HaraldScan - Bluetooth Discovery tool.
The scanner will be able to determine Major and Minor device class of device, as well as attempt to resolve the device’s MAC address to the largest known Bluetooth MAC address Vendor list.
The goal of this project is to obtain as many MAC addresses mapped to device vendors as possible.
Currently It has stable version for Linux Only.
Download here
Another question, What is the requirements and how to use this tool?
How to install and use this tool? Read it here
Posted in Penetration Testing, Wireless.
Tagged with Bluetooth, Free Scanner, HaraldScan, Penetration Testing, Wireless security.
By Syed Alam
– August 23, 2009
Stoned BootKit is a new Windows bootkit which attacks all Windows version from XP up to 7. It is loaded before Windows Starts and is memory resident up to the Windows Kernel. Thus stoned gains access to the entire system. It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot application and much more. The project is party published as open source under the European Union Public License.
Stoned…
- is a software in the Master Boot Record, with the target to be memory resident up to the Windows Kernel.
- attacks Windows XP, Server 2003, Vista, Server 2008,7
- Supporting architecture :IA32, AT Architecture (IBM-conforming)
- full featured, including own file system drivers for FAT and NTFS!
- supports different boot media, hard disk, removable-media, cd, dvd, flash drives, network..
- there will be new versions, plugins and updates!
It has been sucessfully tested and verified on following systems:
- Windows 2000 SP4
- Windows XP SP2
- Windows XPSP3
- Windows Server 2003
- Windows Server 2003 R2 SP2
- Windows Vista
- Windows Vista SP1
- Windows Server 2008
- Windows 7 Build 6801
- Windows 7 Beta
- Windows 7 RC
- Winodows 7
- DiskCryptor 0.8
- TrueCrypt 6.1a
- TrueCrypt 6.2
- TrueCrypt 6.2a
- Bochs 2.4.1
- VMWare Workstation 6.5.0
Download from here
Posted in Security tools.
Tagged with Opensource, Security tools, Windows.
By Syed Alam
– August 16, 2009
UWSS stands for Uber Web Security Scanner is an opensource tool which can also act as a fuzzer whose objective is to probe the application with various crafted attack strings.
- Generic : UWSS simple sends requests without any additional steps.
- Dynamic keys : UWSS parses the current tokens befor esending any POST requests in this mode.
Currently attack techniques are support by the tool is follow as:
- Cross-Site-Scripting
- XML-injection
- OS command execution
- File-inclusion (local/remote)
- Perl-injection
- SQL Ijection
- LDAP-injection
- SOAP-injection
- PHP-injection
This application run on command line and programmed in python. Authors are Noptrix & illuminatus.
Download from here
Posted in Penetration Testing, Web Application Security.
Tagged with Application Security Tool, Injections, Penetration Testing, Security tools, Sql Injections, UWSS, XSS.
By Syed Alam
– August 1, 2009
Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK, the protocols that protect today’s public Wifi-airspace.
Pyrit Wrieless Hacking
Pyrit is new tool based on GPU based cracking software for wireless security. This tool can be used as auditing for passwords, include it in penetration testing framework, basic vulnerability assesment.
Pyrit’s implementation allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff. The performance gain for real-world-attacks is in the range of three orders of magnitude which urges for re-consideration of the protocol’s security. Exploiting the computational power of Many-Core- and other platforms through ATI-Stream, Nvidia CUDA, OpenCL and VIA PadLock, it is currently by far the most powerful attack against one of the world’s most used security-protocols.
Download from here
How to can be find here
Posted in Wireless.
Tagged with Opensource, Wireless, Wireless Cracking, Wireless Hacking, Wireless security.
By Syed Alam
– July 28, 2009
SQLMap - MySQL,Oracle Injection tool
SQLMap is an open source command-line automatic SQL Injection tool. ts goal is to detect and take advantage of SQL injection vulnerabilities in web applications.
- Once it detects one or more SQL Injections on the target host, the user can chose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database enumerate users, passwords hashes, privileges, databases, dump entire or user’s specified DBMS tables/columns.
- Run this SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attack box and the database server via MetaSploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
- Full support for MySQL, Oracle, PostgreSQL and Microsoft SQL Server band-end database management systems.
- Full support of three SQL techniques : Inferential blind SQL Injection, UNION query (inband) SQL Injection and batched queries support. SQLMap can also test for time based blind SQL injection.
- HTTP Cookie header string support.
- HTTP Basic and Digest Authentications support.
- Anonymouse HTTP Proxy support to by pass the request to the target URL that works also with HTTPS requests.
- Estimated time of arrival support for each query.
- PHP setting magic_quotes_gpc bypass by encoding every query string, between single quotes, with CHAR, or similar, database management system function.
- For detail feature list, visit official document here
Download from sourceforge.net
Independent Operating System here
RPM Package here
Debian Package here
Windows Executable here
Posted in Web Application Security.
Tagged with Application Security Tool, Hacking, Injections, Sql Injections.
By Syed Alam
– July 27, 2009
