Aircrack-ng  is an  802.11 WEP and WPA-PSK keys  cracking program that can recover keys once enough data packets have been captured. It impl...

Aircrack-ng 1.2 Release Candidate 2

Saturday, June 27, 2015 Sensei Fedon 0 Comments

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools. aircrakngterm
Here is the second release candidate. Along with a LOT of fixes, it improves the support for the Airodump-ng scan visualizer. Airmon-zc is mature and is now renamed to Airmon-ng. Also, Airtun-ng is now able to encrypt and decrypt WPA on top of WEP. Another big change is recent version of GPSd now work very well with Airodump-ng. Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. In fact, Aircrack-ng is a set of tools for auditing wireless networks.

Aircrack-ng Changelog

Version 1.2-rc2 (changes from aircrack-ng 1.2-rc1) – Released 10 April 2015:
  • Airtun-ng: Adds WPA CCMP and TKIP decryption and CCMP encryption
  • Compilation: Added support for DUMA.
  • Makefile: Renamed ‘unstable’ to ‘experimental’.
  • Airodump-ng: Fixed XML sanitizing.
  • Airmon-ng: Airmon-zc is now stable enough to replace airmon-ng.
  • Manpages: Removed airdriver-ng manpage and references to it (forgot to do it before the previous release).
  • Manpages: Updated ‘see also’ references in all manpages.
  • PCRE: Added it in various places and docs.
  • WZCook: Fixed processing values stored in register.
  • Updated a few headers files (if_llc, ieee80211, ethernet and if_arp).
  • Travis CI: updated make parameter and add testing with pcre.
  • Compilation: de-hardcode -lpcap to allow specifying pcap libraries.
  • Makefile: Fixed installing/uninstalling Airdrop-ng documentation files.
  • Makefile: Fixed uninstalling ext_scripts.
  • Airodump-ng: Added new paths (and removed one) for OUI files and simplified logic to find the OUI file.
  • Aircrack-ng: Fixed ignoring -p when specified after -S.
  • Airmon-ng: fixes for openwrt busybox ps/grep issues which do not seem present in other versions of busybox
  • Airmon-ng: fix vm detection.
  • Airserv-ng: Fixed channel setting (and assert call).
  • Airodump-ng: Fixes to NetXML (unassociated clients missing and various other small bugs) and update the code to match current NetXML output.
  • Airodump-ng: Removed requirement for 2 packets before AP is written to output (text) files.
  • Airodump-ng: Fixed formatting of ESSID and display of WPA/WPA2 (as well as a bunch of other small fixes) in CSV file.
  • Airodump-ng: Fixed GPSd.
  • Airodump-ng: Allow to specify write interval for CSV, kismet CSV and NetXML files.
  • Airserv-ng: Fixed wrong station data displayed in Airodump-ng.
  • General: Fixed 64 bit promotion issues.
  • General: Fixed a bunch of uninitialized values and non-zeroed structures (upon allocating them).
  • General: Added Stack protection.
  • Various other small fixes and improvements.

0 comments:

DDOS aka Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic ...

Project Shield: Google Wants to Protect News and Human Rights Websites from DDOS Attack

Saturday, June 27, 2015 Sensei Fedon 0 Comments

google-project-shield
DDOS aka Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Attacker target a wide variety of important resources and present a major challenge to making sure people can publish and access important information.

0 comments:

Opabinia – GUI Based SSL Auditor Tool for Windows   hackers   June 15, 2015   Security Resources ,  Tools SSLAuditor/Op...

SSLAuditor v4 (Opabinia)

Monday, June 15, 2015 Sensei Fedon 0 Comments


SSLAuditor/Opabinia – Utility to audit SSL and RDP services
SSLAuditor has five components that Looks for risks in the SSL an RDP Services. The Components can be seen in the graphic on below.

0 comments:

Add headers to all Burp requests to bypass some WAF products. This extension will automatically add the following headers to all reque...

BypassWAF - Burp Plugin to Bypass Some WAF Devices

Wednesday, June 10, 2015 Sensei Fedon 0 Comments


Add headers to all Burp requests to bypass some WAF products. This extension will automatically add the following headers to all requests.
  X-Originating-IP: 127.0.0.1
  X-Forwarded-For: 127.0.0.1
  X-Remote-IP: 127.0.0.1
  X-Remote-Addr: 127.0.0.1

0 comments:

This is the official repository of The Exploit Database , a project sponsored by Offensive Security .

The Exploit-Database Git Repository

Wednesday, June 10, 2015 Sensei Fedon 0 Comments


This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

0 comments:

Framework for Man-In-The-Middle attacks

MITMf - Framework for Man-In-The-Middle attacks

Wednesday, June 10, 2015 Sensei Fedon 0 Comments


Framework for Man-In-The-Middle attacks

0 comments:

Proxenet is a hacker friendly proxy for web application penetration tests.

Proxenet - Hacker Friendly Proxy for Web Application Penetration Tests

Wednesday, June 10, 2015 Sensei Fedon 0 Comments


Proxenet is a hacker friendly proxy for web application penetration tests.

0 comments:

Linux Web Dashboard   linux-dash  is a low-overhead monitoring web dashboard for a GNU/Linux machine Linux Dash is an open-source...

Linux Web Dashboard : linux-dash

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

Linux Web Dashboard  linux-dash is a low-overhead monitoring web dashboard for a GNU/Linux machine
Linux Dash is an open-source dashboard to monitor Linux servers. It prides itself on its simplicity and ease of use. It can be very handy to have a high-level dashboard for a server instance. With a wide array of modules for server statistics, it also serves as a great visual debugging tool.

Linux Web Dashboard dash Linux Web Dashboard

0 comments:

Nginx Web Application Firewall: NAXSI

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

0 comments:

Find Exploits Instantly: Findsploit

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

0 comments:

Open Source Search Engine: Sphinx

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

0 comments:

 

Multifunctional Online Office Suite: ONLYOFFICE

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

0 comments:

Memex Explorer

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

0 comments:

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetr...

A Portable Penetration Testing Distribution for Windows: PentestBox

Wednesday, June 03, 2015 Sensei Fedon 0 Comments

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. pentestbox

Less Memory Usage

PentestBox runs on host machine without any need for virtual machine. So it only need’s 20 MB for launching compared to at least 2GB of RAM need for running virtual machine distributions. Plus it only needs around 2GB disk space compared to at least 10GB in virtual machines.

No Dependencies Needed

All the dependencies required by tools are inside PentestBox, and you can even run PentestBox on freshly installed windows without any hassle.

Portable

PentestBox is entirely portable, so now you can carry your own Penetration Testing Environment on a USB stick. It will take care of dependencies required to run tools which are inside it.

Best Performance

PentestBox directly runs on host machine instead of virtual machines.

tools

No Metasploit ?

Metasploit Contains exploits/payloads inside it, so when installed on windows machines nearly all anti-viruses and firewalls put up warnings. Metasploit officially instruct users to disable anti-viruses and firewalls while using it. It’s your call. If you willing to switch off your antiviruses program and want to use Metsaploit on Windows, you can download windows installer for Metsaploit from officially Metsaploit website.

PentestBox throwing up red flags ?

PentestBox is packed by UPX which is identified as malware by some antivirus softwares. You can scan PentestBox.exe with virtustotal.com and see the result. As an alternative there is a PentestBox.bat file in the same directory which upon running won’t show any warnings. There are some ruby gems also which can also flag as virus/malware, you can remove those of your antivirus are flagging it. Also THC-SSL-DOS will also be flagged because of it’s action against SSL servers.If you worried about those warnings then you can allow your Antivirus to remove those files, in that case you can start PentestBox through PentestBox.bat file and THC-SSL-DOS will not work. Rest other tools/products will work normally.

How to include your own Tool

If you want to include a tool which is not currently present in PentestBox then below are the ways to include it.
  • If it is Python based program
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • As Python is configured inside PentestBox, you can directly go to that directory and then run that program by prepending python to the filename.
    • But if you want to set an alias for that program then please follow How to add an alias
  • If it is Ruby Based Program
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • As Ruby is configured inside PentestBox, you can directly go to that directory and then run that program by prepending ruby to the filename.
    • But if you want to set an alias for that program then please follow How to add an alias
  • It it is Executable file
    • Place that folder in PentestBox_Directory/bin or in any folder inside bin.
    • You can directly access by moving to that folder and typing the filename.
    • But if you want to set an alias for that program then please follow How to add an alias


Source && Download
download

0 comments: