Remove/ Get Rid of Hyper Browser Ads and Deals Thoroughly
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Remove/ Uninstall Optimum PC Boost Fake Antivirus and Fix Chaos
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Acrylic WiFi Free - Real-time WLAN information and network analysis
Acrylic WiFi enables identificating WiFi access points, obtaining information of the security mechanisms and obtaining generic WiFi passwords thanks to a plugins system.
- Access points: WLAN network information (SSID and BSSID) and clients connected to the network.
- Signal level: Signal quality charts (RSSI) of detected devices.
- Inventory: Naming known devices.
- Passwords: WiFi passwords and WPS Keys factory configured.
- Channels: Channel scanner and WiFi networks through channels in 2.4Ghz and 5Ghz.
- Security: Network authentication and security details for WEP, WPA, WPA2 and Enterprise (802.1X).
- Hardware: No special hardware is required for its operation.
Acrylic WiFi Free - Real-time WLAN information and network analysis
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Host-Extract - Enumerate All IP/Host Patterns In A Web Page
This little ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL.
With it, you can quickly identify internal IPs/Hostnames, development IPs/ports, cdn, load balancers, additional attack entries related to your target that are revealed in inline js, css, html comment areas and js/css files.
This is unlike web crawler which looks for new links only in anchor tags (
USAGE:
(you might miss many additional targets if you ever use such web crawler or other GUI-based tools that shows you your main target and its relationship with its linked sub/off-site domains)
In some cases, host-extract may give you false positives when there are some words like - main-site_ver_10.2.1.3.swf.
With -v option, you can ask the tool to output html view-source snippets for each IP/Domain extracted. This will shorten your manual analysis time.
USAGE:
ruby host-extract.rb URL [option]
Usage: host-extract [options]
-a find all ip/host patterns
-j scan all js files
-c scan all css files
-v append view-source html snippet for manual verification
Host-Extract - Enumerate All IP/Host Patterns In A Web Page
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Kats at INTA 4: the Scholarship Symposium
Can any reader think of a more appropriate title for this year's INTA Meeting? |
How greatly have things changed in little more than a decade.
While the scholars prepare to speak, the moderators move in for the kill ... |
Cultural relativity: one person's metaphor is another one's chocolate bar ... |
The Scholarship Symposium no longer needs to justify itself. It has come of age. INTA's decision to encourage academics and students to attend the annual Meeting, and to make it less unaffordable for them to do so, is clearly paying off. The faces of the hard-nosed practitioners (and probably the soft-nosed ones too) and professors showed it all. This is the bit of INTA where theory meets practice, where ideals meet reality -- and these are meetings from which we all gain.
Kats at INTA 4: the Scholarship Symposium
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Tilt - Terminal Ip Lookup Tool
Tilt: Terminal ip lookup tool, is an easy and simple open source tool implemented in Python for ip/host passive reconnaissance. It's very handy for first reconnaissance approach and for host data retrieval.
Features
- Host to IP conversion
- IP to Host conversion
- DNS to IPs
- GeoIP Translation
- Extensive information gathering trough Host-name
- Whois with:
- Registrar info
- Dates
- Name Server
- SiteStatus
- Owner information
- Additional data
- Sub domains
- Percentage of access
- Extensive Name Server
- SOA Records
- DNS Records with extensive data
- Whois with:
- Reverse IP Lookup
- Extensive reverse IP lookup, looking for host with different IP on the same machine
Tilt - Terminal Ip Lookup Tool
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Kautilya v0.4.5 - Pwnage with Human Interface Devices
Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby.
- The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7.
- The Linux payloads are mostly commands in combination with little Bash scripting. These are tested on Ubuntu 11.
- The OS X payloads are shell scripts (those installed by default) with usage of native commands. Tested on OS X Lion running on a VMWare.
Changelog v0.4.5
- Bug fixes and improvements in Time Based Exec. It now supports exfiltration and could be stopped remotely.
- Less lines of code for HTTP Backdoor and Download Execute PS.
- HTTP Backdoor, Download Execute PS, Hashdump and Exfiltrate and Dump LSA Secrets now execute the downloaded script in memory.
- Shortened parameters passed to powershell.exe when the scripts are called. Thus, saving the time in “typing” by HID.
- Added two new exfiltration options, POST requests and DNS TXT records.
- Username and password for exfiltration would be asked only if you select gmail or pastebin.
- Tinypaste as an option for exfiltration has been removed.
- Payloads have been made more modular which results in smaller size.
- Reboot Persistence has been added to HTTP Backdoor and DNS TXT Backdoor.
- Menu redesign.
- Bug fix in Dump LSA Secrets payload.
- Added ./extras/Decode.ps1. Use this to decode data exfiltrated by HTTP Backdoor and DNS TXT Backdoor.
- Added ./extras/Remove-Persistence.ps1. Use this to remove persistence by Keylogger, HTTP Backdoor and DNS TXT Backdoor.
- Kautilya could be run on Windows if win32console gem is installed.
Kautilya v0.4.5 - Pwnage with Human Interface Devices
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5
Exploit WordPress: Optin Pro - File Upload Vulnerability
Once again, i'm not gonna explain anything about this exploit since it is exactly the same as my previous post. So, i'm just gonna give you the dork and exploit.
DORK: inurl:/wp-content/uploads/svp/headerimage/
inurl:/wp-content/plugins/wp_optin_pro/
EXPLOIT:/wp-content/plugins/wp_optin_pro/media-upload.php
SHELL UPLOADED TO: /wp-content/uploads/svp/headerimage/random_id_filename.php
PLEASE REFER MY PREVIOUS POST IF YOU DON'T UNDERSTAND
Exploit WordPress: Optin Pro - File Upload Vulnerability
Reviewed by 0x000216
on
Monday, May 12, 2014
Rating: 5