Search Results for "web-based" - Page 6

...The backbone of thad0ctor's Backtrack 5 Toolkit is the Wordlist Toolkit that contains a plethora of tools to create, modify, and manipulate word lists in order for end users to strengthen their systems by testing their passwords against a variety of tools designed to expose their pass phrases. In short it is the ultimate tool for those looking to make a wide variety of word lists for dictionary based and other brute force attacks. The toolkit is designed with usability in mind for the Backtrack 5R2 linux distro but will also work on BT5 R1 and other Ubuntu based distros if configured properly. The script is constantly updated with multiple revisions to include new cutting edge features and improvements in order to provide full spectrum wordlist creation capabilities.

...I have waned to package an rpm, and deb file that quickly allows most users to block ip addresses from ip blocks that have been geographically assigned. The solution exists via iptables and the geoIP database done via cmd-line. I have begun to make a simple web gui, that allows for selecting countries one would like to simply block from reaching one's server. The gui incorporates country flags as a means of selection. Eventually, this project seeks to be able to apply fine tailored restrictions, via port and protocols to firewall rules. With help, I intend to port this to Windows in the near future.

About GameOver: Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work. GameOver has been broken down into two sections. Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. ...

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Last update on tue mar 26 16:25 UTC 2012 The Web Crawler Security is a python based tool to automatically crawl a web site. It is a web crawler oriented to help in penetration testing tasks. The main task of this tool is to search and list all the links (pages and files) in a web site. The crawler has been completely rewritten in v1.0 bringing a lot of improvements: improved the data visualization, interactive option to download files, increased speed in crawling, exports list of found files into a separated file (useful to crawl a site once, then download files and analyse them with FOCA), generate an output log in Common Log Format (CLF), manage basic authentication and more! ...

this collection of most used resources that will help you in ethical hacking and penetration testing. Collection of hacking tools and materials and all major type of attacks and tutorials.

distributedPHP client is a simple PHP script that can simultaneously activate/send data to as many web scripts as you want. You must open and configure the distributedPHP .php file prior to running it. ditributedPHP client supports activating scripts without data, sending the same data to all scripts, sending unique data to each script or sending user input to each script. Examples of use include: distributed math computation, encryption breaking, SETI@home/folding@home (well, if they made the projects in php..) distributed bruteforce attacks, ddos attacks, distributed processing, etc.. ...

Penetration Testing Distribution based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.

This is a script to perform a dictionary based attack through protocol FTP and SSH2. You need libssh2 to use ssh2 methods. Syntax use: perl ssh2ftpcrack.pl [ssh or ftp] [user] [host] [wordlist] http://packetstormsecurity.org/Crackers/wordlists/

Retracer Linux is a Linux operating system based off Arch Linux and inspired by Backtrack. Its a performance penetration testing distribution.

PROJECT HAS MOVED TO GITHUB: https://github.com/alex-georgiou/rc4-32.asm Code to brute force the 32-bit key used to RC4 encrypt .pwl files. Assembles to a 992 byte .COM file using the Intel Architecture Assembler v1.0 Copyright (c) 1998 augusto at dcc.ufmg.br. http://web.archive.org/web/19981205090800/http://www.dcc.ufmg.br/~augusto/project/iasm.zip

GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it is most certainly not; it's very similar but based on the much loved GNOME!

Search Based Password Strength Analyzer Proof-of-Concept. Determines password resilience against dictionary attacks, opposed to brute-force attacks like most other password strength analyzers. Utilizes Bing API to collect statistics.

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

NodeZero is Ubuntu based linux designed as a complete system which can also be used for penetration testing. NodeZero uses Ubuntu repositories so your system will be always up to date.

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be teste

jCracker is a free, cross-platform and featured password cracker coded in Java and designed to bruteforce the md5 hashes based on a wordlist.

A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities.

Integrated vulnerability scanner and penetration testing software Windows written in C# SQL Server 2000/2005 Binary search blind and time-based extraction Request headers Post parameters URL parameters fgdump advanced pivot technology.

An attempt to send a full flagged MIME based email using open relay mail servers (authentication not required). Written in Python3. Using smtplib and email liabraries TODO: Bruteforce the SMTP authentication. Support TLS.

Corazones Web Toolbox es una compilación de herramientas para realizar auditorías de seguridad informática. Entre sus herramientas incluye: | MAC spoofing | Admin panel Finder | Port scanner | MD5 multi search | Metasploit web launcher | etc...

Java based webapp that utilizes TCP Wrappers to grant an IP access to a ssh server. Brute force attacks can be avoided while still allowing password based ssh access from multiple, changing IP values.

ShellTer is an iptables-based firewall. What sets it apart from the rest is that it has built-in SSH brute force protection. It is easy to configure and has an interactive CLI installer.

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.