Wireless hacking

Web Application Hacking tools

Proxy / spider tool suites

Browser extensions (Firefox)

Browser extensions (Internet Explorer)

Java

ActiveX

Flash

Flasm
Flare

Vulnerability scanners

Miscellaneous

Wophcrack – Web Based Interface For Ophcrack Password Cracking Tool

Rainbow tables are really useful when cracking password hashes, One disadvantage of these tables is their size which can get up to tens and even hundreds of gigs.

I’m assuming everyone reading already knows about Ophcrack – the awesome time/memory trade-off password cracker.

Well here is a nifty web-based interface for it. Rainbow Tables are really useful when cracking password hashes, but one major disadvantage of these tables is their size which can be hundreds of gigs for complex tables. The author thought it would be extremely useful to have a personal web interface for your rainbow tables which you can access from anywhere on the web anywhere without having to carry the large tables with you everywhere you go. And well here we are, Wophcrack (Web)Ophcrack.

wophcrack11

When cracking LM or NTLM hashes Ophcrack is a great tool as we discussed recently, it provides both a GUI and CLI options along with some free and paid tables. The author basically wrote a quick and dirty PHP based web frontend for Ophcrack.

Wophcrack was designed to work on Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can also easily edited to support Rainbow Crack.

You can download Wophcrack here:

wophcrack.zip

Or read more here.

Hackertool Metasploit met nieuwe exploits en ASCII art

Na bijna vijf jaar is er eindelijk weer een grote, nieuwe release van de populaire hackertool Metasploit. Metasploit laat onder andere security professionals en pentesters de veiligheid van netwerken en systemen testen. Versie 4.0 bevat een grafische update, waaronder allerlei ASCII art, twintig nieuwe exploit modules en tal van nieuwe features en bugfixes.

Ook is het aanvallen van Linux systemen verbeterd en is het mogelijk om wachtwoorden via John the Ripper te kraken. De nieuwste versie is via deze pagina te downloaden. Voor wie vanaf een bestaande installatie wil upgraden is er dit advies.

bron: security.nl

#RefRef- DDos tool developed by Anonymous

Amomymous are building a new Denial of service attack tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. This is called #RefRef and developed in Javascript. This was very effective in a 17 minute attack from a single machine resulting in a 42-minute outage on Pastebin yesterday. This was confirmed by the Pastebin via twitter.
This tool will e released in September. The tool uses a simple GUI to operate. As it turns out, the attack is launched client side, and will send a separate script in the connection request made to the target server. This request is actually the exploit itself, and once the server renders the code, it will continue to render it until crashing. In essence, the stronger the server, the faster it crashes.