How to Hack a Wi-Fi Password | Crack Wi-Fi Passwords Easily

Hi Guys, I am back with another amazing hacking tutorial. I hope you are learning well from my other posts. In this post I will be teaching you How to Hack a Wi-Fi password. The following post will teach you how to crack wifi passwords easily in minutes.We strictly advise our readers to follow the tricks and tutorials presented at How to Hack at their own risk. We are sharing this knowledge for educational purpose only, well most of it! Blah Blah blah.Phew! Done with the formalities, now let us start with the Wi-FI cracking. But before starting the tutorial let me give you a small introduction to what Wi-Fi hacking is and what are the security protocols associated with it.In a secured wireless connected the data on internet is sent via encrypted...

Read more »

Namecheap CSRF Vulnerability could lead to DNS Hijacking

A Security researcher Henry Hoggard has discovered a cross site request forgery(CSRF) vulnerability in the Namecheap website that could lead attackers to hijack the DNS records.An attacker could have exploited this vulnerability and redirect the websites to fake website.  The attacker could also have managed to display defacement message.In his blog post, the researcher said the vulnerability could allowed hackers to redirect MX records and intercept email. In an email sent to ThreatPost, the researcher said "This would have impacted all customers, which I’m sure is a lot of high profile websites, as Namecheap is one of the most popular domain registrars". ...

Read more »

MultiSystem – Create a MultiBoot USB from Linux

How to Create a MultiBoot USB Flash Drive from Linux: Multisystem is an awesome tool created by LiveUSB.info, that works similar to our Windows based MultiBootISOs USB creator, but was created for use within Linux. It also uses Grub2 instead of Grub Legacy, and can be run from within Ubuntu Linux to create a Custom Multiboot UFD containing your favorite Bootable Live Linux Distributions. Official HomePage: http://liveusb.info/dotclear Multisystem Prerequisites: Ubuntu Linux or Ubuntu Based System (can use an Ubuntu CD or USB) A USB Flash Drive (to use for your MultiBoot USB) Working Internet Connection install-depot-multiboot.sh.tar.bz2 How to Install the Multisystem LiveUSB Tool Download and Open the Script with Ubuntu's Archive Manager 2.Extract...

Read more »

SARDU – Multiboot USB Creator (Windows)

SARDU is another nice Windows based Multiboot USB Creator that can also be used to create Multiboot CD/DVD's. Created by Davide Costa, SARDU enables you to create a Multiboot UFD containing your basic essential Utilities, Antivirus, and Windows XP/7 Installers. On top of that, SARDU offers the built in ability to Defragment your USB Drive, and burn an ISO to CD/DVD. WARNING! I've been informed that SARDU is now potentially packaged with Adware. As a result, I recommend avoiding this tool. Back in Jan 2011, when this post was originally written, SARDU was a good clean tool!.If you choose to use this program, first check it for viruses/trojans/malware using an online multiple scan utility such as Virus Total.SARDU – Another Multiboot USB Creator...

Read more »

XBOOT – Multiboot ISO USB Creator (Windows)

XBOOT is yet another neat little Multiboot ISO USB Creator. It is a Windows based application that can be used to create a Live Multiboot USB or even a Multiboot ISO file that can then be burnt to a CD/DVD. XBOOT supports many Linux Distributions and Utilities,and allows you to use your choice of a Grub or Syslinux bootloader.Also included is a built in QEMU emulator (enabling you to boot an ISO from within Windows).XBOOT – Multiboot ISO/USB Creator Authors Website: http://sites.google.com/site/shamurxboot/ Usage Example: Creating a Live Multiboot USB with XBOOT: 1.Download, extract and run the latest version of XBOOT2.(1) Drag and drop some ISOs into the XBOOT window (2) Select Create USB   3.(3) Select your USB Drive from the Droplist...

Read more »

[Chrome Password Dump] Command-line Tool to Recover Login Password from Google Chrome Browser

Chrome Password Dump is the free command-line tool to quickly recover your lost web login passwords from Google Chrome browser. It automatically detects the default Chrome profile for current user and recovers all the stored web login passwords. Alternatively you can also specify the custom profile path in case your Chrome user profile is not in standard location. This is very useful in recovering the login passwords from other Chrome based browsers such as Chrome SXS/Canary, CoolNovo, Flock, Comodo Dragon etc.  Command line interface makes it helpful for Penetration Testers & Forensic investigators. Download Chrome Password Dump v1.0...

Read more »

+1000 Sql Vulnerable Sites

http://www.us.ute.com/product_info.php?id=45' http://www.avmaniacs.com/review.php?id=1335' http://www.planetbollywood.com/displ...=m091511034819' http://www.latintourdimensions.com/o...tail.php?id=86' http://hamiltoncityschools.com/item/?id=671' http://isectech.net/Forum/printthread.php?tid=578' http://www.2hgs.com/detail_humor.php?ID=27' http://www.2hgs.com/detail_humor.php?ID=42' http://www.nitro-helmets.com/product...category_id=83' http://www.tomkane.com/section.php?id=1' http://www.medix.com.hr/aboutbook.php?id=30' http://motdrb.com/tr/trainers.php?do...Trainer_ID=336' +1000 Sql Vulnerable Sites Klik Her...

Read more »

[HTSHELLS] Self contained web shells and other attacks via .htaccess files

Attacks are named in the following fashion, module.attack.htaccess and grouped by attack type in directories. Pick the one you need and copy it to a new file named .htaccess, check the file to see if it needs editing before you upload it. Web shells executes commands from the query parameter c, unless the file states otherwise.Download  HTSHE...

Read more »

[Lynis v1.3.5] The Unix / Linux auditing, security and hardening Tool

Security and system auditing tool to harden Linux systems (and more)Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI...

Read more »

[WiFi Password Remover] Wireless (WEP/WPA/WPA2) Password/Profile Removal Software

WiFi Password Remover is the Free software to quickly recover and remove Wireless account passwords stored on your system. For each recovered Wi-Fi account, it displays following details, WiFi Name (SSID) Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP) Password Type Password in Hex format Password in clear text Once recovered, you can either remove single or all of them with just a click.Before proceeding with deletion, you can also take a backup of recovered Wi-Fi password list to HTML/XML/TEXT file. One of the unique feature of this tool is that it can recover all type of Wi-Fi passwords including the ones which are not shown by 'Windows Wireless Manager', thus allowing you to remove all the hidden wireless passwords/profiles also.Download...

Read more »

Video Dark Mint [Blackhat Edition]

Video ...

Read more »

Crunch + Aircrack GUI for WPA [For Windows]

Download AirCrack GUI For WPA For Windows He...

Read more »

Hydra v 7.4: Fast Network cracker

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version. Hydra available:  for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2),...

Read more »

[Cansina] Web Content Discovery Application

It takes general available lists of common path and files used by web applications and make URL requests looking back to the server response code. Cansina stores the information in a sqlite database (omitting 404 responses). One for every new url (think this as a kind of projects feature) and the same database for every new payload on the same url.It aims to be (very) simple and straight to use doing only one thing: Discover content.The app is far from being finished, probably is poorly coded and I wouldn't recommend it to use in a serious pentesting session.Lists from fuzzdb are included in this repository for convenience but are not part of the project. You can use whatever list you want. Features Threads (well, processes) HTTP/S Proxy...

Read more »

[zAnti] Android Network Toolkit

Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti. Using Anti is very intuitive - on each run, Anti will map your network, scan for active devices and vulnerabilities, and will display the information accordingly: Green led signals an 'Active device', Yellow led signals "Available ports", and Red led signals "Vulnerability found". Also, each device will have an icon representing the type of the device. When finished scanning, Anti will produce an automatic report specifying which vulnerabilities you have or bad practices used, and how to fix each one of them. ...

Read more »

[WAppEx v1.0] Web Application Exploitation Tool

WAppEx is an integrated Web Application security assessment and exploitation platform designed with the whole spectrum of security professionals to web application hobbyists in mind. It suggests a security assessment model which revolves around an extensible exploit database. Further, it complements the power with various tools required to perform all stages of a web application attack.Download H...

Read more »

Tutorial Cpanel Hacking/Cracking Tutorial

Cpanel Hacking/Cracking Tutorial: "Index of /sh3llZ" Upload your shell while Late Night Browsing Random websites I saw a website with a directory "sh3llz", this directory contain many shells like c99, c100 r57 and others, it was intresting, i dont know its a Bug or These files was uploaded by any hacker, when I googled it I got Many similar websites so its Devil's Cafe New exploit, shells already Uploaded and you Can Upload your new one or use and already Uploaded shell and deface the website ..=) cats.jpg (363×506) Exploit Title : "Index of /sh3llZ" Google and Big Dorks : "Index of /sh3llZ" "/sh3llZ/uploadshell/uploadshell.php" intitle:index of/sh3llZ and you can make own dorks for getting more results =) Lets Start : Goto Google or Bing.com and type any Dork "Index of /sh3llZ" "/sh3llZ/uploadshell/uploadshell.php"...

Read more »

How To Acess Your Shell In JPG

Some time a website have want only image extensionand shell is in PHP so how to uploadFirst open your shell with notepad and then Save As and change the extension to one of these shell.php;.jpg shell.php.jpg shell.php..jpg shell.php.jpg shell.php.jpg: ;shell.php.jpg%; shell.php.jpg; shell.php.jpg; shell.php.jpg:; If you did not find any option for uploading files, but have place where you can add news or new event or something you can use meta http-equiv to make redirection from website to your deface page.Just add this code in news < meta http-equiv="refresh" content="0;url=http://link_to_your_defacee_page" > after Getting admin Panel,if you can't upload .php directly upload it with modified extensions as I stated above. After uploading, find the directoey where your fle uploaded, example...

Read more »

Admin Finder to find Admin login page easily at websites

While hacking a website the most difficult task for a hacker is finding the admin login page of the site where he can input the stolen login Username/Password when he is using SQL Injection. . .So here we will make their work easier by giving this tool namely AdminFinder! This will search for all suspicious pages on the site and will finally give you the login page!Get this tool for free from here.Download H...

Read more »

Proxy Gear Pro 2.1

Features:Easy to useURL GrabberHigh SpeedAdaptive filtersAvtoparser proxies from text / file / URLThe opening of multiple files totaling> 2GBIdentification of the country ProxyExport lists in whatever maskDefining proxy timeoutSet up the proxy server directly from the programMultithreading (up to 1,000 threads and priority control)Ability to set the connection timeoutIdentify the type of proxy (Transparent, Anonymous or Elite)Work through your own check-serverNEW! Proxy Gear Pro 2.1* Fixed Google CAPTCHA bug* Fixed detection of Elite proxy servers* Added date filter in Google Grabber* Added antigate.com support for Google Grabber* Added ability to limit page size in URL Grabber* Added save button for grabbed proxy in main window* New parsing...

Read more »