Posts Tagged ‘Hacking Tools’

The T50 v5.3 includes:

  1. New License: It is, finally, licensed under GPL Version 2.0. Please, refer to LICENSE document for further information.
  2. CIDR Support: Classless Inter-Domain Routing support for destination IP address, using a really tiny Calgorithm. This would allow the T50 v5.3 to simulate DDoS in a laboratory environment.

      001 netmask = ~(all_bits_on>>cidr);
      002 hostid = (int)(pow(2,(32-cidr))-2);
      003 __1st_host = (ntohl(addr)&netmask)+1;
      004 __lst_host = (ntohl(addr)&netmask)+hostid;

  3. ELEVEN NEW Protocols: ELEVEN (11) more protocols supported by T50 v5.3 (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP, AH, EIGRP and OSPF).
  4. Exotic Protocols: Advanced options and protocol crafting for RSVP, EIGRP, OSPF and GRE were added, allowing users to make any combination while using those exotic protocols. By the way, EIGRP is a proprietary protocol developed by CISCO Systems, Inc.
  5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC, SACK, MD5 and TCP-AO) are supported to improve the TCP protocol.

download t50 http://www.4shared.com/file/Zja31l82/t50-245r-H2HC.html

[videolog 614528]

Advertisements

wifite is created to to attack multiple WEP and WPA encrypted networks at the same time. This tool is customizable to be automated with only a few arguments and can be trusted to run without supervision.

features

  • sorts targets by power (in dB); cracks closest access points first
  • automatically deauths clients of hidden networks to decloak SSIDs
  • numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
  • customizable settings (timeouts, packets/sec, channel, change mac address, ignore fake-auth, etc)
  • all WPA handshakes are backed up to wifite.py’s current directory
  • smart WPA deauthentication — cycles between all clients and broadcast deauths
  • stop any attack with Ctrl+C — options: continue, move onto next target, skip to cracking, or exit
  • switching WEP attack methods does not reset IVs
  • intel 4965 chipset fake-authentication support; uses wpa_supplicant workaround
  • SKA support (untested)
  • displays session summary at exit; shows any cracked keys
  • all passwords saved to log.txt
  • built-in updater: ./wifite.py -upgrade

more info & download

Arachni is a feature-full and modular Ruby framework that allows penetration testers and administrators to evaluate the security of web applications Arachni is smart, it trains itself with every HTTP response it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while traveling through each path of a web application’s cyclomatic complexity. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.

The project aims to:

  1. Provide a stable and efficient framework
    Developers should be allowed to easily and quickly create and deploy modules with the minimum amount of restrictions imposed upon them, while provided with the necessary infrastructure to accomplish their goals. Module writers should be able to take full advantage of the Ruby language under a unified framework that will increase their productivity without stifling them or complicating their tasks. Basically, give them the right tools for the job and get the hell out of their way.
  2. Be simple
    Well, not simple in general…some parts of the framework are fairly complex. However, the module and report APIs are very similar and very simple.
  3. Be developer and user friendly
    Users should be able to make the most out of Arachni without being confused or overwhelmed. Developers unfamiliar with the framework should be able to write working modules and reports immediately after a small glance at an existing one.

more info & download

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. WeakNet Linux IV was built from Ubuntu 9.10 which is a Debian based distro. All references to Ubuntu have been removed as the author completely re-compiled the kernel, removed all Ubuntu specific software which would cause the ISO to bloat, and used a non-Ubuntu-traditional Window Manager, with no DM. To start X11 (Fluxbox) simply type “startx” at the command line as root.

The tools selected are those that the developer feels are used most often in pen-tests. A sample of those included are:

  • BRuWRT-FORSSE v2.0
  • Easy-SSHd
  • Web-Hacking-Portal v2.0
  • Perlwd
  • Netgh0st v3.0
  • YouTube-Thief!
  • Netgh0st v2.2
  • DomainScan
  • ADtrace
  • Admin-Tool
  • Tartarus v0.1

A full list of applications is here:

WeakNet Linux Applications List

You can also get the guide here:

Official WeakNet Linux WEAKERTHAN System Administration Guide [PDF]

Hardware Requirements

This distro boots to a command line by default, so they are quite minimal. For Fluxbox, the recommended specs are:

  • 256 MiB of system memory (RAM)
  • 2 GB of disk space
  • Graphics card and monitor capable of 800×600 resolution

more info & download