Sunday, March 28, 2010

Tools Required for Hardcore Hacking



sqlmap 0.6.1
sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.

XSS-Proxy – Cross Site Scripting Attack Tool
XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The documents, tools and other content on this site assume you have a basic understanding of XSS issues and existing exploitation methods. If you are not famliar with XSS, then I recommend you check out the primer links/docs below to get a better of idea of what XSS is and how to detect it, fix it, and exploit it.

lm2ntcrack – Microsoft Windows NT Hash Cracker (MD4 -LM) This tool is for instantly cracking the Microsoft Windows NT Hash (MD4) when the LM Password is already known, you might be familiar with LM Cracking tools such as LCP.

The main problem is you’ve got the LM password, but it’s in UPPERCASE because LM hashes are not case sensitive, so you need to find the actual password for the account.

Web-Harvest – Web Data Extraction Tool
Web-Harvest is Open Source Web Data Extraction tool written in Java. It offers a way to collect desired Web pages and extract useful data from them. In order to do that, it leverages well established techniques and technologies for text/xml manipulation such as XSLT, XQuery and Regular Expressions.

NetStumbler – Windows Freeware to Detects Insecure Wireless Networks
It’s a favourite amongst Windows users, although it can’t do any real hacking (like breaking a WEP key) – it’s extremely fast and effecient in the detection of open WAPs.

Superscan v4.0 – Fast TCP & UDP Port Scanner for Windows
SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.

Windows XP Service Pack 2 has removed raw sockets support which now limits SuperScan and many other network scanning tools. Some functionality can be restored by running the following at the Windows command prompt before starting SuperScan

dnsscan – DNS Open Recursive Resolver Scanner/Scanning Tool
Dnsscan is a tool for finger printing open recursive resolvers. It runs in conjuction with a small server that knows how to reply to queries forwarded from probed resolvers.

Surf Jack – Cookie Session Stealing Tool
A tool which allows one to hijack HTTP connections to steal cookies – even ones on HTTPS sites! Works on both Wifi (monitor mode) and Ethernet.

XTest – VoIP Infrastructure Security Testing Tool
XTest is a simple, practical, and free, wired 802.1x supplicant security tool implementing the RFC 3847 EAP-MD5 Authentication method. It can be used to assess the password strength within wired ethernet environments that rely on 802.1x to protect IP Phones and the VoIP Infrastructure against rogue PC access.

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows
PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.

PAW/PAWS – Python Advanced Wardialing System
PAW / PAWS is a wardialing software in python. It is designed to scan for ISDN (PAWS only) and “modern” analog modems (running at 9.6kbit/s or higher). Wardialing tools are – despite their martialic naming – used to find nonauthorized modems so one can disable those and as result make access to the internal network harder.

Wireshark v1.0.0
Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.

Goolag – GUI Tool for Google Hacking
cDc (Cult of the Dead Cow) recently released a GUI driven tool for Google Hacking called Goolag.

Kismet – Wireless Network Hacking, Sniffing & Monitoring
Kismet is one of foundation tools Wireless Hacking, it’s very mature and does what it’s supposed to do.

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic

fEvicol v1.0
fEvicol v1.0 is a simple executable(exe)+JPEG image(jpg) binder. The icon of the binded executable is configurable, Lauches both the executable and picture when lauched. Check ReadMe.txt for more details.

MSN Password Finder v2.0 for Win XP/2003
MSN Password Finder v2.0 for Windows XP & 2003, reveals the stored[saved] MSN Messenger Password on the computer. This new version is compatible with the new-method of storing passwords. Tested on WinXP SP2 with MSN Messenger 7.0

Password Revealer For Internet Explorer
Password Revealer for Internet Explorer reveals whats behind the asterisks (***) in a web-page. Can be used to viewing password that has just been typed in password-field (see Screensot). Requires Microsoft .NET Runtime.

peck v1.0
peck v1.0 is PE [Portable Executable] Signature Scanner – Detects Packers / Cryptors / Compilers etc..

Password-Revealer
Password Revealer ( less than 5KB in size ) is a useful utiltity that reveals the password stored behind the asterisks (“****”) in ordinary password fields. Works in Windows 9x,2000,XP,2003

TinyWebCamViewer
Tiny Web Cam Viewer (2.26KB in size), is a pocket sized utility that you can use to view through your webcam.

MSN Password Finder v1.0

Finds the MSN Messenger Password stored on your computer. Works only in cases where the current-user has chosen to remember the pass in MSN Messenger. Works with MSN Messenger 6.x, 7.x .. Tested on Win2K, WinXP. Njoi!!

SixthSense [RC2]
SixthSense RC2 [Release Candidate 2] Has Now IP Address revealing function. It exploits a flaw found in MSN Messenger 6.0 or lower, or Windows Messenger to get the IP Address. [Use a Sniffer and find out what the program is doing , don't mail me asking for it ]

IceCold ReLoaded
IceCold ReLoaded has the same functionality IceCold, but has been updated with the new msn protocol. IceCold ReLoaded is capable of locking or freezing an MSN Passport Account (@hotmail.com, @msn.com etc..). This person won’t be able to access his/her hotmail account, sign into msn messenger etc.. is IceCold ReLoaded is launched on his/her account. The person can resume the normal activities as soon as IceCold ReLoaded is stopped.

Due to the unethical nature of this program, I would advice the users to use the program wisely.

IceCold (Obsolete)
IceCold can be used to Freeze an MSN Passport Account. Can disallow a person from accessing his hotmail mailbox, msn messenger etc.. Please use IceCold ReLoaded for the purpose.. this version has been posted here only for historical purposes.

FUn WIth MSN v1.0
Add fake plugins/application names to your MSN Messenger to have some fun with your MSN Buddies…

CusExt
CusExt is a simple program to associate an extension with a program.

Avril
Avril is a simple multi-threaded bulk mailer. Highly Buggy S/W!!

Avril Source Code – zip file is password protected.. break it (its really easy. and have the source code.. don’t mail me asking for the password.)

Kutty
The World’s Smallest PE [ Portable Executable]. Its only 513 bytes in size!! Tested in Win98SE & WinXP..

Chota
Chota Add-On -by- da_neural
The World’s Smallest Keylogger!! Its only 724 bytes!! It logs the keys to C:.SYS. Please read Info.txt ( in chota.zip ) for more information on this tiny keylogger!

BIOS Password Remover
The program tries to remove the bios password. It seems to work only in AWARD bios and a few older older bios. Please read the ReadMe.txt before using the program.. Author takes no responsibility for any damage caused by the use of this program!! Works in Win9x/ME ONLY!!!

MSN Password Decryptor v2.0 (Obsolete)
Decrypts the encrypted password stored in the registry. Works only in cases where you’ve chosen to remember the pass in MSN Messenger. (Now. Works with newer MSN version.. tested it on Win98SE only!!)

RoBis v1.0
RoBis is a simple anonymous mailer with a special feature that you needn’t specify an SMTP Server to send a mail. RoBis queries the DNS server for mail exchange server of the receipient’s e-mail address and sends it..

It works on most servers.. i tested it on yahoo, hotmail, rediffmail, gmx, vsnl, sify and eth accounts..

Hanuman Server
Hanuman Server is a simple daemon that runs on port 3333 (0xD05) which give a DOS Shell to anyone who connects to that port..

PortScan
PortScan is a simple port scanner that scans about 28 know ports under port no. 127.. it may fail in slow internet connections

Gorgons
[ Boring Saturday Evening Product ]
It just kills the foreground window, in case it has any of the keywords specified in Gorgons.txt ( editable ). It doesn’t install itself, so, you’ll have to put a short cut in startup folder or modify the registry. It can be used to kill pop-up ads, porno sites etc..

KillSSKC
KillSSKC is an uninstaller for SSKC v1.x, v2.0. It searches in process list to locate the SSKC by name and if located deletes the EXE and the DLL.

PEncrypt v4.0Ø
Nice few improvement from the previous version. Catches few more Application level debuggers, Tracers etc.. Beats detection by AVP (most of the times)

SSKC v2.0 (BugFixed)
SSKC v2.0 ( Super Stealth Key Capturer) is a keylogger with SMTP support. It can kill AntiVirus and FireWalls and similar applications. It comes with a config utility TweakSSKC. Have FUN!!! ( thanx toma iulica for reporting the bug )

ELFCrypt v1.0
A small update to v0.666. Download Source!

AntiCrypt
A Generic OEP (Original Entry Point) Seeker… read README.TXT for more details!

CHTML
CHTML – Crypted Hyper Text Markup Language… A utility that CRYPTS normal HTML pages so that its source remains senseless to a casual _code stealer_

UE
Unkracable Encryption – Create Self Extractable Encryped Files

DeRAR
Extract Your RAR Archives Quickly – Very Fast Unarchiver

OrDidI
SMTP Client – Send Your Mail Anonymously – Very Fast, Robust …

FAT32Exp
Explorer Program similar to Norton Commander,.. Browse thru folder, open files, execute ‘em and more..

VBscrypt
Visual Basic Script Encrypting Tool. Decryptors are polymorphic with random variables of variable length.

Valhalla
Valhalla “the unlimited digits” Calculator. It has some funcitons like GCD, Prime Checking, Perfect Square Checking etc..

Patch Maker
Its a small yet efficient patch maker.. which i have christened it as ‘A Silly Patch Maker’. Please read Instruction before using it.

No comments:

Post a Comment

Welcome to my site
powered by Mypagerankcheck