read

EVERYONE HAVE SOME BASIC GOALS.......THESE GOALS ARE EXPRESSED BY ME THROUGH SOME FAMOUS QUOTES.

LOVE THE LIFE YOU LIVE......LIVE THE LIFE YOU LOVE

HAVING A DREAM IS WHAT KEEPS YOU ALIVE.OVERCOMING THE CHALLENGES MAKE LIFE WORTH LIVING.

NEVER SETTLE FOR LESS WHEN YOU DESERVE FOR THE BEST,NEVER LOWER GOD'S STANDARD JUST TO PLEASE THE REST

I AM LIVING IN TODAY'S WORLD JUST TO MAKE THESE QUOTES REALITY FOR ME.

I LAID MY FEARS TO REST....I OCCUPIED THEM FOR REST.....I WORK UPON MY DIGNITY......I LIVE ON MY STANDARDS................

YES THAT IS WHAT YOU CALL ME 
YES I AM THAT PERSON WHO STANDS ON THIS POSITION
I LOVE BEING PRAISED
I LOVE BEING SCOLDED FOR MOTIVATION

I LOVE MYSELF

EVERYONE HAVE SOME BASIC GOALS.......THESE GOALS ARE EXPRESSED BY ME THROUGH SOME FAMOUS QUOTES.

LOVE THE LIFE YOU LIVE......LIVE THE LIFE YOU LOVE

HAVING A DREAM IS WHAT KEEPS YOU ALIVE.OVERCOMING THE CHALLENGES MAKE LIFE WORTH LIVING.

NEVER SETTLE FOR LESS WHEN YOU DESERVE FOR THE BEST,NEVER LOWER GOD'S STANDARD JUST TO PLEASE THE REST

I AM LIVING IN TODAY'S WORLD JUST TO MAKE THESE QUOTES REALITY FOR ME.

I LAID MY FEARS TO REST....I OCCUPIED THEM FOR REST.....I WORK UPON MY DIGNITY......I LIVE ON MY STANDARDS................

YES THAT IS WHAT YOU CALL ME 
YES I AM THAT PERSON WHO STANDS ON THIS POSITION
I LOVE BEING PRAISED
I LOVE BEING SCOLDED FOR MOTIVATION

I LOVE MYSELF


Read more...

Angry IP Scanner - Cross Platform Port Scanner

Angry IP scanner is a very fast IP address and port scanner.
It can scan IP addresses in any range as well as their ports. It is cross-platform and lightweight. Not requiring any installations, it can be freely copied and used anywhere.

Angry IP scanner simply pings each IP address to check if it’s alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be extended with plugins.

It also has additional features, like NetBIOS information (computer name, workgroup name, and currently logged in Windows user), favorite IP address ranges, web server detection, customizable openers, etc.



Download Angry IP Scanner version 3.0-beta3 :
http://sourceforge.net/projects/ipscan/

Angry IP scanner is a very fast IP address and port scanner.
It can scan IP addresses in any range as well as their ports. It is cross-platform and lightweight. Not requiring any installations, it can be freely copied and used anywhere.

Angry IP scanner simply pings each IP address to check if it’s alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be extended with plugins.

It also has additional features, like NetBIOS information (computer name, workgroup name, and currently logged in Windows user), favorite IP address ranges, web server detection, customizable openers, etc.



Download Angry IP Scanner version 3.0-beta3 :
http://sourceforge.net/projects/ipscan/


Read more...

DNSenum - Domain Information Gathering Tool

The program currently performs the following operations:

1. Get the host’s addresse (A record).
2. Get the namservers (threaded).
3. Get the MX record (threaded).
4. Perform axfr queries on nameservers (threaded).
5. Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
6. Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
7. Calculate C class domain network ranges and perform whois queries on them (threaded).
8. Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
9. Write to domain_ips.txt file ip-blocks.
The output file domain_ips.txt will contain non-contiguous IP blocks:

127.0.0.1/32
127.0.0.8/31

Download DNSenum v1.2 :
http://dnsenum.googlecode.com/files/dnsenum1.2.tar.gz

The program currently performs the following operations:

1. Get the host’s addresse (A record).
2. Get the namservers (threaded).
3. Get the MX record (threaded).
4. Perform axfr queries on nameservers (threaded).
5. Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
6. Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
7. Calculate C class domain network ranges and perform whois queries on them (threaded).
8. Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
9. Write to domain_ips.txt file ip-blocks.
The output file domain_ips.txt will contain non-contiguous IP blocks:

127.0.0.1/32
127.0.0.8/31

Download DNSenum v1.2 :
http://dnsenum.googlecode.com/files/dnsenum1.2.tar.gz

Read more...

Webtunnel 0.0.2 - HTTP Encapsulation and Tunnel Tool

Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server. In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does not need its own port, and supports most things that the web server supports, such as authentication, HTTP 1.1, HTTPS, and client certificates; it uses simple requests and responses so it works seamlessly through forward and reverse proxies; it is multi-threaded (actually multi-process using sockets for inter-process communication) to allow multiple parallel connections to multiple destinations simultaneously.

It’s written in Perl and currently supports the tunneling of TCP connections. Future plans include implementations in different languages, mixed tunneling of UDP and pipes (so you can tunnel directly to a shell etc.), configuration features such as access control lists, and transmission options like compression and encryption.

Download Webtunnel 0.0.2 :
http://sourceforge.net/projects/webtunnel

Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server. In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does not need its own port, and supports most things that the web server supports, such as authentication, HTTP 1.1, HTTPS, and client certificates; it uses simple requests and responses so it works seamlessly through forward and reverse proxies; it is multi-threaded (actually multi-process using sockets for inter-process communication) to allow multiple parallel connections to multiple destinations simultaneously.

It’s written in Perl and currently supports the tunneling of TCP connections. Future plans include implementations in different languages, mixed tunneling of UDP and pipes (so you can tunnel directly to a shell etc.), configuration features such as access control lists, and transmission options like compression and encryption.

Download Webtunnel 0.0.2 :
http://sourceforge.net/projects/webtunnel


Read more...

SSLstrip - HTTPS Stripping Attack Tool

This tool provides a demonstration of the HTTPS stripping attacks.
It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.

To get this running:
* Flip your machine into forwarding mode.
* Setup iptables to redirect HTTP traffic to sslstrip.
* Run sslstrip.
* Run arpspoof to convince a network they should send their traffic to you.

That should do it.

How does this work?
First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. The kernel forwards everything along except for traffic destined to port 80, which it redirects to $listenPort (10000, for example).

At this point, sslstrip receives the traffic and does its magic.

Download :
http://www.thoughtcrime.org/software/sslstrip/

This tool provides a demonstration of the HTTPS stripping attacks.
It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.

To get this running:
* Flip your machine into forwarding mode.
* Setup iptables to redirect HTTP traffic to sslstrip.
* Run sslstrip.
* Run arpspoof to convince a network they should send their traffic to you.

That should do it.

How does this work?
First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. The kernel forwards everything along except for traffic destined to port 80, which it redirects to $listenPort (10000, for example).

At this point, sslstrip receives the traffic and does its magic.

Download :
http://www.thoughtcrime.org/software/sslstrip/

Read more...

Caching bugs exposed in second biggest DNS server

For years, cryptographer Daniel J. Bernstein has touted his djbdns as so secure he promised a $1,000 bounty to anyone who can poke holes in the domain name resolution software.

Now it could be time to pay up, as researchers said they’ve uncovered several vulnerabilities in the package that could lead end users to fraudulent addresses under the control of attackers.

djbdns is believed to be the second most popular DNS program, behind Bind. The bugs show that even the most secure DNS packages are susceptible to attacks that could visit chaos on those who use them.

One of the bugs, disclosed last week by researcher Kevin Day, exploits a known vulnerability in the DNS system that allows attackers to poison domain name system caches by flooding a server with multiple requests for the same address.

Source: The Register
http://www.theregister.co.uk/2009/02/28/djbdns_cache_poisoning_vulns/

For years, cryptographer Daniel J. Bernstein has touted his djbdns as so secure he promised a $1,000 bounty to anyone who can poke holes in the domain name resolution software.

Now it could be time to pay up, as researchers said they’ve uncovered several vulnerabilities in the package that could lead end users to fraudulent addresses under the control of attackers.

djbdns is believed to be the second most popular DNS program, behind Bind. The bugs show that even the most secure DNS packages are susceptible to attacks that could visit chaos on those who use them.

One of the bugs, disclosed last week by researcher Kevin Day, exploits a known vulnerability in the DNS system that allows attackers to poison domain name system caches by flooding a server with multiple requests for the same address.

Source: The Register
http://www.theregister.co.uk/2009/02/28/djbdns_cache_poisoning_vulns/


Read more...

Hacker pokes new hole in secure sockets layer

Website encryption has sustained another body blow, this time by an independent hacker who demonstrated a tool that can steal sensitive information by tricking users into believing they’re visiting protected sites when in fact they’re not.

Unveiled Wednesday at the Black Hat security conference in Washington, SSLstrip works on public Wi-Fi networks, onion-routing systems, and anywhere else a man-in-the-middle attack is practical. It converts pages that normally would be protected by the secure sockets layer protocol into their unencrypted versions. It does this while continuing to fool both the website and the user into believing the security measure is still in place.

The presentation by a conference attendee who goes by the name Moxie Marlinspike is the latest demonstration of weaknesses in SSL, the encryption routine websites use to prevent passwords, credit card numbers, and other sensitive information from being sniffed while in transit. Similar to side jacking attack from 2007 and last year’s forging of a certificate authority certificate, it shows the measure goes only so far.

Marlinspike said SSLstrip is able to work because the vast majority of sites that use SSL begin by showing visitors an unencrypted page and only offer the protection for sections where sensitive information is transmitted. When a user clicks on a login page, for instance, the tool alters the site’s unencrypted response so the “https” is changed to “http.” The website, however, continues to operate under the assumption the connection is encrypted.

Source: The Register
http://www.theregister.co.uk/2009/02/19/ssl_busting_demo/

Website encryption has sustained another body blow, this time by an independent hacker who demonstrated a tool that can steal sensitive information by tricking users into believing they’re visiting protected sites when in fact they’re not.

Unveiled Wednesday at the Black Hat security conference in Washington, SSLstrip works on public Wi-Fi networks, onion-routing systems, and anywhere else a man-in-the-middle attack is practical. It converts pages that normally would be protected by the secure sockets layer protocol into their unencrypted versions. It does this while continuing to fool both the website and the user into believing the security measure is still in place.

The presentation by a conference attendee who goes by the name Moxie Marlinspike is the latest demonstration of weaknesses in SSL, the encryption routine websites use to prevent passwords, credit card numbers, and other sensitive information from being sniffed while in transit. Similar to side jacking attack from 2007 and last year’s forging of a certificate authority certificate, it shows the measure goes only so far.

Marlinspike said SSLstrip is able to work because the vast majority of sites that use SSL begin by showing visitors an unencrypted page and only offer the protection for sections where sensitive information is transmitted. When a user clicks on a login page, for instance, the tool alters the site’s unencrypted response so the “https” is changed to “http.” The website, however, continues to operate under the assumption the connection is encrypted.

Source: The Register
http://www.theregister.co.uk/2009/02/19/ssl_busting_demo/
Read more...

DNSmap 0.22 Released - Subdomain Bruteforcing Tool

dnsmap is a subdomain bruteforcer for stealth enumeration.

Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. dnsmap was included in Backtrack 2 and 3, although the version included is the now dated version 0.1.



Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work.

Original Features of Version 0.1
* obtain all IP addresses (A records) associated to each successfully bruteforced subdomain, rather than just one IP address per subdomain
* abort the bruteforcing process in case the target domain uses wildcards
* ability to be able to run the tool without providing a wordlist by using a built-in list of keywords
* bruteforcing by using a user-supplied wordlist (as opposed to the built-in wordlist)

New Improvements in Version 0.22
* saving the results in human-readable and CSV format for easy processing
* fixed bug that disallowed reading wordlists with DOS CRLF format
* improved built-in subdomains wordlist
* new bash script (dnsmap-bulk.sh) included which allows running dnsmap against a list of domains from a user-supplied file. i.e.: bruteforcing several domains in a bulk fashion
* bypassing of signature-based dnsmap detection by generating a proper pseudo-random subdomain when checking for wildcards

Usage

usage: dnsmap [options]
options:
-w
-r

Download :
http://lab.gnucitizen.org/projects/dnsmap

dnsmap is a subdomain bruteforcer for stealth enumeration.

Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. dnsmap was included in Backtrack 2 and 3, although the version included is the now dated version 0.1.



Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work.

Original Features of Version 0.1
* obtain all IP addresses (A records) associated to each successfully bruteforced subdomain, rather than just one IP address per subdomain
* abort the bruteforcing process in case the target domain uses wildcards
* ability to be able to run the tool without providing a wordlist by using a built-in list of keywords
* bruteforcing by using a user-supplied wordlist (as opposed to the built-in wordlist)

New Improvements in Version 0.22
* saving the results in human-readable and CSV format for easy processing
* fixed bug that disallowed reading wordlists with DOS CRLF format
* improved built-in subdomains wordlist
* new bash script (dnsmap-bulk.sh) included which allows running dnsmap against a list of domains from a user-supplied file. i.e.: bruteforcing several domains in a bulk fashion
* bypassing of signature-based dnsmap detection by generating a proper pseudo-random subdomain when checking for wildcards

Usage

usage: dnsmap [options]
options:
-w
-r

Download :
http://lab.gnucitizen.org/projects/dnsmap


Read more...

Ntop - A network traffic usage monitor

ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.

ntop users can use a a web browser (e.g. netscape) to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status.

What Ntop can do ?
* Sort network traffic according to many protocols
* Show network traffic sorted according to various criteria
* Display traffic statistics
* Store on disk persistent traffic statistics in RRD format
* Identify the identity (e.g. email address) of computer users
* Passively (i.e. without sending probe packets) identify the host OS
* Show IP traffic distribution among the various protocols
* Analyze IP traffic and sort it according to the source/destination
* Display IP Traffic Subnet matrix (who’s talking to who?)
* Report IP protocol usage sorted by protocol type
* Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks)
* Produce RMON-like network traffic statistics

Download :
http://www.ntop.org/download.html

ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.

ntop users can use a a web browser (e.g. netscape) to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status.

What Ntop can do ?
* Sort network traffic according to many protocols
* Show network traffic sorted according to various criteria
* Display traffic statistics
* Store on disk persistent traffic statistics in RRD format
* Identify the identity (e.g. email address) of computer users
* Passively (i.e. without sending probe packets) identify the host OS
* Show IP traffic distribution among the various protocols
* Analyze IP traffic and sort it according to the source/destination
* Display IP Traffic Subnet matrix (who’s talking to who?)
* Report IP protocol usage sorted by protocol type
* Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks)
* Produce RMON-like network traffic statistics

Download :
http://www.ntop.org/download.html






Read more...

Charles Web Debugging Proxy

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).

Charles can act as a man-in-the-middle for HTTP/SSL communication, enabling you to debug the content of your HTTPS sessions.

Charles simulates modem speeds by effectively throttling your bandwidth and introducing latency, so that you can experience an entire website as a modem user might (bandwidth simulator).

Charles is especially useful for Adobe Flash developers as you can view the contents of LoadVariables, LoadMovie and XML loads. Charles also has native support for Flash Remoting (AMF0 and AMF3).

Charles is also useful for XML development in web browsers, such as AJAX (Asynchronous Javascript and XML) and XMLHTTP, as it enables you to see the actual XML that is flowing between the client and the server. Charles natively supports JSON, JSON-RPC and SOAP; displaying each in a simplified tree format for easy viewing and debugging.

Charles will autoconfigure your browser’s proxy settings on the following browsers:

* IE (Windows system proxy settings)
* Firefox
* Safari (Mac OS X or Windows system proxy settings)

Supported Platforms:
* Windows
* Mac OS X
* Linux/Unix

Latest Release: Version 3.3.1

Download: http://www.charlesproxy.com/download.php

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).

Charles can act as a man-in-the-middle for HTTP/SSL communication, enabling you to debug the content of your HTTPS sessions.

Charles simulates modem speeds by effectively throttling your bandwidth and introducing latency, so that you can experience an entire website as a modem user might (bandwidth simulator).

Charles is especially useful for Adobe Flash developers as you can view the contents of LoadVariables, LoadMovie and XML loads. Charles also has native support for Flash Remoting (AMF0 and AMF3).

Charles is also useful for XML development in web browsers, such as AJAX (Asynchronous Javascript and XML) and XMLHTTP, as it enables you to see the actual XML that is flowing between the client and the server. Charles natively supports JSON, JSON-RPC and SOAP; displaying each in a simplified tree format for easy viewing and debugging.

Charles will autoconfigure your browser’s proxy settings on the following browsers:

* IE (Windows system proxy settings)
* Firefox
* Safari (Mac OS X or Windows system proxy settings)

Supported Platforms:
* Windows
* Mac OS X
* Linux/Unix

Latest Release: Version 3.3.1

Download: http://www.charlesproxy.com/download.php
Read more...