Learn Cyber Security

Hack WPA2-PSK clients with Key Re-installation Attacks

2017-10-16T03:00:00.000-07:00

Mathy Vanhoef discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive

WannaCry Ransomware | Solution | Fix

2017-05-20T07:18:00.000-07:00

Since the WannaCry ransomware ripped through the internet in May 2017, infecting hundreds of thousands of machines and locking up critical systems from health care to transportation, cryptographers have searched for a cure. Finding a flaw in WannaCry’s encryption scheme, after all, could decrypt all those systems without any ransom. Now one French researcher says he’s found at least a hint of

Hack Clash of Clans , Coins, elixir, Gems,

2016-12-26T11:44:00.001-08:00

freemium mobile MMO strategy video game Clash of clans developed and published by Supercell. August 2, 2012, The game was released for iOS platforms and on October 7, 2013 on Google Play for Android. you can easily cheat coc or coc hack is not a big deal. Click here to Download Android Apk To generate onlineClick Here

Sharing my Penetration Testing Tools with Source

2013-12-31T10:56:00.000-08:00

After conducting Penetration Tests over the last 15 years i have a huge collection of windows and linux tools which help you to conduct penetration tests. They cover what backtrack tools, nessus, metasploit and many other cool dev's did not do the job for me.Tool categories are:webscanner, smtp scanner, ipv6 scanner, android trojans, stealth keyloggers, stealth remote control software

WordPress Asset-Manager PHP File Upload Vulnerability

2012-12-29T13:41:00.000-08:00

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' require 'msf/core/exploit/php_exe' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf

Executing SMB Relay Attacks via SQL Server using Metasploit

2012-12-29T13:35:00.005-08:00

In this blog, I’ll provide a brief overview of SMB Relay attacks and show how they can be initiated through a Microsoft SQL Server. I will also provide some practical examples that show how to use new Metasploit modules to gain unauthorized access to SQL Servers during a penetration test. Below is a summary of what will be covered in this blog: A Brief History of SMB Relay Using SQL

SQL Fingerprint Xmas Released

2012-12-29T13:32:00.002-08:00

Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions

Online Penetration Testing Tools [Private]

2012-09-24T10:57:00.000-07:00

Word Press Remote Code Execution , BruteForce via IP , Theme ScaNne via IP , Theme ScaNne , Site Extracte. Joomla Turbo Brute Force , Token ScaNe Server, ScaNner Site Extracte, vBulletin vB SQL[4.0.x =>4.1.3] , vB Brut Force [Proxy] Sql SQL Server ScaNne, SQL Target ScanNer, SQL Dork ScaNne, SQL Injection Helpe,r Admin Finder. LFI LFI Server ScaNner, LFI ToOl'z Kit, LFI Inject Shell, LFI

Metasploit Nmap Version

2012-07-24T11:52:00.000-07:00

For those of you wondering why metasploit uses nmap 5.61 instead of 6.01 when you do an nmap scan in metasploit its because metasploit has its own nmap built in and the metasploit devs haven't upgraded it yet if you want to use Nmap 6.01 in metasploit do the following. Code: su mv /opt/metasploit/common/bin/nmap /opt/metasploit/common/bin/nmap.bak ln -s /usr/local/bin/nmap /opt/metasploit/common

Metasploit Penetration Testing Cookbook

2012-07-23T12:17:00.000-07:00

Download Metasploit Penetration Testing Cookbook Set up a complete penetration testing environment using metasploit and virtual machines Learn to penetration-test popular operating systems such as Windows7, Windows 2008 Server, Ubuntu etc. Get familiar with penetration testing based on client side exploitation techniques with detailed analysis of vulnerabilities and codes Avail of exclusive

Real-World Security Tests Using Metasploit

2012-07-23T11:40:00.000-07:00

The Perl-based Metasploit was designed to be a robust exploit development system. It just so happens that you can use it to run previously developed exploits against your own systems. You can use its security testing features to see if your systems vulnerable to penetration and how they react when specific payloads are sent their way. Outside of common Web application tests such as SQL

Owasp Xelenium - XSS Scanner

2012-07-23T11:12:00.000-07:00

Xelenium is a security testing tool that can be used to identify the security vulnerabilities present in the web application. Xelenium uses the open source functional test automation tool 'Selenium' as its engine and has been built using Java swing. Xelenium has been designed considering that it should obtain very few inputs from users in the process of discovering the bugs. Current

Download BackTrack 5 R2

2012-03-12T05:28:00.000-07:00

BackTrack 5R2 comes in several flavours and architectures. Download BackTrack 5R2 32bit Gnome Download BackTrack 5R2 32bit KDE DownloadBackTrack 5R2 64bit Gnome Download BackTrack 5R2 64bit KDE

Metasploit Framework Post Exploitation - Windows Security Center

2012-01-13T20:20:00.000-08:00

Quick demo as part of post exploitation phase with Metasploit Framework and some tips about the Windows Security Center and the system notifications

DEFT Linux 7 Computer Forensic Live Cd - Released

2012-01-13T20:15:00.000-08:00

DEFT (Digital Evidence & Forensic Toolkit) is a customised distribution of the Lubuntu live Linux CD. It is an easy-to-use system that includes excellent hardware detection and some of the best open-source applications dedicated to incident response and computer forensics. New features: - Based on Lubuntu 11.10 - Installable Distro - Linux kernel 3.0.0-12, USB 3 ready - Libewf 20100226 -

Hack Windows 7 with Metasploit

2012-01-12T17:22:00.000-08:00

In this tutorial i will exploit a Windows 7 Sp1 OS using Metasploit. i will be using the exploit/multi/handler module which “provides all of the features of the Metasploit payload system to exploits that have been launched outside of the framework“ Before we fire up Metasploit, we need to create a payload in order to gain a meterpreter shell. To create a payload type this in the terminal without

MS11-100 DoS PoC exploit published

2012-01-09T14:34:00.001-08:00

If you have not patched yet for vulnerability MS11-100 you might want to do it ASAP, because the DoS PoC exploit for this vulnerability has been published three days ago. More information about the vulnerability and patches at http://technet.microsoft.com/en-us/security/bulletin/ms11-100

Simple Mail Server - SMTP Authentication Bypass Vulnerability

2012-01-09T14:30:00.000-08:00

Title: Simple Mail Server - SMTP Authentication Bypass Vulnerability Software : Simple Mail Server Software Version : 2011-12-30 Vendor: http://simplemailsvr.sourceforge.net/ Class: Origin Validation Error CVE: Remote: Yes Local: No Published: 2012-01-08 Updated: CVSS2 Base: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) Impact : Medium (4 < 6.4 < 8) Bug Description : Simple

Perform Smart SSL Cipher Enumeration:SSL Smart

2012-01-06T07:42:00.000-08:00

SSLSmart, a highly flexible and interactive tool aimed at improving efficiency and reducing the false positives during SSL testing. Among other things, SSLSmart simply an advanced and highly flexible Ruby based smart SSL cipher enumeration tool. It is an open source, cross platform, free tool. It was programmed because a number of tools on the Windows platform allow users to test for supported

Bypass Intrusion Detection/Prevention Signatures

2011-12-31T13:24:00.000-08:00

*Please note that this does not include the multitude of configuration errors (disabled by default checks like POST search/bad preprocessor configurations like minimum fragment length) nor network vs. host-based issues like fragment reassembly.For configuration errors by default, please check http://cvs.snort.org....cgi/snort/doc/ and read appropriate preproc documents for disabled checks. By

Writing Shell Code On/For Windows

2011-12-31T13:17:00.000-08:00

IntroductionThis article/tutorial assumes you have some common sense and some knowledge.I won't be explaining what shell code, DLL's, Memory Adresses etc...You should know that before starting on this.EnvironmentInitially we will be focusing on creating Windows Assembly; however, Linux is reallygood for developing assembly and shell code. But because we are on windows we'lluse Cygwin.Download the

Password Security Scanner v.1.00

2011-12-31T13:10:00.000-08:00

This utility scans the passwords stored by popular Windows applications (Microsoft Outlook, Internet Explorer, Mozilla Firefox, and more...) and displays security information about all these passwords. The security information of every stored password includes the total number of characters, number of numeric characters, number of lowercase/uppercase characters, number of repeating characters,

How To Hack Facebook

2011-11-28T13:18:00.000-08:00

After watching this video you are now able to build keylogger server with default options for some advance options you can explore various builder functions. Last Update Date: 10/11/2011 (Curing update.) Latest Version: v1.78 Project Neptune (1.7 MiB ) Project Neptune includes many features that separate it from other programs and simply make it the best. Each of it,s functions are entirely

Free Comodo Internet Security Pro 2012 one year license key

2011-10-21T12:30:00.000-07:00

Comodo Internet Security Pro 2012 which is priced at $49.99. This promo will allow users to use the latest pro version completely free for a year. Free Comodo Internet Security Pro 2012 Comodo Internet Security Pro comes with powerful cloud based Antivirus, Antispyware, and an excellent award winning firewall with defense plus technology that provides high-level of protection. The 2012

Official GNOME Shell Extensions

2011-10-17T05:30:00.000-07:00

Official GNOME Shell Extensions Available In The WebUpd8 GNOME 3 PPA For Ubuntu 11.10The latest official GNOME Shell Extensions (version 3.2.0) are now available in the WebUpd8 GNOME 3 PPA for Ubuntu 11.10 Oneiric Ocelot. This PPA is an attempt to have all the stable GNOME 3.2 packages that aren't available in the official Ubuntu 11.10 repositories in a single place. Please note that I did not