Reaver – brute force Wifi Protected Setup
Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf.
Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.
On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.
Patator multi-purpose brute-forcer
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Currently it supports the following modules:
* ftp_login : Brute-force FTP
* ssh_login : Brute-force SSH
* telnet_login : Brute-force Telnet
* smtp_login : Brute-force SMTP
* smtp_vrfy : Enumerate valid users using the SMTP VRFY command
* smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
* http_fuzz : Brute-force HTTP/HTTPS
* pop_passd : Brute-force poppassd (not POP3)
* ldap_login : Brute-force LDAP
* smb_login : Brute-force SMB
* mssql_login : Brute-force MSSQL
* oracle_login : Brute-force Oracle
* mysql_login : Brute-force MySQL
* pgsql_login : Brute-force PostgreSQL
* vnc_login : Brute-force VNC
* dns_forward : Forward lookup subdomains
* dns_reverse : Reverse lookup subnets
* snmp_login : Brute-force SNMPv1/2 and SNMPv3
* unzip_pass : Brute-force the password of encrypted ZIP files
* keystore_pass : Brute-force the password of Java keystore files
The name "Patator" comes from http://www.youtube.com/watch?v=xoBkBvnTTjo
Patator is NOT script-kiddie friendly, please read the README inside patator.py before reporting.
HexorBase – bruteforce SQL servers
HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ).HexorBase allows packet routing through proxies or even metasploit pivoting antics to communicate with remotely inaccessible servers which are hidden within local subnets. It works on Linux and Windows.
Requirements:
python
python-qt4
cx_Oracle
python-mysqldb
python-psycopg2
python-pymssql
python-qscintilla2
Install
[cc lang="bash"]dpkg -i hexorbase_1.0_all.deb [/cc]
Icon "HexorBase.desktop"can be found at /usr/share/applications for KDE and also GNOME
Download here
Badass – pack of tools to mess with systems and networks
Badass is a pack of tools to mess with systems and networks. It's a helping program for lammers, skiddies, and various other peoples with no computer skills at all. Programmed in Ruby/Perl/Python and oriented to GNU/Linux Debian, Ubuntu, Backtrack systems and their derivatives. It is free, licensed under GNU/GPLv3.
If you want to report errors, give feedback and new code or ideas, contact the author blass[at]sdf [d0t] lonestar [d0t] org
Toolkit:
* Decryption/Encryption Tools
Base64 Encoder & Decoder
Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
SSH Brute
And more!
* Network Tools
TCP port scanner
Honeypot
DNS and host gathering
Admin login page finder
And more!
* Badass ToolBox
Dorking tools
Proxy Hunter
DOS
Nikto.rb
Nmap.rb
tcpdump.rb
Wapiti.rb
And more!
do this first:
[cc lang="bash"]apt-get install hping3 nmap tcpdump wapiti[/cc]
[cc lang="bash"]gem install net-ssh
gem install optiflag
gem install net-http[/cc]
usage:
[cc lang="bash"]ruby badass.rb [/cc]
And the author mentions something about install errors / usage:
"In the file (badass.rb) you have some configuration lines to mess with.
Look at it, if you have problems or you want to change something. Again you are on your own.
If you don't understand something or you have questions, this mean you are stupid and
I DON'T CARE!"
Disclaimer
Categories
- android (1)
- antivirus (1)
- backup (1)
- backup exec (2)
- bruteforce (6)
- conference (2)
- CRSF (2)
- DirectAdmin (1)
- DoS (11)
- enumeration (2)
- Fără categorie (2)
- flash (2)
- Fuzzer (2)
- games (1)
- hacking (116)
- how-to (32)
- Information gathering (2)
- lfi (3)
- linux (27)
- mobile (1)
- ms exchange (2)
- News (2)
- Phishing (1)
- php (1)
- rdp (1)
- rfi (5)
- rootkit (1)
- scripts (33)
- seo (1)
- sniff (3)
- social engineering (2)
- source code (33)
- sqli (16)
- ssh (2)
- symantec (3)
- tools (73)
- tutorials (20)
- tutorials (1)
- Uncategorized (7)
- vranger (1)
- windows (12)
- wireless (1)
- wsus (1)
- xpath (1)
- xsrf (1)
- xss (12)
