THC-Hydra 8.2 Released

THC-Hydra 8.2 Released

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC. Other online crackers are Medusa and Ncrack. The Nmap Security Scanner also contains many online brute force password…

Detux – The Multiplatform Linux Sandbox

Detux – The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux (Debian) for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now: http://detux.org What’s in this release? This release of Detux contains the script for executing a Linux binary/script in a specified CPU arch.…

Shadowd – The Shadow Daemon Web Application Firewall Server

Shadowd – The Shadow Daemon Web Application Firewall Server

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. This is the main component that handles the analysis and storage of requests. Installation The easiest way to install…

XssPy – Web Application XSS Scanner

XssPy – Web Application XSS Scanner

XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains first. After that, it starts scanning each and every input on each and every page that it found while its traversal. It uses small yet…

Firefox Security Toolkit – A tool that transforms Firefox browsers into a penetration testing suite

Firefox Security Toolkit – A tool that transforms Firefox browsers into a penetration testing suite

Firefox Security Toolkit is A tool that transforms Firefox browsers into a penetration testing suite. How? It downloads the most important extensions, and install it on your browser. The used extensions has been chosen by a survey among the information security community. Based on it’s results, Firefox Security Toolkit was made. Also, it allows you to download Burp Suite certificate and a large user-agent list for User-Agent Switcher. Making it…

ROOTCON 10 – A Hacker Conference in the Philippines You Shouldn’t Miss

ROOTCON 10 – A Hacker Conference in the Philippines You Shouldn’t Miss

ROOTCON is the largest and premier Information Security Conference and Hacker gathering in the Philippines. The group behind ROOTCON started operations on December 27, 2008. It was then registered as DEFCON Group 6332 and carried the name DEFCONPH. After going through copyright issues, the group was renamed PinoyGreyHat until its founder decided to rebrand to a more neutral and conference-friendly name: ROOTCON. The name was officially changed on August 9,…