Showing posts with label Tools. Show all posts
Showing posts with label Tools. Show all posts
Monday, 10 February 2014
Labels:
Tools
Today am going to share a very adorable script/program called "Hash Identifier",Well hash cracking and encrypting in itself is a vast field so we have to monetize ourselves with it in order to "Control The Scene",It's very easy to install or run that script like ABC.
So follow my step's
1) First of all download Python Interpreter so that we are able to run .py (python files) in our Windows OS from here IF you are on Linux Based OS so skip this step because python interpreters are already built in/installed on them.
2) After Downloading Python Interpreter Install it and Download Hash-Identifier1,1 and Paste that script in "C" Drive (any drive you want in my case it's "C") now click on 'Start Menu',Open 'Run' And Type 'cmd' in it after that goto your desired drive where you have your Hash-ID Script by this command (I have it in Drive C) 'cd c:\' after that run your script simple by yourscriptname.py,In my case it's hash.py and after that paste your hash there it will list you the "MOST POSSIBLE" And "POSSIBLE" Hash Types.
Hopes you enjoyed it,
Any Issues Drop A Comment.
Read More
Hash Identifier
Today am going to share a very adorable script/program called "Hash Identifier",Well hash cracking and encrypting in itself is a vast field so we have to monetize ourselves with it in order to "Control The Scene",It's very easy to install or run that script like ABC.
So follow my step's
1) First of all download Python Interpreter so that we are able to run .py (python files) in our Windows OS from here IF you are on Linux Based OS so skip this step because python interpreters are already built in/installed on them.
2) After Downloading Python Interpreter Install it and Download Hash-Identifier1,1 and Paste that script in "C" Drive (any drive you want in my case it's "C") now click on 'Start Menu',Open 'Run' And Type 'cmd' in it after that goto your desired drive where you have your Hash-ID Script by this command (I have it in Drive C) 'cd c:\' after that run your script simple by yourscriptname.py,In my case it's hash.py and after that paste your hash there it will list you the "MOST POSSIBLE" And "POSSIBLE" Hash Types.
Hopes you enjoyed it,
Any Issues Drop A Comment.
Tuesday, 7 May 2013
Labels:
Tools
Read More
Uniscan Vuln Scanner
Uniscan is a web vulnerability scanner written in perl language,it comes with a variety of scanning techniques.
It is mostly used by black hat means hacker's because its very easy in usage and any can be familiar with it in just a minute it comes built in Backtrack 5 the most linux distro by security pentesters :D
it has many options like,
-h ( for help )
-u ( for confirming a target like -u www.target.com )
-b ( Order uniscan to go background when the scanning will start )
-q ( For Enable Directory Checks )
etc etc.. all options you can see in the picture above :D
now if you want to run it on backtrack just open terminal and type
root@bt:/ cd /pentest/web/uniscan
And hit enter now comes to the main part how to scan a target well its quite simple you have to use just use 1 main option which is -u which defines our target :D and some options according to your need like what you want to be check in the website like this
root@bt:/ ./uniscan.pl -u www.target.com -bqdw OR
root@bt:/ perl uniscan.pl -u www.target.com -bqdw
Change -bqdw according to your scanning that what you want to be check :D
Well now if you are on windows and don't want to change your os on Linux ( Backtrack ),
Just install perl on your Windows and download the tar.gz file on your computer and run it through perl console its very easy naah :D
ActivePerl x86 ( for 32 bit )
And
ActivePerl x64 ( for 64 bit )
Then download the Uniscan 6.2
And enjoy.
hopes you like it don't forget to comment or giving your feedback :D
It is mostly used by black hat means hacker's because its very easy in usage and any can be familiar with it in just a minute it comes built in Backtrack 5 the most linux distro by security pentesters :D
it has many options like,
-h ( for help )
-u ( for confirming a target like -u www.target.com )
-b ( Order uniscan to go background when the scanning will start )
-q ( For Enable Directory Checks )
etc etc.. all options you can see in the picture above :D
now if you want to run it on backtrack just open terminal and type
root@bt:/ cd /pentest/web/uniscan
And hit enter now comes to the main part how to scan a target well its quite simple you have to use just use 1 main option which is -u which defines our target :D and some options according to your need like what you want to be check in the website like this
root@bt:/ ./uniscan.pl -u www.target.com -bqdw OR
root@bt:/ perl uniscan.pl -u www.target.com -bqdw
Change -bqdw according to your scanning that what you want to be check :D
Well now if you are on windows and don't want to change your os on Linux ( Backtrack ),
Just install perl on your Windows and download the tar.gz file on your computer and run it through perl console its very easy naah :D
ActivePerl x86 ( for 32 bit )
And
ActivePerl x64 ( for 64 bit )
Then download the Uniscan 6.2
And enjoy.
hopes you like it don't forget to comment or giving your feedback :D
Monday, 6 May 2013
Labels:
Tools
Joomscan is a joomla web vulnerability scanner written in perl langauge for penetrate or finding vulnerability known already in a particular targets,Joomla is the most widely used CMS present now because of its flexibility and plugins which makes easier for webmasters to manage there websites in a friendly use interface
well joomscan comes built in Backtrack 5 just open terminal and type
root@bt~$ cd pentest/web/joomscan
or if you are on windows just installed perl in your windows and open it with perl console :D its easy nahh!!
Read More
Joomla Vulnerability Scanner.
Joomscan is a joomla web vulnerability scanner written in perl langauge for penetrate or finding vulnerability known already in a particular targets,Joomla is the most widely used CMS present now because of its flexibility and plugins which makes easier for webmasters to manage there websites in a friendly use interface
well joomscan comes built in Backtrack 5 just open terminal and type
root@bt~$ cd pentest/web/joomscan
or if you are on windows just installed perl in your windows and open it with perl console :D its easy nahh!!
DOWNLOAD :
JoomScanINTERFACE :
USAGE :
its usage is very very simple like a piece of cake
1) First update your joomscan to the latest vulnerability bundlers by this command
root@bt~$ ./joomscan.pl update or perl joomscan.pl update
2) Now scanning for vulnerabilities on a joomla based website
root@bt~$ ./joomscan.pl -u www.example.com
it will scan the whole plugins installed in the target for exploits :D
now i am 100% sure that you are feeling like I CAN HACK JOOMLA [[Bitch Please]] xD
Don't forget to comment or having any problem regarding the tut just let me know drop a comment below ;)
Labels:
Tools
WPScan is a WordPress vulnerability scanner which has different flavours of exploiting wordpress based websites it is programmed in RUBY language,it can attack a wordpress website in variety of ways
like you can use non-intrusive scan you can also bruteforce the admin passwords with it if you have a good password list but don't worry there is a built it pass list in backtrack ;)
The best part of the wpscan is that you can enumerate or try to find exploit of plugins installed in it thats the best part of wpscan because exploiting wordpress directly is "hell of a job" thats why the better option is to use plugins enumeration.
Read More
WordPress Vulnerability Scanner.
WPScan is a WordPress vulnerability scanner which has different flavours of exploiting wordpress based websites it is programmed in RUBY language,it can attack a wordpress website in variety of ways
like you can use non-intrusive scan you can also bruteforce the admin passwords with it if you have a good password list but don't worry there is a built it pass list in backtrack ;)
The best part of the wpscan is that you can enumerate or try to find exploit of plugins installed in it thats the best part of wpscan because exploiting wordpress directly is "hell of a job" thats why the better option is to use plugins enumeration.
INTERFACE :
DOWNLOAD :
WPSCAN USAGE :
Do 'non-intrusive' checks...
ruby wpscan.rb --url www.example.com
Do wordlist password brute force on enumerated users using 50 threads...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50
Do wordlist password brute force on the 'admin' username only...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin
Enumerate installed plugins...
ruby wpscan.rb --url www.example.com --enumerate p
Run all enumeration tools...
ruby wpscan.rb --url www.example.com --enumerate
Update WPScan...
ruby wpscan.rb --update
Hopes you like it :D
Labels:
Tools
Nikto is an open source web or server vulnerability scanners widely used in pentesting or by hacker's it is also used by webmaster's to penetrate and find the vulnerabilities in there server which can be exploit with manually or by software's,Nikto scans 6500 potentially dangerous files/CGIs,and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is written by Chris Sullo and David Lodge.
so download it to your distro and open it through the terminal
Download anyone from them Nikto2.tar.bz2 or Nikto2.tar.gz.
Now lets come to the main part of the post which is how to use Nikto?
well Nikto can be used is different ways so lets discuss about there usage.
1) The basic use means if you want to scan a ip or a particular target (website)
root@bt:~$ ./nikto.pl -h [target or web url] or perl nikto.pl -h [target or web url]
2) For help if you want to see its more function
root@bt~$ ./nikto.pl -H or perl nikto.pl -H
3) For checking updates just use
root@bt~$ ./nikto.pl -update or perl nikto.pl -update
4) For scanning your target using proxy use command mentioned below
root@bt~$ ./nikto.pl -h [target or web url] -useproxy http://localhost:8080/
./exit
Hopes u like it don't forget to comment ;) if you are facing any prob just drop a comment below :D
Read More
Nikto2 Vuln Scanner
Nikto is an open source web or server vulnerability scanners widely used in pentesting or by hacker's it is also used by webmaster's to penetrate and find the vulnerabilities in there server which can be exploit with manually or by software's,Nikto scans 6500 potentially dangerous files/CGIs,and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is written by Chris Sullo and David Lodge.
INTERFACE :
so download it to your distro and open it through the terminal
Download anyone from them Nikto2.tar.bz2 or Nikto2.tar.gz.
Now lets come to the main part of the post which is how to use Nikto?
well Nikto can be used is different ways so lets discuss about there usage.
1) The basic use means if you want to scan a ip or a particular target (website)
root@bt:~$ ./nikto.pl -h [target or web url] or perl nikto.pl -h [target or web url]
2) For help if you want to see its more function
root@bt~$ ./nikto.pl -H or perl nikto.pl -H
3) For checking updates just use
root@bt~$ ./nikto.pl -update or perl nikto.pl -update
4) For scanning your target using proxy use command mentioned below
root@bt~$ ./nikto.pl -h [target or web url] -useproxy http://localhost:8080/
./exit
Hopes u like it don't forget to comment ;) if you are facing any prob just drop a comment below :D
Labels:
Tools
Havij is an automated sql injector tools which was made my itsec team it is mostly used automated injector in windows operating system.
Havij has a very friendly interface any one can addict to it but it is a bit slow if your target has some goods waf ( web appliction firewall ) so the chances are 40% by havij that you can inject it with havij,
But in the beginning stage I prefer you to use havij if you are not familiar with manual sql injection.
To get the pro version just read the instruction given in the rar archive and registered your havij copy to pro version in just simple 5 steps..
MediaFire Download Link
Password : pakmadhunters
Don't forget to comment or giving your precious feedback :)
Read More
Havij 1.15 Pro
Havij is an automated sql injector tools which was made my itsec team it is mostly used automated injector in windows operating system.
Havij has a very friendly interface any one can addict to it but it is a bit slow if your target has some goods waf ( web appliction firewall ) so the chances are 40% by havij that you can inject it with havij,
But in the beginning stage I prefer you to use havij if you are not familiar with manual sql injection.
INTERFACE :
To get the pro version just read the instruction given in the rar archive and registered your havij copy to pro version in just simple 5 steps..
MediaFire Download Link
Password : pakmadhunters
Don't forget to comment or giving your precious feedback :)
Subscribe to:
Posts
(
Atom
)