Surf The Cyber

Today am going to share a very adorable script/program called "Hash Identifier",Well hash cracking and encrypting in itself is a vast field so we have to monetize ourselves with it in order to "Control The Scene",It's very easy to install or run that script like ABC.
So follow my step's

1) First of all download Python Interpreter so that we are able to run .py (python files) in our Windows OS  from here IF you are on Linux Based OS so skip this step because python interpreters are already built in/installed on them.

2) After Downloading Python Interpreter Install it and Download Hash-Identifier1,1 and Paste that script in "C" Drive (any drive you want in my case it's "C") now click on 'Start Menu',Open 'Run' And Type 'cmd' in it after that goto your desired drive where you have your Hash-ID Script by this command (I have it in Drive C) 'cd c:\' after that run your script simple by yourscriptname.py,In my case it's hash.py and after that paste your hash there it will list you the "MOST POSSIBLE" And "POSSIBLE" Hash Types.

Hopes you enjoyed it,
Any Issues Drop A Comment.

Uniscan is a web vulnerability scanner written in perl language,it comes with a variety of scanning techniques.
It is mostly used by black hat means hacker's because its very easy in usage and any can be familiar with it in just a minute it comes built in Backtrack 5 the most linux distro by security pentesters :D

it has many options like,

-h ( for help )
-u ( for confirming a target like -u www.target.com )
-b ( Order uniscan to go background when the scanning will start )
-q ( For Enable Directory Checks )

etc etc.. all options you can see in the picture above :D
now if you want to run it on backtrack just open terminal and type

root@bt:/ cd /pentest/web/uniscan

And hit enter now comes to the main part how to scan a target well its quite simple you have to use just use 1 main option which is -u which defines our target :D and some options according to your need like what you want to be check in the website like this

root@bt:/ ./uniscan.pl -u www.target.com -bqdw  OR
root@bt:/ perl uniscan.pl -u www.target.com -bqdw

Change -bqdw according to your scanning that what you want to be check :D

Well now if you are on windows and don't want to change your os on Linux ( Backtrack ),
Just install perl on your Windows and download the tar.gz file on your computer and run it through perl console its very easy naah :D
                                                         ActivePerl x86 ( for 32 bit )
And
                                                         ActivePerl x64 ( for 64 bit )

Then download the Uniscan 6.2
And enjoy.

hopes you like it don't forget to comment or giving your feedback :D

Joomscan is a joomla web vulnerability scanner written in perl langauge for penetrate or finding vulnerability known already in a particular targets,Joomla is the most widely used CMS present now because of its flexibility and plugins which makes easier for webmasters to manage there websites in a friendly use interface
well joomscan comes built in Backtrack 5 just open terminal and type
root@bt~$ cd pentest/web/joomscan

or if you are on windows just installed perl in your windows and open it with perl console :D its easy nahh!!

DOWNLOAD :

                                                                       JoomScan

INTERFACE :

USAGE :

WPScan is a WordPress vulnerability scanner which has different flavours of exploiting wordpress based websites it is programmed in RUBY language,it can attack a wordpress website in variety of ways
like you can use non-intrusive scan you can also bruteforce the admin passwords with it if you have a good password list but don't worry there is a built it pass list in backtrack ;)
The best part of the wpscan is that you can enumerate or try to find exploit of plugins installed in it thats the best part of wpscan because exploiting wordpress directly is "hell of a job" thats why the better option is to use plugins enumeration.

INTERFACE :

DOWNLOAD :

WPSCAN USAGE :

Nikto is an open source web or server vulnerability scanners widely used in pentesting or by hacker's it is also used by webmaster's to penetrate and find the vulnerabilities in there server which can be exploit with manually or by software's,Nikto scans 6500 potentially dangerous files/CGIs,and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

Nikto is written by Chris Sullo and David Lodge.

INTERFACE :

so download it to your distro and open it through the terminal

Download anyone from them Nikto2.tar.bz2 or Nikto2.tar.gz.

Now lets come to the main part of the post which is how to use Nikto?
well Nikto can be used is different ways so lets discuss about there usage.

1) The basic use means if you want to scan a ip or a particular target (website)

root@bt:~$ ./nikto.pl -h [target or web url] or perl nikto.pl -h [target or web url]

2) For help if you want to see its more function

root@bt~$ ./nikto.pl -H or perl nikto.pl -H

3) For checking updates just use

root@bt~$ ./nikto.pl -update or perl nikto.pl -update

4) For scanning your target using proxy use command mentioned below

root@bt~$ ./nikto.pl -h [target or web url] -useproxy http://localhost:8080/

./exit

Hopes u like it don't forget to comment ;) if you are facing any prob just drop a comment below :D

Havij is an automated sql injector tools which was made my itsec team it is mostly used automated injector in windows operating system.
Havij has a very friendly interface any one can addict to it but it is a bit slow if your target has some goods waf ( web appliction firewall ) so the chances are 40% by havij that you can inject it with havij,
But in the beginning stage I prefer you to use havij if you are not familiar with manual sql injection.

INTERFACE :