SP Toolkit - Open Source Phishing Education Toolkit
A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most securi
Self-extracting archive (SFX) as Creative Virus Handler
Yesterday I Found and interesting article about "Self-extracting archive (SFX)" on Unremote.org by DarkCoderSc. SFX is a little application that contains compressed files. Creating a customized WinRAR SFX archives is a very easy task, but not all people know how to do it. It is therefore exactly the sa
Your Android really needs Antivirus Security ?
Why shouldn't you protect your Android phone? Why to use an Antivirus for your Android? So that users can protect their devices from trojans, viruses, spyware, and other types of malware. Most people carry a lot of sensitive data on their phones. Recently an SMS Trojan horse posing as a media player began infecting Android phones on Russian networks. Once the victim installed the malicious app, it began sending text messages to premium numbers, leaving the user with a huge phone bill.
Also Security researchers from Kaspersky Labs have intercepted a scareware variant targeting Android users, distributed as an Opera Virus Scanner. If the user clicks on the link, they’ll be asked to download VirusScanner.apk, which is currently detected as Trojan-SMS.AndroidOS.Scavir. If the user is using a non-Android device, they’ll be asked to download VirusScanner.jar currently detected as Trojan-SMS.J2ME.Agent.ij.
With this in mind we at The Hacker News have list down the top 5 antivirus apps for Android phones:
1.) Lookout Security & Antivirus: Lookout Security & Antivirus is arguably the most popular security and anti-virus for Android around. A free account lets you scan your phone for malware, back up and restore your data online, and use GPS to locate your phone should it ever get lost or stolen. [Get This]
2.) Avast Free Mobile Security: Avast Free Mobile Security supports a number of features that are usually available only in paid-for Android security software. These include privacy reports, call and SMS filtering, SIM-card change notifications, firewall and application management. [Get This]
3.) Kaspersky Mobile Security: Kaspersky Lab released a free security application to keep your contacts, email and banking information from falling into the wrong hands. Kaspersky Mobile Security Lite can also remotely delete all personal data from the device including contacts, addresses, calendars, text messages and email preventing sensitive information from being illegally used or stolen. [Get This]
4.) Norton Mobile Security Beta: Norton lends its anti-malware, anti virus, and security expertise to mobile. Smartphones hold a lot of valuable data: Text messages, e-mail, and even credit card numbers can reside on the device, where they're easily accessed. [Get This]
5.) Mobile Security 6.0: NQ Mobile released Mobile Security 6.0 for Android as a free download. It etects and deletes viruses, malicious URLs, and other threats before you even know they exist with newly enhanced features including GPS-based anti-loss/theft features, backup and restore tools for your contacts, complete privacy protection, traffic monitoring, and more. [Get This]
Perhaps it’s the 90’s and 80’s mindset that has us still thinking that cell phones are dumb single purpose devices, that causes us to not care about the security of our mobile devices.A wake up call to just how vulnerable cell phones are was recently raised when Google had to remove about 21 malicious apps from the market that were found to be nabbing user’s data. Go ! Get one Best Security Product for your Android from above list, If you really love your Phone ;-)
Hackers selling cheap BOTNETs and DDOS on forums
The Internet has revolutionized shopping around the world. Security researchers F-Secure reported recently in a post that hackers are Selling Cheap DDOS services on Various Foru
FreeDOS 1.1 released after being in development for several years
FreeDOS 1.1 has been released after being in development for several years. FreeDOS is an opensource operating system aiming to provide the same (or better) functionality as Microsoft'sold MS-DOS. Right now the main use is running old games and software, but you might encounter it on somefreshly sold computers, motherboard setup CDs, BIOS flashing diskettes, embedded hardware and other uses.
Hackers leak the Source Code for Symantec Product
A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse
BackBox Linux 2.01 released
What's new
- System upgrade
- Performance boost
- New look
- Improved start menu
- New sections such as Forensic Analysis, Documentation & Reporting and Reverse Engineering
- New Hacking tools and updated tools such as dradis 2.8, ettercap 0.7.4.2, john 1.7.8, metasploit 4.2, nmap 5.51, set 2.5.2, sleuthkit 3.2.1, w3af 1.0, weevely 0.5, wireshark 1.6.3, etc.
System requirements
- 32-bit or 64-bit processor
- 256 MB of system memory (RAM)
- 4.4 GB of disk space for installation
- Graphics card capable of 800×600 resolution
- DVD-ROM drive or USB port
Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool
I’m a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors
Cain & Abel v4.9.43 Released
Change Log :
- Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression.
- Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter.
- Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks.
- Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables.
- Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3.
- MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files.
- Fixed a bug (crash) in Certificate Collector with Proxy settings enabled.
The Mole - Another Automatic SQL Injection exploitation tool
Features
- Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
- Command line interface. Different commands trigger different actions.
- Auto-completion for commands, command arguments and database, table and columns names.
- Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
- Exploits SQL Injections through GET and POST methods.
- Developed in python 3.
1.) Installation Guide
2.) Tutorial to Use
3.) Download Mole
BeEF 0.4.2.12 alpha Browser Exploitation Framework Released
The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors.
Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing.
BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. Each browser is likely to be within a different security context, and each context may provide a set of unique attack vectors.
BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Development has focused on creating a modular framework. This has made module development a very quick and simple process. Current modules include metasploit, port scanning, keylogging, TOR detection and more.
Fully Undetectable Backdoor generator for Metasploit
Security Labs Experts from Indian launch an automated Anti-Virus and Firewall Bypass Script. Its an Modified and Stable Version in order to work with Backtrack 5 distro. Below you can find the modified version and a simple presentation on how it works:
In order to be able to compile the generated payload we must install the following packages ; Mingw32 gcc which you can install by :
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
After the installation we must move our shell-script - Vanish.sh - to default Metasploit folder (/pentest/exploits/framework) and execute it. Recommended Seed Number = 7000 and Number of Encode = 14 .
Note: By default Script Generates Reverse TCP Payload but you can change it some modifications in Script [vanish.sh]. Virus Scan Report of Backdoor shows that its almost undetectable by most of the Antivirus programs.
Download Link : Click Here [Vanish.sh] Size : 3.3 KB OR Pastebin Version here
Source Code of Crypo.com Available to Download !
The Source Code of Crypo.com , One of the Famous Free Online Encryption Service is now available todownload form a File sharing website. This Script will encrypt your messages using a strong encryption algorithm, and then your information will be secure for sending.
Bypass SOPA (Stop Online Piracy Act) DNS Blocking with DeSopa 1.1
A developer who calls himself T Rizk doesn't have much faith in Congress making the right decision on anti-piracy legislation, so he's built a work around for the impending censorship measures being considered DeSOPA. The Firefox add-on is stunningly simple as the Stop Online Piracy Act (SOPA) would block specific domain names (e.g. www.thepiratebay.com) of allegedly infringing sites.
Firefox, which already boasts an outspoken stance against SOPA, and has already shown they are willing to stand by add-on developers who create circumvention extensions designed to go around measures currently employed by Homeland Security, has welcomed a new add-on, one that is designed to circumvent whatever SOPA website blacklists that are created, provided the bills become law.
A new anti-SOPA add-on for Firefox, titled “DeSopa” is such a counter measure.When installed, users can click a single button to resolve a blocked domain via foreign DNS servers, bypassing all domestic DNS blockades and allowing the user to browse the site though the bare IP-address (if supported).“I feel that the general public is not aware of the gravity of SOPA and Congress seems like they are about to cater to the special interests involved, to the detriment of Internet, for which I and many others live and breathe,” DeSopa developer T Rizk told.
“It could be that a few members of congress are just not tech savvy and don’t understand that it is technically not going to work, at all. So here’s some proof that I hope will help them err on the side of reason and vote SOPA down,” he adds.
If SOPA is implemented, thousands of similar and more innovative programs and services will sprout up to provide access to the websites that people frequent. SOPA is a mistake. It does not even technically help solve the underlying problem, as this software illustrates. What it will do is give undue leverage to predatory organizations, cripple innocent third party websites, severely dampen digital innovation and negatively impact the integrity and security of the Internet. If browsing a site through a single IP address is not supported, this other anti-SOPA plugin provides an alternative.
Save this Page
