Thursday, May 9, 2013



I make this article for education purpose only, and I'm not responsibility for any damage caused by reader do.

- Information Gathering

- Nmap
Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.

Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.

CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module's current source tree and then requesting those file names from the target system. These requests can be sent through a distinct proxy to help "bootstrap" security testing tools like Burp, Paros, Webinspect, etc.

AutoScan-Network is a network scanner (discovering and managing application). No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network.

WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.
WinDump captures using theWinPcap library and drivers, which are freely downloadable from the WinPcap.org website. WinDump supports 802.11b/g wireless capture and troubleshooting through the Riverbed AirPcap adapter.
WinDump is free and is released under a BSD-style license.

- Vulnerability Assesstment

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

WebCruiser - Web Vulnerability Scanner, an effective and powerful web penetration testing tool that will aid you in auditing your website! It has a Vulnerability Scanner and a series of security tools.
It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, an XPath injection tool, and a Cross Site Scripting tool.

Kerinci is web vulnerability scanner made by ketek from indonesia. kerinci is easy to use and accurate to find vulnerability in a website.

- Nikto (perl)
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

- w3af
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.

Uniscan is a simple SQLI, XSS, Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.

- Exploitation Tools

The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and  password hashes, dump tables and columns, fetching data from the database, running SQL  statements and even accessing the underlying file system and executing commands on the  operating system.

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page.

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database.

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.

- Hash Cracker

this is online hash cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.

Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords.

Read More

list of the best dork scanner



- Sqli Hunter

SQLI Hunter is an automation tool to scan for an Sql Injection vulnerability in a website.
It automates the search of sqli vulnerable links from Google using google dorks! 
SQLI Hunter can also find admin page of any website by using some predefined admin page lists.

download Sqli Hunter


- Dork Searcher
Dork Searcher is a small utility that enables you to easily use Google to search for SQLi vulnerable web servers. 
Saves the results in a text or XML file. Uses the Tor VPN/Proxy client or your own Socks 4a or 5 proxy server for anonymity. Over 350 Google Dorks included. Easily add your own to the list by simply editing a text file.

download Dork Searcher

- ICFsqli Crawler
This tool helps u to scan sql injection vulnerablity on 1000s of websites , by just giving the ip of the server .
This is one of the best & worlds fastest mass sqli scanner , coded by INDiAn CyBER FORCE (b47chguru).

download ICFsqli Crawler

- Xcode Exploit Scanner
this is the great tools to find vulnerability using dork, I was try it and it look awesome

download Xcode Exploit Scanner

- BinGoo
BinGoo is my version of an all-in-one dorking tool written in pure bash. It leverages Google AND Bing main search pages to scrape a large amount of links based on provided search terms. You can choose to search a single dork at a time or you can make lists with one dork per line and perform mass scans. Once your done with that, or maybe you have links gathered from other means, you can move to the Analyzing tools to test for common signs of vulnerabilities.

download BinGoo


- GooDork
GooDork is a simple python script designed to allow you to leverage the
power of google dorking straight from the comfort of your command line.
GooDork offers powerfull use of googles search directives, by analyzing results
from searches using regular expressions that you supply.
So basically the purpose of GooDork is to combined Dorking with Regular expressions

download GooDork

- Gr3NoX exploit scanner
Gr3NoX scan for vulnerability with google dork, you can scan sqli, LFI/RFI, and xss.

download Gr3NoX exploit scanner

- Revtan Tools
this is the PHP dork scanner, so you need to install it into you localhost or in your webhost.

download Revtan
password : hocib0.blogspot.com



Read More

Wednesday, May 8, 2013

install joomla on xampp localhost in windows

first we need to download joomla and xampp
download joomla here
download xampp here
here I use joomla 2.5.4 for example but you can download the other version too.

after your download was complete install xampp, and create folder and extract the joomla.zip file into your new xampp folder . usually at C:\xampp\htdocs\your_folder. on this example I give "joomla" as the folder name.

then run the xampp program and activate apache and mysql.



go to browser and type http://localhost/phpmyadmin to create a new database for our joomla. I give my databse name "joomla" just for example, you can use the other name.



then go to your browser and type http://localhost/joomla

read more this aericle at http://astrallor.blogspot.com/2013/05/install-joomla-on-xampp-localhost-in.html
Read More

Wednesday, May 1, 2013

how to install linux inside windows

do you want to learn linux ? but you still need windows for your activity in computer ? don't worry we still can using linux run together with windows. I will tell you how to do it.

first we need a program named Oracle VM virtualbox, download it here:

install Oracle VM virtualbox on your machine and run it.

and then run Oracle VM virtualbox

click "new" and select what OS you want to install and give name, in this example I will install backtrack 5 r3, so I choose ubuntu OS.
Read More

Tuesday, April 30, 2013

the best web vulnerability scanner


This is list of the best web vulnnerability scanner.. hope you like it.


- arachni


Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives. Unlike other scanners, it takes into account the dynamic nature of web applications, can detect changes caused while travelling through the paths of a web application's cyclomatic complexity and is able to adjust itself accordingly. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni. Moreover, Arachni yields great performance due to its asynchronous HTTP model (courtesy of Typhoeus) -- especially when combined with a High Performance Grid setup which allows you to combine the resources of multiple nodes for lightning fast scans. Thus, you'll only be limited by the responsiveness of the server under audit. Finally, it is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits.

download arachni

- acunetix

Acunetix was founded with this threat in mind. It was understood that the only way to combat website hacking was to develop an automated tool that could help companies scan their web applications to identify and resolve exploitable vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a heuristic tool designed to replicate a hacker's methodology to find dangerous vulnerabilities -- like SQL injection and cross site scripting -- before hackers do. Acunetix WVS brings an extensive feature-set of both automated and manual penetration testing tools, enabling security analysts to perform a complete vulnerability assessment, and repair detected threats, with just the one product.
The Acunetix development team consists of highly experienced security developers, all with extensive development experience in network security scanning software prior to working on Acunetix WVS. The management team is backed by years of experience in marketing and selling security software.

download acunetix

- netsparker

Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could leave you dangerously exposed.

download netsparker

- burp suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

download burp suite

- nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

download nikto

- w3af

w3af (short for web application attack and audit framework) is an open-source web application security scanner. The project provides a vulnerability scanner and exploitation tool for Web applications. It provides information about security vulnerabilities and aids in penetration testing efforts.
This cross-platform tool is available in all of the popular operating systems such as Microsoft Windows, Linux, Mac OS X, FreeBSD and OpenBSD and is written in the Python programming language. Users have the choice between a graphic user interface and a command-line interface.

download w3af

- skipfish

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

download skipfish

Read More

the best sql injection tools


this is the best tools for sql injection, hope you like it.

- sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

download sqlmap

- havij

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. it can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and  password hashes, dump tables and columns, fetching data from the database, running SQL  statements and even accessing the underlying file system and executing commands on the  operating system. The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injectiong vulnerable targets using Havij. The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

- the mole
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique

- sqlninja
Sqlninja's goal is to exploit SQL injection vulnerabilities on web applications that use Microsoft SQL Server as back end. It is released under the GPLv2.
There are a lot of other SQL injection tools out there but sqlninja, instead of extracting the data, focuses on getting an interactive shell on the remote DB server and using it as a foothold in the target network.

download sqlninja


- bsql hacker


BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).
It allows metasploit alike exploit repository to share and update exploits.





Read More
Avast! is - both freeware and payable - antivirus computer program with user interface that includes 41 languages, available to Microsoft Windows, Mac OS X and Linux users. The name Avast is an acronym of "Anti-Virus – Advanced Set".The official, and current logo of Avast! is a white orb with the letter 'a' on it and an orange circle around it, sticking out to four directions.

here you can download avast free full version.

download here :
avast pro 7
crack/serial key

before install crack first you need to install vcredist microsoft visual C++

how to use:
1. install avast 7 with free trial license.
2. extract crack/serial key into a directory.
3. double click "AVAST XP ZeNiX.reg" (windows xp).
4. click "Avast License ZeNiX 2012-06-29.exe".
5. and fill the password with "ZeniX" (without quote).
6. reboot your PC.



enjoy avast! :-)
Read More