All Posts Tagged
Tag: ‘Hacking’

Python HTTP Shell – PyHttpShell

PyHttpShell is a shell written in python and php, traffic is over http protocol using a server in the middle.

Read More

Windows Domain Credentials Phishing Tool

I created this tool for a pen test i performed for a client,
i already had a meterpreter session and i needed to get the current domain user credentials.
Instead of using a key logger and wait for the user to type his password i decided to force him to enter it.

Read More

EMS – E-mail Spoofer

E-mail Spoofer is a tool designed for penetration testers who need to send phishing e-mails.
It allows to send mails to a single recipient or a list, it supports plain text/html email formats, attachments, templates and more…

Read More

Resolver 1.0.9 – Bug Hunters Edition Release

I am happy to announce of a special release of Resolver version 1.0.9 “Bug Hunters Edition” If you want to know what Resolver is you can read about it Here. What is new and why its called the “Bug Hunters Edition” ? Well…When participating in a bug bounty programs you may want to find  as […]

Read More

Setup a Fake Access Point With BackTrack5

Recently I needed to setup a fake access point for a presentation, I fired up my Backtrack5 VM, Connected my Alfa AWUS036H USB adapter and started to configure the Fake AP. There are a lot of Tutorials and Scripts for setting up a Fake AP,  The “Gerix”  tool also have an option to auto set […]

Read More

Resolver

I needed a simple tool that can preform a reverse dns lookup for a given IP address or for a range of IP’s in order to find its PTR. Usually I use Linux which has several tools for querying DNS, One of my favourite tools is the “host” command which can be used for this task: root@bt”>root@bt:~# host […]

Read More

Patching and Compiling Cowpatty UBUNTU 10.04

I was playing around with some wireless attack tools today, Mostly with cuda based tools such as pyrit. I wanted to check my new Core i7 PC and GPU cracking capabilities and speed on my UBUNTU 10.04 64bit OS. Pyrit supports WPA cracking with Cowpatty, At first i decided to do some benchmarking for different […]

Read More

Metasploit Java Meterpreter Payload

If you haven’t noticed the Metasploit Framework has a JAVA meterpreter payload for some time now It supports all the commands supported by the PHP meterpreter, as of SVN revision 9777, and additionally the ipconfig, route, and screenshot commands. It is not fully implemented into the framework yet and in order to get it up and […]

Read More

Digital Whisper Magazine issue 11

Wrote an article named : “Buffer Overflows 101”  which was published today on the Israeli  Security Magazine “Digital Whisper” issue 11. The article is in the Hebrew language and covers the basics of buffer overflows,fuzzing,olly basics,writing a metasploit modules and more… The article has a companion tar.gz file which includes the source code of the vulnerable server (Which was […]

Read More

Client side attacks using evil JAVA applets

About a year ago I stumbled upon a Facebook clone phishing site which contained an evil Java applet, At the time SET wasn’t introduced yet and only few articles disscussing this attack vector were published (Another applet creation process was published by Jabra and described later on the Offensive Security “Metasploit Unleashed” Online course). No source code was released […]

Read More

How strong is your fu for charity – iVuln Writeup

On June 19th 2010 I attended the Offensive Security “How strong is your fu for charity” challenge , The objectives were to pawn 5 machines in 48 hours time frame. After some enumeration and rumors on the IRC channel it became clear to me that the easiest machine to pawn was the 192.168.x.200 (named iVuln),  a […]

Read More

Recent Posts