Home / Archives for November 2011

Fix your windows errors with registry cleaner

Posted by Deepanker Verma Saturday, November 19, 2011 1 comments

WIndows is the most used operating system of the world. But most of the virus and malwares harms windows. And each time a person is forced to re install windows because of virus effects. But you can also recovers and fix your windows errors without re-installing windows.
Most of the windows problems occurs due to registry changes made by virus. So updating your registry to original settings will fix your winodws. But now the problem is how to do that?
registry is the complex part of the windows and any wrong changes may lead to a unstable windows or crash.

"WiseFixer is an excellent Windows registry cleaner. Running this product on a scheduled basis, will result in a stable system and using it will greatly enhance system performance. The scan technology helps the user quickly identify errors and invalid entries that cause the computer to slow, freeze or crash. The product provides a set of tools to repair Windows registry problems, safely and securely speed up computer performance, and optimize system settings."

Download Here

GoLISMERO – Web Application Mapping Tool

Posted by Deepanker Verma Friday, November 18, 2011 2 comments

GoLISMERO – Web Application Mapping Tool

GoLISMERO help you to map an web application, displaying as confortable format for security auditor and preparing them for intergrate with other web hacking tools as w3af, wfuzz, netcat, nikto, etc

Features:

Map a web application.
Show all links and forms params as confortable format.
Save results with some formats: text, cvs, html, raw (for parsing with bash script) and wfuzz script.
Detect common vulnerabilities of web application.
Filter web information retaining only what is important.
Many other features you can find very useful.

Download here:
https://code.google.com/p/golismero/downloads/list

Acunetix Web Vulnerability Scanner 8 BETA Released and available for download

Posted by Deepanker Verma Thursday, November 17, 2011 0 comments

Acunetix Web Vulnerability Scanner 8 BETA Released and available for download

Acunetix is a popular web vulnerability scanner and now the version 8 beta is available for download. This application is one of the most used penetration testing tool and so its a good news for all penetration testers to move a step ahead with this new beta version.
Version 8 of Web Vulnerability Scanner has been optimized to make life easier at every stage of a security scan. WVS is easier to use for web admins and security analysts alike: enhanced automation, ability to save scan settings as a template to avoid reconfiguration, and multiple instance support for simultaneous scans of several websites. WVS 8 also ushers in a new exciting co-operation between Acunetix and Imperva: developers of the industry’s leading Web Application Firewall.

Download here:
http://www.acunetix.com/vulnerability-scanner/vulnerabilityscanner8.exe

W3af v1.1 Released - Web Application Attack & Audit Framework

Posted by Deepanker Verma 0 comments

W3af v1.1 releaased - Web Application Attack & Audit Framework

W3af is a popular web application auditing framework. I already posted previous release of this nice penetration tool. This tool is used to find and exploit the vulnerabilities in a web application.
This tool is written in python and is available with more that 130 plugins. These plugins are used to enhance the power of this tool. These plugins includes SQL injection, cross site scripting (xss), local and remote file inclusion and many other attack tools

Changes in v1.1

Considerably increased performance by implementing gzip encoding
Enhanced embedded bug report system using Trac’s XMLRPC
Fixed hundreds of bugs
Fixed critical bug in auto-update feature
Enhanced integration with other tools (bug fixed and addedmore info to the file)

Download Here:
http://sourceforge.net/projects/w3af/files/w3af/w3af%201.1/w3af-1.1.tar.bz2/download?use_mirror=cdnetworks-kr-1

Twitter hacked to post a tweet more than 140 characters

Posted by Deepanker Verma 0 comments

We all know about the twitter and the fact that we can not post more than 140 character tweet in this micro blogging website. But yesterday, i have seen a tweet of more than 140 characters which is being retweeted by manu persons. This was really strange and was the trending topic yesterday.
How the person managed to hackerd the character limit in Twitter??
I was also curious to know the reason. After doing some research and reading the reports by some researchers i also came to know the reason behind this.
The tweet contains the repetition of "\355\240\265\355\263\220\355\240\265\" or similar numbers whith backslash at starting. Backslash represents the escape sequence which is regarded as a valid character constant. So this is interpreted as a single character by twitter while it is the combination of 4 characters. So he managed to post a tweet by fooling the twitter algorithm with this backslash.
There are many other explanations about the character codings too. But the above reason is looking meaningful.

Burp Suit Pro v.1.4.0.3 released

Posted by Deepanker Verma Sunday, November 13, 2011 0 comments

Burp Suit Pro v.1.4.0.3 has been released and available for download. This is a nice too for penetration testing of web applications. It has various tools included to test a website from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. This tool include a new CSRF generator , which produces proof-of-concept HTML for generating virtually any HTTP request.

Main Feature:

Support for all form encoding types: standard URL encoding, multipart encoding, and plain text encoding.
Auto-detection of the optimal encoding type, with manual override.
Ability to edit both the request and response in-place, to fine tune attacks.
In-browser testing, by pasting a URL into your browser that will cause Burp Proxy to serve up the CSRF PoC in its response.
An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
An application-aware spider, for crawling content and functionality.
An advanced web application scanner, for automating the detection of numerous types of vulnerability.
An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
A repeater tool, for manipulating and resending individual requests.
A sequencer tool, for testing the randomness of session tokens.
The ability to save your work and resume working later.
Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

Download Here:
http://portswigger.net/burp/download.html

SQLninja v.0.2.6 "bunga bunga edition" released

Posted by Deepanker Verma Tuesday, November 8, 2011 0 comments

SQLninja v.0.2.6 "bunga bunga edition" released

One of the most used SQL injection tool for Microsoft SQL server has released its latest update with some bug fixes and new features.
It has following features:

Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB Server authentication mode)
Bruteforce of the 'sa' password
Privilege escalation to 'sa'
Creation of a custom xp_cmdshell if the original one has been disabled
Upload of executables
Reverse scan in order to look for a port that can be used for a reverse shell
Direct and reverse shell, both TCP and UDP
DNS tunneled pseudoshell, when no ports are available for a bindshell
ICMP tunneled shell, if the target DBMS can communicate via ICMP Echo with the attacking machine
Metasploit wrapping, when you want to use Meterpreter or even want to get GUI access on the remote DB server
OS privilege escalation on the remote DB server using token kidnapping or through CVE-2010-0232
All of the above can be done with obfuscated SQL code, in order to confuse IDS/IPS systems

Download here:
http://sqlninja.sourceforge.net/download.html

List of Online Websites SQL Injection Scanner

Posted by Deepanker Verma Thursday, November 3, 2011 1 comments

What will you do if you need your hacking tools but you are not with your system. This is really frustrating. You want to hack a website you know is vulnerable but you do not have you tools. You can do it with your skills and by injecting manual sql queries. But most of the kiddies can not. So all those kiddies can use these online SQL injection scanner.

http://www.be007.gigfa.com/scanner/scanner.php
http://www.sunmagazin.com/tools/hack/SQLI-Scan
http://scanner.drie88.tk
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php

:) enjoy hacking from any where

Remote spy on computers with Win-Spy

Posted by Deepanker Verma Wednesday, November 2, 2011 0 comments

Many times, in home or business, you need to know what is going on your computers. In business, owner wants complete details what the employee is doing in his system. Father wants know what his son or daughter is doing on the system. Even you want to hack your friends system and wnat to know what he is doing. These are some cases why you need a software which can work as your spy on other computers.
WinSpy is a premium software solution which can slove all these problems. Many of you want this free of cost. But many hackers use this softeware to installl trojans so they offer it for free witg trojan server. I will recommend youo to download this from trusted source.
Download here

Features

Download here

Download iStealer Keylogger | Remote Keylogger

Posted by Deepanker Verma 3 comments

Keyloggers are used to record keystrokes of a system. TO hack a system located far from us, we need to have a remote keylogger. If you want to hack Facebook, GMail or any other account, this remote keylogger can help you a lot

What is a Remote Keylogger
Remote keyloggers are the kind of keylogger which have the ability to record the keystrokes and then send this log file to the hacker. If the system of victim is not connected to internet, it waits till the system connect to the internet. As it got the connection, it sends logs to the hacker.

In this post, I am adding a popular remote keylogger, iStealer.

How To Use This Remote Keylogger :-

Download keylogger from below link and extract that
Give them the required information
Create New Gmail Account Specially for keylogger ( its recommended )
And Log that gmail username and password in keylogger
Now Click on build
It will create a server.exe
Send that Server.exe to victim and ask them to run
You done the all task now you will receive the logs to the given gmail account

Download
iStealer 6.3 patched

NOTE: i will not responsible for any kind of harm you will make to you or others.

20 porn websites hacked and defaced

Posted by Deepanker Verma Tuesday, November 1, 2011 0 comments

20 porn websites hacked and defaced

"King and Ironicboy C7 CREW ", hacked and defaced 20 porn websites. They had posted the link on the http://pastebin.com/8HFQ0hQk
They also posted a message,

Shame on you admin... You are showing ur mom's and sistr's videos.

Ur business is like a fucked ass hole

I have deleletd ur Database ;D

Just to warn u

Next time if a saw ur mum video again

We will kill u

Admin u r changing the mind of innocent kids

So stop all this..

Admin Ur security SuuuuuuuuuuucccckSsssssss !!

U really need to Patch it..

Hacking Tricks

Fix your windows errors with registry cleaner

GoLISMERO – Web Application Mapping Tool

Acunetix Web Vulnerability Scanner 8 BETA Released and available for download

W3af v1.1 Released - Web Application Attack & Audit Framework

Twitter hacked to post a tweet more than 140 characters

Burp Suit Pro v.1.4.0.3 released

SQLninja v.0.2.6 "bunga bunga edition" released

List of Online Websites SQL Injection Scanner

Remote spy on computers with Win-Spy

Download iStealer Keylogger | Remote Keylogger

20 porn websites hacked and defaced

Security Tools

Popular Posts

About Me

Partners

Blog Archive