Top 10 Windows Hacking Tools

This is the Collection of Best Windows Hacking Tools:

1. Cain & Abel - Cain & Abel is a password recovery tool for the Microsoft Windows Operating System. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

2. SuperScan - SuperScan is a powerful TCP port scanner, pinger, resolver. SuperScan 4 (Current Version) is a completely-rewritten update of the highly popular Windows port scanning tool, SuperScan.

3. GFI LANguard Network Security Scanner - GFI LANguard N.S.S. is a network vulnerability management solution that scans your network and performs over 15,000 vulnerability assessments. It identifies all possible security threats and provides you with tools to patch and secure your network. GFI LANguard N.S.S. was voted Favorite Commercial Security Tool by NMAP users for 2 years running and has been sold over 200,000 times!

4. Retina - Retina Network Security Scanner, recognised as the industry standard for vulnerability assessment, identifies known security vulnerabilities and assists in prioritising threats for remediation. Featuring fast, accurate, and non-intrusive scanning, users are able to secure their networks against even the most recent of discovered vulnerabilities.

5. SamSpade - SamSpade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more.

6. N-Stealth - N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto, but you have to pay for the privilege.

7. Solarwinds - Solarwinds contains many network monitoring, discovery and attack tools. The advanced security tools not only test internet security with the SNMP Brute Force Attack and Dictionary Attack utilities but also validate the security on Cisco Routers with the Router Security Check. The Remote TCP Reset remotely display all active sessions on a device and the Password Decryption can decrypt Type 7 Cisco Passwords. The Port Scanner allows testing for open TCP ports across IP Address and port ranges or selection of specific machines and ports.

8. Achilles - The first publicly released general-purpose web application security assessment tool. Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly. Due to a cyber squatter, Achilles is no longer online at its original home of www.Digizen-Security.com…OOPS!

9. CookieDigger - CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users. The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.

10. Netcat (The Network SwissArmy Knife) - Netcat was originally a Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

Read More

How to make Keygens?

Attention : This Article is Only for Real Geeks

Disclaimer : I take no responsibility of the usage of this information.

This tutorial, is for educational knowledge ONLY.

How to make key generators?

Introduction

Hi there, in this tutorial, I intend to teach you how to make a pretty

simple keygen, of a program called W3Filer 32 V1.1.3.

W3Filer is a pretty good web downloader…

I guess some of you might know the program.

I`ll assume you know:

A. How to use debugger (in this case, SoftIce).

B. How to crack, generally (finding protection routines,patching them,etc…).

C. How to use Disassembler (This knowledge can help).

D. Assembly.

E. How to code in Turbo Pascal ™.

Tools you`ll need:

A. SoftIce 3.00/01 or newer.

B. WD32Asm. (Not a must).

C. The program W3Filer V1.13 (if not provided in this package), can be found in

www.windows95.com I believe.

D. Turbo Pascal (ANY version).

Well, enough blah blah, let’s go cracking…

Run W3Filer 32.

A nag screen pops, and , demands registration (Hmm, this sux ;-)) Now,

We notice this program has some kind of serial number (Mine is 873977046),

Let’s keep the serial in mind, I bet we`ll meet it again while we’re on

the debugger.

Well, now, let’s put your name and a dummy reg code…

set a BP on GetDlgItemTextA, and, press OK.

Read More

Top 10 Linux Hacking Tools

This is a Cool Collection of Top Ten Linux Hacking Tools.

1. nmap - Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.

2. Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

3. THC-Amap - Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.

4. Ethereal - Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

5. THC-Hydra - Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

6. Metasploit Framework - The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper - John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus - Nessus is the world’s most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world’s largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS - Internetwork Routing Protocol Attack Suite - Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack - RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.

Read More

How To Write A Basic Keylogger In VB

Intro: What a Keylogger is made of

Before we start programming, we need to answer a basic question: what is a keylogger? As the name implies (key+logger) - a keylogger is a computer program that logs (records) the keys (keyboard buttons) pressed by a user. This should be simple to understand. Lets say that I am doing something at my computer. A keylogger is also running (working) on this computer. This would mean that the keylogger is “listening” to all the keys I am pressing and it is writing all the keys to a log file of some sort. Also, as one might have guessed already, we don’t want the user to know that their keys are being logged. So this would mean that our keylogger should work relatively stealth and must not, in any case, show its presence to the user. Good, now we know what a keylogger as and we have an idea of its functions, lets move on to the next step.

=========================================

Basic Concepts: What needs to be achieved

=========================================

Ok, now lets plan our program, what should such keyloger do and what it should not. Significant difference to previous section is in the sense that here we shall discuss the LOGIC, the instructions that our program will follow.

Keylogger will:

1 - listen to all the key strokes of the user.

2 - save these keys in a log file.

3 - during logging, does not reveal its presence to the user.

4 - keeps doing its work as long as the used is logged on regardless of users actions.

==========================================

Implementation: Converting logic into code

==========================================

We shall use Visual Basic because it is much easier and simple to understand comparing to C++ or Java as far as novice audience is concerned. Although programmers consider it somewhat lame to code in VB but truthfully speaking, its the natural language for writing hacking/cracking programs. Lets cut to the chase - start your VB6 environment and we are ready to jump the ride!

Read More

Mixed Bag - Mobile Hacking

Nokia 31xx

____________

Firmware version

*#0000# or *#3110#

IMEI Code

*# 06 #

Restores Factory Settings

*#7780#

Warranty Codes

*#92702689# (= *#war0anty#)

Just scroll down through the information. If entering the above code requires a

further warranty code try entering the following:

6232 (OK) : Month and year of manufacture

7332 (OK) : Last repair date

7832 (OK) : Purchase date (if previously set)

9268 (OK) : Serial number

37832 (OK) : Set purchase date (this can only be done once)

87267 (OK) : Confirm transfer

Nokia 5110

_____________

IMEI Number *#06#

For checking the IMEI (International Mobile Equipment Identity).

———————————————————

Security Code 12345

Default security code is 12345. If you forgot your security code, there s so many program on the net which allowed you to know the security code likes Security ID Generator, Nokia IMEI Changer, etc.

update:

Security ID Generator (SID.EXE) and IMEI Generator (NOKIAIMEI.EXE) doesn t works with Nokia 5110

Resetting Security Code

If you accidentally lock the phone or forgot the security code, the best thing to do is check it with your local Nokia dealer. For advanced user, you can use WinTesla, PCLocals or LogoManager program to read the security code or resetting the code (You will need an FBUS/MBUS (or compatible) cable to do this.

Read More

Tracking Email

MailTracking.com - What is it and how does it work?

What is MailTracking?

MailTracking is the most powerful and reliable email tracking service that exists today. In short - MailTracking tells you when email you sent gets read / re-opened / forwarded and so much more

How do I send a tracked email? There are two ways you can send tracked emails:

1. Simply add: .mailtracking.com to the end of your recipients email address (they won’t see this)
   
   or


2. Install the ActiveTracker plugin to add the tracking for you.

Testing? If you send tracked emails to yourself, your anti-spam filters may block them (people don’t usually write to themselves) - so we recommend you test by sending to other people.

What will you tell me about the tracked emails I send? MailTracking will endeavour to provide the following in your tracking reports:

• Date and time opened


• Location of recipient (per their ISP city /town)


• Map of location (available on paid subscriptions)


• Recipients IP address


• Apparent email address of opening (if available)


• Referrer details (ie; if accessed via web mail etc)


• URL clicks


• How long the email was read for


• How many times your email was opened


• If your email was forwarded, or opened on a different computer

All messages sent via MailTracking benefit from the SPF compliant and Sender-ID compliant mail servers. This confirms safe transmission of your messages, and also enables us to report delivery status to you (including: bounce-backs, delays and success notifications). Delivery information is listed in your Personal Tracking Page. Note: MailTracking.com does not use or contain any sp‌y-ware, ma‌l-ware, nor vi‌rues, it is not ill‌egal to use, and does not breach any pri‌vacy reg‌ulations in any countries.

What else does MailTracking do?

There are lots of great features available to you - these include the following sending options:

• Certified email


• Ensured-Receipts and retractable emails


• Invisible tracking


• Self-Destructing emails


• Block printing


• Block forwarding


• Adobe Acrobat PDF Document Tracking


• Secure Encypted emails


• Track MS Word or Excel documents

You can also choose how to receive your receipts:

• In your Personal Tracking Page (when you log in)


• Email ReadNotifications


• Legal Proof-of-Opening receipts


• Delivery Service Notifications (DSN’s)


• SMS alert on your cell-phone or pager


• Instant Messenger

Click Here to Register.

Read More

Your Email can be intercepted ! Check How

Top 10 Places Your Email Can Be Intercepted

i. The Internet

The Internet has radically changed the way we communicate with each other. Email is obviously an extremely valuable and ubiquitous form of communication, but with this technology comes certain pitfalls that should be understood. The path that an email message takes to reach its recipient is a complex and varying one, and while in transit that message may come under the potential scrutiny of numerous different people and organizations.

We will attempt to outline the varying paths that an email message may travel, and who some of those different people and organizations might be under whose scrutiny the message may pass. The intention of the document is not to provide a how-to guide; the only specific technique that will be discussed, packet sniffing, is one that anybody with any technical networking knowledge whatsoever is already familiar with – which brings us to an important point. At a round number, there are probably at least a million people in the world with the requisite technical knowledge necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a lot more than that - maybe several million by now, and more everyday as the populace becomes more networking-literate.) Fortunately, the number of those people who actually have the physical access necessary to intercept email is much smaller, but it is still a very large number.

ii. Internet Service Provider (ISP)

The Internet is composed of numerous different interconnected networks and systems that collectively provide a backbone for the transmission of network traffic. It is a highly dynamic physical environment: a system or network device that is here today may be gone or reconfigured tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate for this change. This dynamic nature is one of the things that make the Internet so powerful. However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly what path network traffic will follow. One email message that you send could take an entirely different path to reach the recipient than another that you send to the same person. In fact, it is even worse than that: for the sake of efficiency, email messages and other network traffic are typically broken down into smaller little chunks, or packets, before they are sent across the

network, and automatically re-assembled on the other side. Each of these individual packets may in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get reused until the operational parameters of that or other related paths have significantly changed.)

The net result of all this is that your message, or at least little chunks of your message, travels through an indeterminate set of systems and network devices, each of which offers a point of interception. These systems may be owned or operated by corporations and non-profit organizations, by colleges, by governments and government agencies, or by telecom and other connectivity providers. Given such a widely divergent group, it is easy to see how either an unethical organization or a renegade employee may easily gain access to the messages and traffic crossing their systems. All of these factors combine to make the Internet itself the primary source of message interception points.

Read More