http://blackhammer.org Ethical Hacking | Penetration Testing | Computer Security Fri, 16 May 2008 15:27:41 +0000 http://backend.userland.com/rss092 en Sometimes I wonder to myself have I mentioned a certain tool on the site, usually one of my favourites…often I search the site to find I have never posted about it. It just goes to show how we often overlook some of the more ‘obvious’ choices, and to many people they ... http://blackhammer.org/xprobe2-active-os-fingerprinting-tool/ Most of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks. Client-based attacks, especially targeting web clients, are becoming ... http://blackhammer.org/browserrecon-passive-browser-fingerprinting/ Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website. It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web ... http://blackhammer.org/metagoofil-v14-released-metadata-and-information-gathering-tool/ With rtpbreak you can detect, reconstruct and analyze any RTP session. It doesn’t require the presence of RTCP packets and works independently form the used signaling protocol (SIP, H.323, SCCP etc). The input is a sequence of packets, the output is a set of files you can use as input ... http://blackhammer.org/rtpbreak-13a-released-rtp-analysis-and-hacking/ This is a pretty new tool and a very cool one, Hibernation is a fairly new feature for Windows so it’s good to see a new tool targeting that. Microsoft provides a feature called Hibernation also know as suspend to disk that aims to save the system state into an undocumented ... http://blackhammer.org/sandman-read-the-windows-hibernation-file/ CDPSnarf if a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more. The application is written in C using the popular PCAP library. Sample Output Cisco AIR-AP1231G-E-K9 Access Point: $ sudo ./cdpsnarf eth2 Waiting ... http://blackhammer.org/cdpsnarf-cdp-packet-sniffer/ Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address ... http://blackhammer.org/technitium-mac-address-changer-v48-released-for-download-free/ The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current ... http://blackhammer.org/pass-the-hash-toolkit-v13/ WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security. The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without ... http://blackhammer.org/wifizoo-v13-released-passive-info-gathering-for-wifi/ HDIV (HTTP Data Integrity Validator) is a Java Web Application Security Framework. HDIV extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification. This implies that we can use HDIV in applications developed in Struts 1.x, Struts 2.x, Spring MVC and JSTL in a transparent ... http://blackhammer.org/hdiv-java-web-application-security-framework/