Senin, 03 Oktober 2011

0 BITDEFENDER ANTIVIRUS PLUS 2012 + Crack

05.44 Under From deny saputra
[0 Comment]




BitDefender Antivirus Plus 2012 - a classic anti-virus, providing the necessary computer basic protection, including the Web. Automatic hourly updates of antivirus databases allow you to not worry about their safety.
Stop viruses and spywarePreventive protection is able to prevent the penetration of new viruses and malware that may go unnoticed by other products.
PROTECT YOUR DATAEliminate the possibility of data loss and the contents of your correspondence by e-mail, Facebook, in an instant messaging services or Web sites and monitor their online activities.
ACCESS INTERNET SITES NO RISK TO SAFETYUnique solution for antivirus protection, Advisor to search, to warn you about dangerous web sites in your search results in search engine Google.
Virus found in no time!QuickScan uses cloud computing to catch viruses with minimal system resources.
Video libraryCollection of video tutorials step by step help in solving the most common security challenges.
COMFORT DURING PLAY ORAutomatic activation of game modes, laptop mode or "without notice" to avoid interruptions in order to increase battery life and reduce the load on the system for safe and comfortable play.










Read More »

0 BITDEFENDER INTERNET SECURITY 2012 + Crack

05.44 Under From deny saputra
[0 Comment]





The new version of BitDefender Internet Security 2012 - an advanced system to protect your computer combining the functions of anti-virus and firewall (firewall), the product can prevent the penetration of new viruses and malware that may go unnoticed by other products. In this way you avoid the possibility of data loss and the contents of your correspondence by e-mail, social networks and monitor their online activities.
Stop viruses and spywarePreventive protection is able to prevent the penetration of new viruses and malware that may go unnoticed by other products.
ENSURE SAFETY OF YOUR FAMILYMonitor your children's behavior from his iPhone, smartphone or PC.
PROTECT YOUR DATAEliminate the possibility of data loss and the contents of your correspondence by e-mail, Facebook, in an instant messaging services or Web sites and monitor their online activities.
ACCESS INTERNET SITES NO RISK TO SAFETYUnique solution for antivirus protection, Advisor to search, to warn you about dangerous web sites in your search results in search engine Google.
Firewall protectionTo install the firewall need only a few mouse clicks. After that, you can always track your Internet connection and prevent unauthorized access, even wireless networks.
Get rid of SPAMSending unwanted messages or contain viruses and email attachments directly into the basket, so they did not receive a folder 'Inbox'.
Virus found in no time!QuickScan uses cloud computing to catch viruses with minimal system resources.
LEARNING TO USE THE PROGRAM WITH VIDEOSStep by step video instructions, built-in products BitDefender, make it easy to solve problems with the installation and operation of antivirus software.
COMFORT DURING PLAY ORAutomatic activation of game modes, laptop mode or "without notice" to avoid interruptions in order to increase battery life and reduce the load on the system for safe and comfortable play.
Select an optionPick up in settings mode for your convenience: "Basic", "Medium" or "Expert" and create shortcuts for quick access to frequently used settings.
Read More »

0 Ad-Aware Internet Security

05.42 Under From deny saputra
[0 Comment]









Lavasoft Ad-Aware Internet Security Pro - Protect your Privacy with the World’s Most Trusted Anti-Malware. Ad-Aware Internet Security gives you the power to combat even the most complex forms of malware, protecting you from viruses, spyware, trojans, rootkits, keyloggers, password stealers, and much more. Whether through standalone anti-malware tools or our all-in-one security solution, Ad-Aware?s advanced real-time detection technology and minimal strain on system resources gives you the power to use the Internet how, when and where you want — without the worry. We have taken the security product millions of people know and trust one step further to give all users the power to protect themselves online. By combining Lavasoft’s pioneer anti-spyware technology with traditional anti-virus protection, Ad-Aware Free now features complete malware protection, that won’t slow your computer down!


Comprehensive Protection for Advanced Users:
• Complete Malware Protection, including Anti-Virus and Anti-Spyware
• Ad-Watch Live! Expert Real-time Protection
• Genotype Detection Technology
• Behavior-Based Heuristics Detection
• Expert Level Rootkit Removal System
• The Neutralizer Malware Removal Tool
• Do Not Disturb Mode
• Download Guard for Internet Explorer
• Toolbox. Including Process Watch, AutoStart Manager, Hosts File Editor, and ThreatWork
• Network Drive Scanning
• Automatic Pulse Updates & Free Technical Support

Here are some key features of “Ad-Aware Internet Security Pro”:

Complete Malware Protection:
· A power-packed combination of our pioneer anti-spyware technology together with traditional anti-virus to provide comprehensive malware protection, including protection against virus, spyware, blended malware, trojans, rootkits, hijackers, keyloggers, and much more.

Ad-Watch Live! Expert:
· Ad-Watch Live! Expert gives you an additional layer of security by blocking connections to blacklisted IP addresses. It also adds process protection including behavior-based heuristics scanning, registry protection, and real-time network protection.

Behavior-Based Heuristics Detection:
· Extra Sensory Protection allows you to go a step beyond detecting known threats — the heuristics detection finds and blocks unknown and emerging threats and stops deceptive malware and cyber thieves before they attack your personal information.
Rootkit Removal System:
· Expert level rootkit technology to uncover and remove even the most complex monitoring tools, stealth mechanisms and hidden code.

The Neutralizer:
· Advanced removal tool combats malware that attempts to restore itself even after rebooting your system.

Detect, Remove and Repair:
· Ad-Aware intelligently cleans your system by removing all traces of the infection.

Do Not Disturb Mode:
· Stay protected while watching videos, playing games, or making presentations in full screen mode – without annoying interruptions or strain on system resources that other security software programs cause.

The Toolbox:
· Lavasoft has developed a range of useful stand-alone applications to help you optimize your computer’s performance.

Network Drive Scanning:
· Scan network drives so you can detect malware on any shared disks on your network, not just on your hard disk.

External Drive Scanning:
· Scan your external storage device, iPod, USB’s, or any other drives that you connect to your PC for an additional layer of security.

Pin-Point Scanning:
· Quickly identify whether a suspicious file is safe or malicious – Right click any file or folder to perform an immediate scan, or send it to ThreatWork Alliance for analysis.

TrackSweep:
· Control your privacy by erasing tracks left behind while surfing the web on multiple browsers, including Internet Explorer, Firefox, and Opera, with one easy click.
Full integration with Windows Security Center:
· Get Ad-Aware protection and status notifications through the Windows Security Center.
What’s new in Lavasoft Ad-Aware Internet Security Pro 9.0.5
This version should resolve issues with the ignore list and crashes in AAWTray.exe but not in AAWServices.exe



Read More »

0 Dr.Web Anti-Virus Pro

05.41 Under From deny saputra
[0 Comment]





Dr.Web® for Windows provides reliable and highly efficient protection of your system and data regardless what type of the Microsoft operating system is installed on your computer. The Dr.Web® for Windows components allow in a real time mode to detect malicious programs from any external sources.

Key functions:
• Improved! Detection and neutralization of malware on hard drives, removable data storage devices and in RAM
• Real-time interception of all calls to files on CD/DVD/ Blue –ray/Flash-drives and smart cards
• Improved! Detection of viruses using rootkit technologies
• Improved! Protection against unknown threats powered by non-signature detection technology Origins Tracing™ and the intelligent heuristic analyzer
• Improved! Detection of viruses placed in an archive at any nesting level
• New! The FLY-CODE technology allows checking files compressed by unknown packers
• Virus scan of SMTP/POP3/NNTP/IMAP traffic
• Protection against mass mailings performed by a mail worm from an infected machine
• Filtering on-the-fly of spam, scams, bounces, phishing and pharming messages.
• New! Real-time scan of web-pages ensuring that a user receives only clean web-content
• New! Block of access to phishing sites and other fraudulent web-resources
• New! Protection against unwanted content
• New! Block of access to web-sites based on 10 categories
• New! Block of access to movable media, network devices , files and folders on hard drives which protects from destroying or stealing of vital data
• New! Protection against cyber crime targeting children
• Protection against annoying Internet ads
• Protection of account information related to online games, social networks, electronic money systems, credit card numbers and PIN codes
• Detection of spam-bots
• On demand/scheduled scan
• Automatic updating




Read More »

0 ZoneAlarm Extreme Security 9.3.014.000

05.41 Under From deny saputra
[0 Comment]

 

 

The most comprehensive suite on the market. Protects your PC, your browser, and your data.

For a year or so, Check Point Software has maintained two very different computer security solutions. CheckPoint ZoneAlarm Extreme Security offers standard protection highlighted by top-tier firewall and antispam components. ZoneAlarm ForceField specifically protects against browser-based threats using virtualization, Web-site analysis, keylogger jamming, and other advanced techniques. The two technologies are finally combined in ZoneAlarm Extreme Security. The new product adds hosted online backup and PC tune-up, making it a very complete suite indeed. In fact, it’s the biggest challenger Norton Internet Security has seen in a couple of years.



Read More »

0 Panda Security Products 2012 v17.00.00 Final Incl Activation

05.39 Under From deny saputra
[0 Comment]





Panda's products include security tools for home users and enterprises, including protection against cybercrime and kinds of malware that can damage IT systems, such as spam, hackers, spyware, dialers and undesirable web content, as well as detection of WiFi intrusions. Its trademark technology, branded TruPrevent, is a set of proactive capabilities aimed at blocking unknown viruses and intruders. Initially centered on the production of antivirus software, the company has expanded its line of applications to include firewall applications, spam and spyware detection applications, cybercrime prevention technology, and other system management and security tools for businesses and home users.

 
 
 
 
Read More »

0 norton 360v5

05.38 Under From deny saputra
[0 Comment]





tp74cmq3v2ywgkv9yy3h4pwjd
txqvrt44d4ycpgtyqrb2m66h4
tj7krvbdbrb3fxgg7jy87hp6j
tph2myjdgrmr89d6qtxp34fyd
tj97f9929wyf6rvfp33ffpttp
tqmwrgmqg2jfpfq8fr96x88y7
tcmrqxqh38x4rtdd2qvrkvkyb
t62pjp922pcq9tpqx9q7c8vkw
tphrb2cg63x2tr3yxtp6kg9k6
t4h6mqwcv3b2crkjdv3yyyj8w
tcww7hxb9gbg63khbh43hmgdc
tpjcch2wgyvrhwt77289ycfj9
t2qvmpfb7fkgrw79fcjt8tf6b
tbvymvggg4yy86mprcky4gq7j
tf49cyxqg2gr8rb2vxfqpgdk6
td2mv8tq74234dwf9y9vhtc4h
tbyk36y6v49wk2dmcb7cy3cg8
tk7fjmhcff6g2cr48vvyqyrg7
tm9hcrw2g8tydkrvb3kw7q9y6
t7mydtgmdjtg6v6jmtbw8dm4v 




VALID 150 DAY'S
Read More »

0 TrustPort Total Protection 2012 12.0.0.4796 Final

05.36 Under From deny saputra
[0 Comment]




TrustPort Total Protection 2012 - full protection of your computer from malicious software by using two antivirus engines AVG and BitDefender. All e-mail and the contents of the site is scanned for malicious code, which, together with features such as encryption and secure deletion of information, provides a comprehensive and reliable protection created by the user information.

Comprehensive Protection
Antivirus and antispyware
Internet Protection
Automatically checks for removable media
Personal firewall
Encrypt files and folders
Secure deletion of information

Product Characteristics
Antivirus and antispyware
The solution uses both traditional scanning and search threats by their behavior in the system for malware that can infiltrate your computer through the Internet or removable media. And the use of two scanners, the detection rate as close to the magic mark of 100%.

Personal firewall
The firewall determines whether the connection between your computer and, for example, any Web site safe or its contents may be harmful to the user. For most standard applications module firewall automatically allows the execution of authorized actions. If the firewall is not known the source of the requested connection, or it is dangerous, you are a window in which the user must choose whether or task force authorized or to block it.

Parental Control
This module allows you to protect children from viewing sites that are unethical or dangerous. For this we first need to select the categories that are not desirable to see, for example, pornography, violence, forums ...

Encryption and Secure Deletion Information
To encrypt the two methods. For a safe backup media can be used to encrypt the archives for daily tasks in the storage of encrypted disks. In addition, the solution can remove important information that is not used forever.

Mobile antivirus
With this module you can generate a portable anti-virus software on a USB and check them any number of computers for malicious programs.

New in 2012 TrustPort
• Updates without internet. This allows the use of TrustPort 2012 if there is no access to the Internet.
• Now maintained by e-mail client THE BAT.
• Protection parameters TrustPort 2012 password.
• Protection of local drives and folders
• a prohibition on the use of USB-drives.
• Improved handling of encrypted disks.
• Uprosheno create a Live CD
• Improve monitoring
Read More »

0 TrustPort Antivirus 2012 12.0.0.4796 Final

05.35 Under From deny saputra
[0 Comment]

 
 
 
TrustPort Antivirus 2012 - is a universal anti-virus solution based on two anti-virus AVG and BitDefender engines capable of withstanding millions of extending the World Wide Web threats - viruses, worms, spyware and Trojans. Due to regular updating of antivirus databases and universal heuristics technology, TrustPort Antivirus is a stop suschestvuyushie malware, and those that will be created.
Reliable antivirusReal-time protection of your informationThreat detection "on the fly"Automatic checking of mediaThe discovery of new virusesAntivirus File Protection against attacksEase of Use
Product CharacteristicsOn-access scanningScanner "real time" scans the system for opening and working files. If a virus, the execution of a malicious action is blocked and, depending on options selected it to be treated, renamed, moved to quarantine or completely removed.
Scanning on demandThe scanning is performed on pre-defined parameters - the choice of drives, file types, designed to test and the possibility of up to several times a week to scan the information generated in the presence of malware.
The high level of threat detectionWith two anti-virus scanners, anti-virus is able to reach the best in the world to detect and resist almost all known viruses, worms and Trojans.

Heuristic AnalysisThrough regular updates, the antivirus detects the known threat. But every day there are millions of new viruses, worms and Trojans. To detect them in decisions TrustPort apply advanced technologies analyze the behavior of malicious programs, which determine if the object is (a file, document or program) a dangerous or not.
Automatic updatesTrustPort Antivirus is updated regularly. Depending on the requirements and preferences, the user can set the desired time interval between updates. The program is entered as information about known viruses, worms, Trojans and how to fight and upgrade the program, which allows us to comprehensively protect your computer.
Protection against attacksFiles are protected by antivirus solutions. Thus, any attempt to destabilize the malware TrustPort Antivirus remain unsuccessful.
New in 2012 TrustPort• Updates without internet. This allows the use of TrustPort 2012 if there is no access to the Internet.• Now maintained by e-mail client THE BAT.• Protection parameters TrustPort 2012 password.• Protection of local drives and folders• a prohibition on the use of USB-drives.• Improved handling of encrypted disks.• Uprosheno create a Live CD• Improve monitoring
 
 
 
Read More »

0 TrustPort Internet Security 2012 12.0.0.4796 Final

05.33 Under From deny saputra
[0 Comment]
 
 
TrustPort Internet Security 2012 - offers comprehensive protection for your computer and information from malware and Internet threats. Solution with two cores AVG and BitDefender stops viruses and spyware at all points of access and prevents access to your computer from hackers.
Comprehensive ProtectionAntivirus and antispywareE-mail ScannerWeb ScanBuilt-in firewallAutomatic Updates
Product CharacteristicsProtecting Local FilesProtection in "real time" tracking changes and their nature in the system at launch applications, files, does not allow you to run a malicious program. For a given advance intervals checks the entire contents of your hard drive. As a result dvuskanernoy technology for solutions TrustPort one of the highest levels of malware detection.
Web ScanWebsites are a major source of virus infections, so all downloads are initially checked TrustPort Internet Security. If you notice the presence of threats, the site will automatically be blocked in the browser window displays the name of the threat and its source.
Check your e-mailAll email is scanned for malicious programs and spam. The solution is compatible with email clients like Microsoft Outlook, Mozilla Thunderbird, Outlook Express and Windows Mail.
Personal firewallFor safe operation of the Internet requires not only high-quality anti-virus, but additional protection against unauthorized access by third parties and questionable applications. Firewall module automatically identifies safe and dangerous to the user connection attempts to access files. In some cases, the program prompts the user to allow or block the execution of certain actions.
Parental ControlThe program includes 13 groups of undesirable and dangerous to view sites such as, for example, sites with content or unethical to conduct gambling. The user can also create your own set of rules for the Internet and viewing content sites.
Mobile antivirusA special function for creating anti-virus on the USB. With this mobile antivirus software can scan your computer without Internet access or to use as additional protection to the already installed on your computer anti-virus solution.
New in 2012 TrustPort• Updates without internet. This allows the use of TrustPort 2012 if there is no access to the Internet.• Now maintained by e-mail client THE BAT.• Protection parameters TrustPort 2012 password.• Protection of local drives and folders• a prohibition on the use of USB-drives.• Improved handling of encrypted disks.• Uprosheno create a Live CD• Improve monitoring
 
 
 
 
Read More »

0 TrustPort USB Antivirus 2012 12.0.0.4796 Final + Crack

05.32 Under From deny saputra
[0 Comment]



TrustPort USB Antivirus 2012 - a mobile solution for the secure exchange of data on removable storage media like flash drives or memory cards. Prevents the use of malicious code on the storage media enables you to encrypt files from unauthorized access.
Data protection in any place and at any timeProtection against viruses and spywareReal-Time Protection USB-carriersScanning from any computerAutomatic updatesData Encryption
Product CharacteristicsAnti-virus protectionWhen connected to a particular computer will be activated resident protection. This prevents malicious code in the storage environment.
Scanning on demandYou can start checking the USB-device at any time. If malicious code is detected, the file will be renamed and moved to Quarantine or deleted, depending on your settings.
Proactive protectionThrough regular updates, the antivirus detects the known threat. But every day there are millions of new viruses, worms and Trojans. To detect them in decisions TrustPort apply advanced technologies analyze the behavior of malicious programs, which determine if the object is (a file, document or program) a dangerous or not.
Data EncryptionThis feature allows you to store sensitive data in encrypted form on a USB drive or memory card, which helps prevent loss or theft vashney information.
New in 2012 TrustPort• Updates without internet. This allows the use of TrustPort 2012 if there is no access to the Internet.• Now maintained by e-mail client THE BAT.• Protection parameters TrustPort 2012 password.• Protection of local drives and folders• a prohibition on the use of USB-drives.• Improved handling of encrypted disks.• Uprosheno create a Live CD• Improve monitoring
  

Read More »

Sabtu, 01 Oktober 2011

0 WebSurgery – Web Application Security Testing Suite

06.40 Under From deny saputra
[0 Comment]
WebSurgery adalah seperangkat alat untuk pengujian keamanan aplikasi web. Ia dirancang untuk auditor keamanan untuk membantu mereka dengan perencanaan aplikasi web dan eksploitasi. Saat ini, ia menggunakan sebuah Web Crawler yang efisien, cepat dan stabil, File / Dir Brute pompa kecil, fuzzer untuk eksploitasi lanjutan dari kerentanan dikenal dan tidak biasa seperti SQL Injection, Cross site scripting (XSS), gaya Brute untuk form login, identifikasi firewall- aturan disaring, Serangan DOS dan proxy WEB untuk menganalisis, mencegat dan memanipulasi lalu lintas antara browser dan aplikasi web target. 

WEB Crawler 

WEB Crawler dirancang untuk menjadi cepat, akurat, stabil, benar-benar parametrable dan penggunaan teknik-teknik canggih untuk mengekstrak link dari Tags Javascript dan HTML. Ia bekerja dengan pengaturan waktu parametrable (Timeout, Threading, Max data Ukuran,


Retries) dan sejumlah parameter aturan untuk mencegah loop infinitif dan pemindaian gunanya (Kasus Sensitif, Kedalaman Dir, Proses Di atas / bawah, Submit Formulir, Ambil Indeks / Sitemaps, Max Permintaan per File / Script Parameter). Hal ini juga memungkinkan untuk menerapkan header kustom (agen pengguna, kue dll) dan Sertakan / Kecualikan Filter. WEB Crawler datang dengan pompa kecil file tertanam / Brute Dir yang membantu untuk memaksa secara langsung brute untuk file / dirs di direktori ditemukan dari merangkak. 

WEB Bruteforcer 
WEB Bruteforcer adalah pompa kecil kasar untuk file dan direktori dalam aplikasi web yang membantu untuk mengidentifikasi struktur yang tersembunyi. Hal ini juga multi-threaded dan benar-benar parametrable untuk pengaturan waktu (Timeout, Threading, Max data Ukuran, Retries) dan aturan (Header, Basis Dir, dirs kekuatan Brute / File, Ekstensi Rekursif, File ini, Kirim GET / KEPALA, Ikuti Redirect, Proses Cookie dan konfigurasi Daftar generator). 
Secara default, ini akan brute force dari root / base dir rekursif untuk kedua file dan direktori. Ia mengirimkan KEPALA baik dan permintaan GET ketika membutuhkannya (HEAD untuk mengidentifikasi apakah file / dir ada dan kemudian GET untuk mengambil respon penuh). 

WEB fuzzer 
WEB fuzzer adalah alat yang lebih maju untuk menciptakan sejumlah permintaan berdasarkan satu permintaan awal. Fuzzer tidak memiliki batas dan dapat digunakan untuk mengeksploitasi kerentanan dikenal seperti (buta) SQL Inections dan cara-cara yang lebih unsual seperti menangani input identifing yang tidak tepat, firewall / aturan penyaringan, Serangan DOS. 

WEB Editor 
Sebuah Editor WEB sederhana untuk mengirim permintaan individu. Hal ini juga berisi HEX Editor untuk permintaan lebih maju. 

WEB Proxy 
WEB proxy server proxy berjalan secara lokal dan akan memungkinkan Anda untuk menganalisis, mencegat dan memanipulasi HTTP / HTTPS permintaan yang datang dari browser atau aplikasi lainnya yang mendukung proxy.



You can download WebSurgery here:
Setup – setup.msi
Portable – websurgery.zip
Read More »

0 WAVSEP - Aplikasi Web Vulnerability Scanner Evaluasi Proyek

06.35 Under From deny saputra
[0 Comment]
Penulis WAVSEP (Shay Chen) e-mail beberapa waktu yang lalu tentang proyek ini, tapi aku harus mengatakan bahwa saya jujur ​​tidak punya waktu untuk melihat kembali kemudian. Itu muncul kembali di radar saya lagi ketika itu disebutkan oleh penulis - Arachni v0.3 - alat rekannya melakukan sangat baik dalam tes WAVSEP. 
Benchmark tes SQL Injection dan akurasi deteksi kerentanan Tercermin scanner XSS of12 aplikasi web komersial dan 48 scanner source web aplikasi gratis & terbuka, dan membahas kemampuan banyak orang lain (termasuk informasi tentang kuda Trojan potensial dalam salah satu dari mereka). 

Selain benchmark, penulis telah menerbitkan sebuah fitur perbandingan rinci antara semua scanner (yang umumnya mencakup setiap sumber terbuka atau bebas untuk menggunakan aplikasi pemindai kerentanan web umum yang tersedia) 

Penelitian ini membandingkan aspek-aspek berikut alat ini: 

    Jumlah & Jenis Fitur Deteksi Kerentanan 
    Akurasi Deteksi SQL Injection 
    Tercermin Site Scripting Palang Akurasi Deteksi 
    Umum & Khusus Pemindaian Fitur 
Dan apa yang penulis percaya kepada saya yang paling penting adalah bahwa selama penelitian itu ia telah mengembangkan sebuah toolkit yang dapat digunakan oleh setiap individu atau organisasi untuk menguji keakuratan scanner aplikasi web dengan cara yang sangat rinci dan akurat. 

I untuk satu memuji upaya dan saya pikir ini adalah sebuah proyek besar, tentu saja tidak ada peringkat sepenuhnya obyektif untuk hal-hal semacam - tetapi penelitian ini tidak memberikan Anda ide yang baik di mana aplikasi yang berbeda berdiri terutama dalam hal dari SQL Injection dan XSS deteksi. 
Banyak alat yang kita telah menulis tentang di sini di Darknet keluar puncak (tidak mengejutkan). 

Patokan dan laporan (sekitar 13 total) dapat ditemukan di sini:

http://sectooladdict.blogspot.com/
The framework for assessing vulnerability scanners was implemented in JEE and can be downloaded here:
wavsep-v1.0.3-war.zip
Read More »

0 Lilith - Alat Keamanan Aplikasi Web Audit

06.30 Under From deny saputra
[0 Comment]
Lilith adalah alat yang ditulis dalam Perl untuk mengaudit aplikasi web. Alat inimenganalisa halaman web dan mencari bentuk html tag, yang sering merujuk ke halaman dinamis yang mungkin terkena injeksi SQL atau cacat lainnya. Ia bekerjasebagai laba-laba biasa dan halaman analisis, berikut hyperlink, menyuntikkan karakter khusus yang memiliki arti khusus untuk setiap platform yang mendasari.

Setiap aplikasi Web pemindai tidak dapat melakukan audit yang benar penuh 100%.Oleh karena itu, kembali cek-manual yang diperlukan. Oleh karena itu, harus menyadaribahwa Lilith mungkin datang dengan beberapa positif palsu.

Lilith adalah program yang memverifikasi keamanan aplikasi web. Sebagai seorang konsultan keamanan, penulis sering melihat aplikasi web yang mengandung kelemahan keamanan. Sebuah aplikasi web adalah entitas kompleks dan tidak dapat sepenuhnyadiperiksa dengan "hanya alat apapun", untuk itu saya sarankan Anda untukmemverifikasi secara manual hasil apapun.

Bagaimana seluruh "scanning" kerja proses ini berbeda dari apa yang disebut "scannerCGI", seperti Nikto dan n-siluman. Program ini akan surfing ke situs web danmerangkak melalui semua link, hanya sebagai pengguna akan ke. Pada setiap kolom input mungkin, seperti kotak teks, halaman id, ... Lilith akan berusaha untuk menyuntikkan karakter apapun yang mungkin memiliki arti khusus untuk setiap teknologi yang mendasari seperti SQL.

Untuk informasi lebih lanjut, dianjurkan untuk membaca kertas putih berikut: diseksi web menggunakan lilith.

Anda dapat mendownload Lilith di sini:


lilith-06atar.gz
Read More »

0 wifite – Mass Wifi WEP/WPA Key Cracking Tool

06.21 Under From deny saputra
[0 Comment]
wifite dibuat untuk menyerang beberapa jaringan WEP dan WPA dienkripsi pada waktu yang sama. Alat ini akan otomatis disesuaikan dengan hanya beberapa argumen dan dapat dipercaya untuk berjalan tanpa pengawasan.

fitur

     macam target dengan kekuatan (dalam dB); retak jalur akses terdekat pertama
     semua jabat tangan WPA yang didukung (ke direktori wifite.py 's bekerja)
     pertengahan-serangan pilihan: berhenti selama serangan dengan Ctrl + C untukdigunakan (terus, pindah ke target berikutnya, melompat ke retak, keluar)
     berbagai filter untuk menentukan dengan tepat apa yang menyerang (WEP / WPA /baik, di atas kekuatan sinyal tertentu, saluran, dll)
     sangat disesuaikan pengaturan (timeout, paket / detik, dll)
     SKA dukungan (belum dicoba)
     menemukan perangkat dalam mode monitor, jika tidak ada yang ditemukan,meminta untuk seleksi
     semua password disimpan ke log.txt
     beralih serangan WEP tidak me-reset IVS
     menampilkan ringkasan sesi di pintu keluar; menunjukkan tombol apapun retak

Anda dapat mendownload wifite sini:

wifite.py

Read More »

0 THC-Hydra 5.8 Dirilis - Sangat Cepat Multi-Threaded Login / Password Cracker

06.15 Under From deny saputra
[0 Comment]
Nomor satu lubang keamanan terbesar adalah password, karena setiap sandikeamanan menunjukkan studi. Hydra adalah cracker diparalelkan (multi-threaded) loginyang mendukung menyerang / retak protokol banyak. Modul baru mudah untuk menambahkan, selain itu, itu adalah fleksibel dan sangat cepat.

Kami belum disebutkan Hydra sejak jalan kembali pada 2007 - THC-Hydra - PerangkatJaringan Masuk Cepat dan Fleksibel Hacking

Saat ini alat ini mendukung:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL,
          MYSQL, REXEC,RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5,
          VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3,
          Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, LDAP2,
          Cisco AAA (incorporated in telnet module).
 
 
Terakhir perubahan untuk v5.8

     Ditambahkan Apple Filing Protocol (terima kasih untuk "tidak pernah lelah" MaciejakDavid @ gmail dot com)
     Fixed bug besar di opsi SSL (-S)
Additions prior to public release (v5.7 and before)
  • Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com)
  • Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz
  • Removed unnecessary compiler warnings
  • Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be
  • Fixed small local defined overflow in the teamspeak module. Does it still work anyway??
  • Moved to GPLv3 License (lots of people wanted that)
  • Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for the 0.2 basis)
  • Added firebird support (by David Maciejak @ GMAIL dot com)
  • Added SIP MD5 auth patch (by Jean-Baptiste Aviat jba [at] hsc [dot] `french tld’)
  • Removed Palm and ARM support
  • Fix for cygwin which falsely detected postgres library when there was none.
You can download Hydra v5.8 here:
 

 

Read More »

0 Crunch - Password Generator Wordlist Cracking

06.10 Under From deny saputra
[0 Comment]
Crunch adalah generator wordlist di mana Anda dapat menentukan karakter set standar atau set karakter yang Anda tentukan. krisis dapat menghasilkan semua kemungkinan kombinasi dan permutasi.

Beberapa pilihan lain adalah:...




Read More »

0 SHA-1 password Cracked Menggunakan GPU Amazon EC2 Cloud

06.04 Under From deny saputra
[0 Comment]
Ini bukan pertama kalinya seseorang telah menarik off ini, kembali pada bulan November 2009 kami menulis tentang Menggunakan Cloud Computing Untuk CrackPassword - Amazon EC2.

Menambahkan bahwa dengan jalan cerita kembali dari 2007 - Kartu Grafis - The Next Big Thing untuk Cracking Password? - Dan Anda punya diri Anda combo yang menarikdengan penawaran baru dari Amazon, didistribusikan GPU berbasis sumber daya.

Masukan dua cerita bersama-sama dalam gaya hacker sejati dan Anda berakhir dengan seorang pria yang digunakan contoh GPU pada platform Amazon EC2 untuk crack SHA-1 hash password.

     Sebuah antusias keamanan Jerman telah menggunakan sumber daya komputasidisewa untuk memecahkan algoritma hashing aman (SHA-1) sandi.

     Thomas Roth menggunakan sumber daya komputer berbasis GPU disewakan untuk menjalankan serangan brute force untuk crack hash SHA1. Ahli enkripsimemperingatkan selama setidaknya lima tahun SHA-1 tidak bisa lagi dianggap aman sehingga apa yang patut dicatat tentang proyek Roth tidak apa yang dia lakukan atau pendekatan yang digunakan, yang pada dasarnya didasarkan pada mencoba setiapkombinasi yang mungkin sampai ia menemukan hit, namun teknologi yang digunakan.

     Apa yang digunakan untuk menjadi barang dari proyek komputasi terdistribusidengan peserta seluruh dunia yang mengambil berbulan-bulan untuk menghasilkan buah sekarang dapat dilakukan oleh seorang individu tunggal dalam menit danmenggunakan sumber daya disewakan bahwa biaya harga yang sama seperti kopipagi hari untuk melaksanakan trik. Roth bukti-konsep olahraga biaya hanya $ 2. Ini adalah jumlah yang dibutuhkan untuk menyewa sebuah bank grafis yang kuatprocessing unit untuk melaksanakan diperlukan angka-angka menggunakanCuda-Multiforcer.

SHA-1 tentu saja retak perjalanan kembali pada tahun 2005, dan banyak dilaporkanpada tahun 2007 - dan sementara yang dihapus ini masih digunakan dalam banyak aplikasi.

Tapi kemudian serangan ini tidak benar-benar menggunakan kelemahan dalamalgoritma - itu hanya lurus ke atas hash retak itu.

Alat yang digunakannya adalah CUDA Multiforcer - GPU Kinerja Multihash Brute pompa kecil Didukung Tinggi.

SHA-1, meskipun dalam proses yang bertahap, masih bentuk komponen dari berbagai aplikasi keamanan secara luas digunakan, termasuk Secure Sockets Layer, Transport Layer Security dan S / MIME protokol. Roth mengklaim telah retak semua hash dari hash 160-bit SHA-1 dengan password antara 1 dan 6 karakter dalam sekitar 49 menit.Proses ini akan menciptakan sebuah meja pelangi, memungkinkan password yang pendek dan karena itu otomatis tidak aman untuk dicocokkan dengan hash mereka. Ini tidak akan bekerja untuk password panjang lagi. Meskipun demikian, semakin besar poin yang disewakan sumber daya komputasi dapat digunakan untuk hacking password masih berdiri. 

    
Keamanan pengamat memperingatkan bahwa pembangunan membuka kemungkinan ulah penjahat cyber menggunakan pay-as-you-go berbasis komputasi awan lingkungan pemrosesan paralel untuk tujuan mereka sendiri jahat. 

    
Chris Burchett, CTO dan co-pendiri Credant perusahaan keamanan data, berkata: "Sangat mudah untuk memulai sebuah cluster 100-simpul retak hanya dengan beberapa klik, tetapi jika Anda memperluas lingkungan pemrosesan paralel dengan hanya beberapa faktor, hal menjadi mungkin untuk crack password dari sebagian besar jenis dalam jangka waktu relatif singkat. " 

    
Penjahat dunia maya mungkin menggunakan kredensial pembayaran kartu curian untuk mendanai awan petualangan mereka retak "yang berarti mereka tidak akan peduli tentang biaya yang terlibat," tambahnya. 

    
Sekitar 12 bulan lalu, seorang hacker topi putih, Moxie Marlinspike, menciptakan sebuah Wi-Fi secara online password cracking layanan yang disebut WPAcracker.com. Layanan $ 17-a-time dapat crack password Wi-Fi di sekitar 20 menit, dibandingkan dengan 120 jam PC dual-core yang dibutuhkan untuk melaksanakan pekerjaan yang sama. 
Meskipun tidak ada yang benar-benar baru di sini, itu masih sebuah implementasi menarik dari beberapa teknik yang sudah dikenal. Seperti awan / komputasi terdistribusi menjadi bahkan lebih murah, aku kira kita akan melihat lebih banyak serangan serupa di masa mendatang. 
Posting asli (yang rincian yang tepat tentang bagaimana untuk mengatur semuanya) dapat ditemukan di blog Thomas Roth di sini:

Cracking Passwords In The Cloud: Amazon’s New EC2 GPU Instances
Read More »