that triggers PPM for post-analysis via Snort event
• Decoding of IPv6 with PPPoE

Download Snort

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social Engineer Toolkit 4.0 Released

Social Engineer Toolkit or SET updated to V4.0 . The latest version code named is “Balls of Steel.” The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

In New version the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. Additionally, all of the payloads have been heavily encrypted with a number of heavy anti-debugging tools.

The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder).

.

Download Social Engineer Toolkit 4.0:
svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Network Security Toolkit v2.16.0-4104 Released

The Network Security Toolkit is bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open SourceNetwork Security Tools. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the Network Security Toolkit distribution.

In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines. Network Security Toolkit also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.

Download Network Security Toolkit v2.16.0-4104

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

PacketFence 3.5.1 - Network access control (NAC) solution

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks

Enhancements

* Configuration item to notify of guest sponsorships by email: guests_self_registration.sponsorship_cc

* Developers guide was migrated from Docbook into the asciidoc format

* Important database performance improvement in VoIP and fingerprint checks

* Improved pfdhcplistener process surveillance (#1490)

Bug Fixes

• FreeRADIUS watchdog updated for 3.5.0 changes (#1514)
• debian packages improvements regarding FreeRADIUS configuration
• cosmetic fix in `pfcmd service status` regarding pfdhcplistener (#1515)
• Guests are not able to confirm registration in some cases – take 2 (#1302)
• Sponsored guests regressions (#1505)
• Keep the PID on node_deregister (#1501)
• Handle the release_date on violation modify (#1474)
• Billing screen does not appear when billing feature is enabled (#1525)
• Web extension point regression (#1507)
• Command parsing issue with `pfcmd person` (#1523)
• pfdhcplistener process name identifies listened to interface (#1478)
• Guest management login and authentication regressions (#1518)
• FreeRADIUS documentation aligned with current practices
• More characters are allowed in password types on CLI and WebAdmin (#848)
• illegal characters in webservices user / pass not properly escaped (#1516)

Download PacketFence 3.5.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

jNetPort – Active monitoring tool

jNetPort is a complete Java based active monitoring tool and network status display. It includes a graphic user interface for multiple port scanner engines (including Nmap) with multitasking environment (allowing to do multiple scans at the same time), graphic ping tool, traceroute tool with worldwide IP location display, and a complete statistics section which allows to display plots and compare and save results.

Download jNetPort

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Etherwall v1.0 Beta 3 - Prevents Man in The Middle (MITM) Attack

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others.

Features

• Daemon Processing
• ARP Packet Filtering
• Point to Point & Point to Multipoint Protection
• Realtime Protection
• System Logging
• Early Warning
• Support for networks Statically, Dynamically, or Both
• Supports for Ethernet Wired & Wireless interface (IEEE 802.3 & IEEE 802.11)
• Plugins / Tools
• Included Man Pages
• Easy to Use and Free

Download Etherwall v1.0 Beta 3

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

NmapSi4 v 0.3.2 - Easy Gui version of Nmap

NmapSi4 is a complete Qt4-based Gui with the design goals to provide a complete nmap interface for Users, in order to menage all option of this power security net scanner and search services vulnerability.

• Traceroute support with nmap.
• Host Lookup with internal implementation or dig.
• Search services vulnerabilities with webkit dedicated browser.
• Full nmap nse support.
• Search network ips with "Network Discover" tool.
• Support for create scan user profile. (>= 0.3.70 -- new profiler)
• Host scan with nmap. (>= 0.3.70 -- new nmap options in profiler)

Download NMAPSI4 v 0.3.2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

NetworkMiner 1.4 Released

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.

NetworkMiner collects data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main user interface view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames).

Change log:

• DhcpPacketHandler.cs: DHCP option data is now extracted to the parameters tab. Thanks to Paul Cockayne for the idea.
• IPv4Packet.cs: Fragmented IPv4 packets are now properly reassembled to full IP packets with payload.
• IEC_60870-5-104Packet.cs: Implemented the SCADA protocol IEC 60870-5-104. Thanks to Aivar Liimets from Martem for his great support on this one!
• PacketHandler.cs: Added proper timestamps to detected anomaly events and improved ARP poisoning reporting to anomalies tab.
• NetworkMinerForm.cs: Verification of file extention is completely removed. Files with any extention can now be loaded, as long as they are valid libpcap files.
• NetworkMinerForm.cs: Added “Clear GUI” button to Tools menu.
• NetworkMinerForm.cs: Added option to show/hide cookies, NTLM challenge-responses as well as the ability to mask passwords in credentials tab.

Download NetworkMiner

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Wireshark 1.8.2 Released

Wireshark is a network protocol analyzer, or "packet sniffer", that lets you capture and interactively browse the contents of network frames. It provides a commercial-quality packet analyzer for Unix, and the most useful packet analyzer on any platform.

Multiple vulnerabilities have been fixed. Many other bugs have been fixed.

Download Wireshark 1.8.2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Junkie The network sniffer v 2.2.0

Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. 

Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as completely as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.

Faster deadlock detection. Can replay pcaps in a loop. Can now pass nettrack values to a guile action. More documentation (in doc/). Support for multi-line HTTP headers. Guile files are pre-compiled before installation (see ./configure –help)

Download Junkie The network sniffer v 2.2.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Ostinato : Packet/Traffic Generator and Analyzer

Ostinato is an open-source, cross-platform network packet crafter/traffic generator and analyzer with a friendly GUI. Craft and send packets of several streams with different protocols at different rates.

Features

• Runs on Windows, Linux, BSD and Mac OS X (Will probably run on other platforms also with little or no modification but this hasn't been tested)
• Open, edit, replay and save PCAP files
• Support for the most common standard protocols
• Ethernet/802.3/LLC SNAP
• VLAN (with QinQ)
• ARP, IPv4, IPv6, IP-in-IP a.k.a IP Tunnelling (6over4, 4over6, 4over4, 6over6)
• TCP, UDP, ICMPv4, ICMPv6, IGMP, MLD
• Any text based protocol (HTTP, SIP, RTSP, NNTP etc.)
• More protocols in the works ...
• Modify any field of any protocol (some protocols allow changing packet fields with every packet at run time e.g. changing IP/MAC addresses)
• User provided Hex Dump - specify some or all bytes in a packet
• User defined script to substitute for an unimplemented protocol (EXPERIMENTAL)
• Stack protocols in any arbitrary order
• Create and configure multiple streams
• Configure stream rates, bursts, no. of packets
• Single client can control and configure multiple ports on multiple computers generating traffic
• Exclusive control of a port to prevent the OS from sending stray packets provides a controlled testing environment
• Statistics Window shows realtime port receive/transmit statistics and rates
• Capture packets and view them (needs Wireshark to view the captured packets)
• Framework to add new protocol builders easily

Demo

Download Ostinato

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

The Network Diagnostic Tool (NDT) v 3.6.5 released

The Network Diagnostic Tool (NDT) is a client/server program that provides network configuration and performance testing to a users desktop or laptop computer. The system is composed of a client program (command line or java applet) and a pair of server programs (a webserver and a testing/analysis engine). Both command line and web-based clients communicate with a Web100-enhanced server to perform these diagnostic functions. Multi-level results allow novice and expert users to view and understand the test results.

How-To Setup your Own NDT Server

Download The Network Diagnostic Tool (NDT) v 3.6.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Network Tracking Database v1.10.2 released

NetDB tracks all MAC addresses on your switches and ARP entries on your network over time. It supports extensive switch, VLAN and vendor code reports from a CLI or Web App. Can generate CSV reports, track the usage of static addresses and much more.

What's new in v1.10.2:

- See the UPGRADE document before installing

- Added dedicated NX-OS scraper, devtype nxos. Improved NX-OS support

for descriptions. Old scraper still supports NX-OS but support will

be dropped in v1.11 in favor of the nxosscraper.

- Ability to configure use_trunks from the devicelist.csv file

- Improved secondary credential support and login error messages

- Added use_fqdn knob in netdb.conf to use the FQDN for switch names

instead of just hostnames (changing this on an existing database will

destroy historical data on switches because the names will all change)

Major Features:

• Track all entries in your MAC and ARP tables across your network routers and switches over time
• Track the usage of static IP addresses and generate reports for static address recovery
• Generate switch reports to recover unused ports or plan for network upgrades
• Find all switchports configured for a vlan and find what devices if any have been connected
• Find all devices on a VLAN and the last time they were online
• Quickly track down a problem with a device and locate its current state on the network or last connected state
• Includes a command line tool and an easy to use web interface with access control
• Web interface includes sortable columns and access controls
• Generate CSV reports from the web interface or the command line
• Change VLANs from the web interface with access controls on a per switch or per user basis
• Send Wake On Lan packets from the Web Interface to remotely wakeup workstations
• Fast imports, pulls data from 1,000 or more network devices in under five minutes (depends on the hardware used)
• Support for VRFs and almost every modern Cisco IOS and NX-OS device
• Support for port security, port-channels and trunk ports for VMWare and phones
• Optional graphing through MRTG to track the usage trends on your network
• Optionally integrate NAC registration data to retrieve user registration information based on the mac address

Security

• Runs everything as the netdb user
• Uses and/or SSH/Telnet to gather information from your devices and does not require write access
• Does not use SNMP, so no security issues or MIBs to deal with
• Web Interface has access controls to restrict the information users can access based on their userid
• Web Interface is hardened

Download Network Tracking Database v1.10.2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Finddomains - Reverse IP lookup Tool

FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system. It retrieves domain names/web sites which are located on specified ip address/hostname.

In order to use FindDomains :
Create an appid from "Bing Developers", this link.
It'll be like that : 32AFB589D1C8B4FEC73D4BCB6EA0AD810E0FA2C7
When you have registered an appid, enter it to the "appid.txt" which is on program directory.

Some outlines :

• Uses Bing search engine. Works with first 1000 records.
• Multithreaded on crawling and DNS resolution.
• Performs DNS resolution for extracted domains to eleminate cached/old records.
• Has a console interface so it can be very useful with some command-line foo.
• Works with Mono. But running under Windows is more efficient.

Sample usage :
FindDomains.exe 1.2.3.4
FindDomains.exe www.hotmail.com

Download FindDomains

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Arper : Fast Arp network scan for windows

Arper is the Fastest Arp network scan for windows.

It Scans LAN for arp packets and stores the ip and mac addresses development on arpscannet has stopped moved to google code.

Download Arper

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Inguma v 0.4 - Penetration testing and vulnerability research toolkit

Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits.

While the current exploitation capabilities in Inguma may be limited, this program provides numerous tools for information gathering and target auditing.

The biggest changes are:

• The GUI has been modified and cleaned in order to give more space to the most active areas like the network map, the RCE interface or the exploits/fuzzing areas.
• We have updated Bokken subproject to the last stable version available, v1.0. It features an interactive mode, better code disassembly and analysis and better integration with Inguma's GUI. More information about Bokken can be found here.
• The systray functionality allows now to hide the Inguma GUI while it's working and it will warn you once the running modules have finished.
• A new fuzzing tab has been added to the Exploits workspace with two different fuzzers: Krash and Scapy.
• The CLI interface has received some attention again and a few new shortcuts like '?' for help or '..' to go back to the main menu are now available in nearly all the modules.
• Inguma CLI now works better on MacOS with autocompletion and key bindings.
• All the fuzzing modules are now under the fuzzers category and have been fixed.
• Minor changes here and there.
• Lots of code refactoring and bugs fixed.

Get Inguma Package Installation Guide here and How to use, Quick Start also published by Author.

DOWNLOAD INGUMA v 0.4

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Wireshark 1.8.0 - Now Capture from multiple interfaces

Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible.You could think of a network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable (but at a higher level, of course).

Version 1.8.0 of the open source, cross-platform tool used for network troubleshooting, analysis, development and education also includes support for GeoIP IPv6 databases, and now allows users to add, edit and save packet and capture file annotations.

DOWNLOAD WIRESHARK 1.8.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Ip phone Scanning Made Easy (ISME) v 0.4 Released

Ip phone Scanning Made Easy (ISME) scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN.

It seeks to get the phone's configuration file directly from a TFTP server, enable SIP/SIPS (TCP/UDP), communicate with an embedded Web server and Web server banner, identify the editor by MAC address, and identify potential default login/password combinations which should be changed. Get Documentation, Setup And Installation.

CHANGES V0.4 :

• Add Cisco phone attacks (ringer & forwarder – skinny)
• Add Lan & Servers attacks (DHCP Starvation & DNS Subnet resolver)

Download ISME v0.4

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email