Thursday, May 9, 2013



I make this article for education purpose only, and I'm not responsibility for any damage caused by reader do.

- Information Gathering

- Nmap
Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.

Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.

CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module's current source tree and then requesting those file names from the target system. These requests can be sent through a distinct proxy to help "bootstrap" security testing tools like Burp, Paros, Webinspect, etc.

AutoScan-Network is a network scanner (discovering and managing application). No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network.

WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.
WinDump captures using theWinPcap library and drivers, which are freely downloadable from the WinPcap.org website. WinDump supports 802.11b/g wireless capture and troubleshooting through the Riverbed AirPcap adapter.
WinDump is free and is released under a BSD-style license.

- Vulnerability Assesstment

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

WebCruiser - Web Vulnerability Scanner, an effective and powerful web penetration testing tool that will aid you in auditing your website! It has a Vulnerability Scanner and a series of security tools.
It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, an XPath injection tool, and a Cross Site Scripting tool.

Kerinci is web vulnerability scanner made by ketek from indonesia. kerinci is easy to use and accurate to find vulnerability in a website.

- Nikto (perl)
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

- w3af
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.

Uniscan is a simple SQLI, XSS, Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.

- Exploitation Tools

The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and  password hashes, dump tables and columns, fetching data from the database, running SQL  statements and even accessing the underlying file system and executing commands on the  operating system.

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page.

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database.

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.

- Hash Cracker

this is online hash cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.

Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords.

12 comments:

  1. Very Informative. The results of penetration testing are addressing the vulnerabilities in the computer system and also particular recommendations for fixing the vulnerabilities.

    Penetration Testing

    ReplyDelete
  2. Πολύ καλά αυτά που δίνεις συνέχισε μεγάλε, και βάλε και στα Ελληνικά ρε αν είσαι Έλληνας.. :)
    Ευχαριστούμε πάντως :)

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
  4. Sudah seru, odds nya menguntungkan lagi!!. itulah permainan sabung ayam online di agen sabung ayam
    Dapatkan informasi penting dalam dunia sabung ayam di website bawah ini
    http://agentaruhanayam.npage.de/Memahami-Permainan-Sabung-Ayam-CFT2288-Yang-Baru-Diluncurkan

    ReplyDelete
  5. I have read your article, it is very informative and helpful for me. Coinabase support phone number +1-888-840-3277 The gathering of the inside and out arranged experts are accessible 24*7 to empower you to decide your issues. With the best features, it moreover gives all of you out security while using the organizations and at the events when you are frustrated about any component, similarly causes you out. Any sort of perplexity that inspires an emotional response will be cleared by the pros. In case you have any particular issue, the readied and master experts are there to help you. Coinbase customer organization locks in towards giving their customers the most suitable courses of action and make the customers satisfied after the call. more info visit here: https://www.numbersonweb.com/crypto-wallets/coinbase-support-number/

    ReplyDelete
  6. If you are facing any issues regarding Binance, We are one of the leading
    Binance support service providers globally. At whatever point you cause hurt while trading on Binance, you may approach Binance Support Phone Number +1-888-840-3277 which is continually handy reliably. The gathering of specialists are continually helpful and have fixes related to the all of the request and burdens that keeps the method for customers. Acknowledge trouble free trading on Binance and if, any issue exists, you can connect with them at whatever point and discard your issues.more data visit here: https://www.numbersonweb.com/crypto-exchanges/binance-support-number/

    ReplyDelete
  7. Fix issues of Binance, Exchange, account rekated and other periphery with the help of Binance Support Number. Blockchain which is clear by the open is broadly utilized by digital forms of money. It is a sort of installment rail and the utilization of private blockchains is done significantly for business purposes. The advertising of such blockchains with no security is alluded to as a Snake oil by Computer world. For any data related with Blockchain, don't hesitate to connect with us by means of Blockchain support phone number. +1-888-840-3277 To put in basic terms, Blockchain is an appropriated record framework which is decentralized. The Blockchain is a new and progressive advance on the planet brimming with innovation. more data visit here: https://www.numbersonweb.com/crypto-wallets/blockchain-support-number/

    ReplyDelete
  8. Recover the password is an easy task if you know your current password or have linked accurate email address/phone number during the Binance account. If user faces any difficulty while resetting the password, users can talk to the adroit experts via Binance support number chat and email support. They are available round the clock and offer excellent and outstanding solutions to the users. They have a team of Binance Support Number adroit and skilled professionals who are expert in troubleshooting all the errors and provide best services to the users.

    ReplyDelete
  9. Is your account got hacked? Have you forgotten your password? Such issues leads to password errors problems. Users face password errors every now and then. It seems like a small issue but it can cause big blunders if it is not recovered on time. To recover your password, you can take assistance from the professionals as soon as possible by Gemini Support Number dialing Gemini support phone number. You can enjoy their customer expert services at fullest because you don’t have to pay for it. They are expert in fixing both your technical and non-technical customer services.

    ReplyDelete
  10. Are you facing trouble in withdrawing forked coins in the Binance account? Troubles like this exist in users account all the time and due to less awareness, they are unable to cope up with it and get in trouble. If you’re looking for solutions to deal with such queries all at once, you can always call on Binance phone number which is all the time functional. Talk to the team Binance Customer Support Number anytime for quality and result-oriented solutions from the professionals in no time. The team is always at your service and you can talk to the team members regarding your trouble.

    ReplyDelete
  11. Unable to carry forward the 1-877-846-2817 Binance verification process? Binance ID verification is a lengthy process and requires proper steps to be followed to deal with all bummers. Binance Customer Service Number You have to ensure that you are using the right photograph and handle all the requirements correctly. In case, if you need any assistance, you can directly contact with the team via Binance customer service number which is functional and the team is ready to assist so that you don’t get into any trouble while working on the exchange.

    ReplyDelete