nukeitdotorg » Tools

pygame2 2.0.0 alpha5 for python 2.7 win32

fuzion — Fri, 16 Jul 2010 05:33:12 +0000

Package
PyGame Reloaded – Multimedia Framework for Python

http://code.google.com/p/pgreloaded/

Built for Python 2.7 on Windows using MSVC

Test Results

\Python27\python -c "import pygame2.test; pygame2.test.run ()"
Running tests [ 389 / 389 ] ...
======================================================================
-- Statistics --
======================================================================
Options:
                'subprocess' = 'False'
                'random' = 'False'
                'seed' = 'None'
                'verbose' = 'False'
                'excludetags' = '['interactive']'
Time taken:     5.745 seconds
Tests executed: 389
Tests OK:       389
Tests ERROR:    0
Tests FAILURE:  0

Download pygame2 2.0.0 alpha5 for python 2.7 win32

CRC32: 7850D7AD
MD5: C2E6D0B6CB43FE049E63B0D501557616
SHA-1: 7BB7519FF1C25F6344B57DF6A5546CE207D1639A

Update – An official build is now available on the pygame2 site.

Google Forum Followup Cleaner

fuzion — Wed, 23 Jun 2010 13:12:35 +0000

Here’s a simple Greasemonkey script to remove the stupid “Did you find this answer helpful?” that shows up on many Google sites when you are logged in.

Turn this:

In to this:

Download Google Forum Followup Cleaner

GnackTrack 10.04 beta1 [Security Distro]

fuzion — Mon, 26 Apr 2010 12:37:09 +0000

GnackTrack is a brand new Ubuntu based penetration testing Linux distribution similar to Backtrack, but using Gnome instead of KDE as the main window manager. GnackTrack beta1 looks like its on the right track. Take a look at some screens I took in Vbox:

You can expect to find a few quirks since GnackTrack is still in early development. It looks like the creator is open to suggestions, so if you have one be sure to check out his FAQ page for contact info.

http://www.gnacktrack.co.uk

Matriux 0.9.4 beta1 [Security Distro]

fuzion — Mon, 01 Feb 2010 19:15:23 +0000

Matriux is…

… a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.

It’s slick, responsive (even under a VM with bare resources) thanks to it’s lean system requirements and comes with an ‘Arsenal’ of tools to help you get stuff done efficiently. Matriux also seems to have a lot going for it as far as an active community reachable through IRC and forums. Overall, the experience is good. It’s at the very least on par with other distros of this nature. I’m mostly impressed by its speed considering its use of KDE4 with a few sfx turned on. I’ll see how it fares on my crappy little Atom based netbook later.

[slider title="Click to show a comprehensive list of security tools included in Matriux"]

Reconnaissance

DNS

DIG
DNSBruteForce
DNSTracer
DNSWalk

HTTrack

HTTrack
WebHTTrack Website Copier
Browse Mirrored Websites

Others

Chaosreader
Deepmagic Information Gathering Tool
dsniff password sniffer
EtherApe
tcpdump
tcpslice
tcptrace
tcptracert
Network Analyzer (Wireshark)
xtrace

Scanning

BATMAN-Tools

batping
batroute
batdump

Cisco

CDP Packet Generator
HSRP Generator

Routing-Protocols

Autonomous System Scanner
IGRP Route Injector

Web-Scanners

Nikto
Angry IP Scan
CryptCat
ettercap console
Ettercap Gui
file2cable
Web Server Fingerprinting Tool
icmpush
icmpquery
IRDP Packet Sender
IRDP Responder Packet Sender
Netcat
netenum
netmask
Nmap
Paris Traceroute
Protocol Scanner
Parallel Internet Measurement Utility
tctrace
THC-Amap
The Network Mapper Front End

Gain Access (Attack Tools)

Brute-Force

BruteSSH

Password

crunch
md5-utils

Others

Mac Changer

Framework

Fast-Track

Fast Track Console Mode
FT-Interactive Menu
Fast Track Gui

Inguma

Inguma-cli
Inguma-gui

Metasploit Framework 2

msf2-cli
msf2-console
msf2-update
msf2-web
msf2-web console v2.7.

Metasploit Framework 3

msf3-cli
msf3-console
msf3-gui
msf3-web
msf3-web console v3.2

Others

Grendel-Scan
HTTP Request Exploit Framework
WebSecurify
WSFuzzer

Radio

Bluetooth

haraldscan

Wireless 802.11

airbase-ng
aircrack-ng
airdecap-ng
airdecloak-ng
airdriver-ng
aireplay-ng
airmon-ng
airodump-ng
airolib-ng
airserv-ng
airtun-ng
buddy-ng
easside-ng
packetforge-ng
tkiptun-ng
wesside-ng
WiFi Radar

Digital-Forensics

Acquisition

Automated Image & Restore 1.28
Guymager

Analysis

Start Autopsy
Autopsy Forensics Browser
Gpart
Pasco
Vinetto
Start WarVOX
Open WarVOX Web Interface
Xplico Console Mode (Internet Traffic Decoder)
Xplico Web Interface (Internet Traffic Decoder)
Dhash

Debugger

Crash
e2dbg
efence
JavaScript Lint
valgrind

Tracer

Leak-Tracer

Leak Analyze
Leak Check
etrace
ltrace
pstack
strace

[/slider]

http://www.matriux.com/

w3af 1.0-rc3 console for Windows

fuzion — Sat, 09 Jan 2010 03:57:44 +0000

Here’s w3af 1.0 RC3 CLI built for Windows. Please leave a comment if you find a bug. This is not supported software. Please don’t bother reporting bugs to the official list or tracker unless you can confirm it in the original untouched source as well.

Features:

Latest tagged release.
Python 2.6 and updated dependencies built in.
Completely portable.
Tested on Windows XP and 7
“Fixed” many deprecation warnings. Please test!
You can edit the plugins!

Download:

Normal - http://rapidshare.com/files/332486992/w3af-1.0-rc3-console.7z
Slow - http://nukeit.org/pub/w3af-1.0-rc3-console.7z

Stats:

Size: 16,477,852 bytes
CRC32: 846EA1F7
MD5: 42111F575B702660457425DE7EBFA344
SHA-1: 654D70D81BF61579120D238DE2505AA9614DF753

If you’d like to know how I managed to get this built with pyinstaller and fix all the deprecation warnings, take a look at [slider title="this hideous patch:"]

Index: core/controllers/easy_contribution/sourceforge.py
===================================================================
--- core/controllers/easy_contribution/sourceforge.py	(revision 3264)
+++ core/controllers/easy_contribution/sourceforge.py	(working copy)
@@ -23,7 +23,7 @@
 import os
 import cgi
 import time
-import md5
+import hashlib
 import urllib2, urllib
 import cookielib
 from core.controllers.misc.get_w3af_version import get_w3af_version
@@ -102,7 +102,7 @@
         else:
             # Generate the summary, the random token is added to avoid the
             # double click protection added by sourceforge.
-            summary += md5.new( time.ctime() ).hexdigest()
+            summary += hashlib.md5( time.ctime() ).hexdigest()
 
         # Now we handle the details
         details = ''
Index: core/controllers/extrusionScanning/extrusionScanner.py
===================================================================
--- core/controllers/extrusionScanning/extrusionScanner.py	(revision 3264)
+++ core/controllers/extrusionScanning/extrusionScanner.py	(working copy)
@@ -32,7 +32,7 @@
 
 import time
 import os
-import md5
+import hashlib
 import socket
 
@@ -73,7 +73,7 @@
         r += self._exec('uname -a')
         r += self._exec('env')
         r += self._exec('net user')
-        return md5.new(r).hexdigest()
+        return hashlib.md5(r).hexdigest()
 
     def isAvailable( self, port, proto ):
         try:
Index: core/controllers/misc/homeDir.py
===================================================================
--- core/controllers/misc/homeDir.py	(revision 3264)
+++ core/controllers/misc/homeDir.py	(working copy)
@@ -61,7 +61,7 @@
     '''
     @return: The location of the w3af directory inside the home directory of the current user.
     '''
-    home_path = user.home + os.path.sep + '.w3af'
+    home_path = '.w3af'
     return home_path
 
 def home_dir_is_writable():
Index: core/data/parsers/dpCache.py
===================================================================
--- core/data/parsers/dpCache.py	(revision 3264)
+++ core/data/parsers/dpCache.py	(working copy)
@@ -26,7 +26,7 @@
 import core.data.parsers.documentParser as documentParser
 from core.controllers.misc.lru import LRU
 
-import md5
+import hashlib
 import thread
 
@@ -42,7 +42,7 @@
 
     def getDocumentParserFor( self, httpResponse, normalizeMarkup=True ):
         res = None
-        hash = md5.new( httpResponse.getBody() ).hexdigest()
+        hash = hashlib.md5( httpResponse.getBody() ).hexdigest()
 
         with self._LRULock:
             if hash in self._cache:
Index: core/data/url/handlers/keepalive.py
===================================================================
--- core/data/url/handlers/keepalive.py	(revision 3264)
+++ core/data/url/handlers/keepalive.py	(working copy)
@@ -686,7 +686,7 @@
     keepalive_handler.close_all()
 
 def continuity(url):
-    import md5
+    import hashlib
     format = '%25s: %s'
 
     # first fetch the file with the normal http handler
@@ -695,7 +695,7 @@
     fo = urllib2.urlopen(url)
     foo = fo.read()
     fo.close()
-    m = md5.new(foo)
+    m = hashlib.md5(foo)
     print format % ('normal urllib', m.hexdigest())
 
     # now install the keepalive handler and try again
@@ -705,7 +705,7 @@
     fo = urllib2.urlopen(url)
     foo = fo.read()
     fo.close()
-    m = md5.new(foo)
+    m = hashlib.md5(foo)
     print format % ('keepalive read', m.hexdigest())
 
     fo = urllib2.urlopen(url)
@@ -715,7 +715,7 @@
         if f: foo = foo + f
         else: break
     fo.close()
-    m = md5.new(foo)
+    m = hashlib.md5(foo)
     print format % ('keepalive readline', m.hexdigest())
 
 def comp(N, url):
Index: core/data/url/handlers/localCache.py
===================================================================
--- core/data/url/handlers/localCache.py	(revision 3264)
+++ core/data/url/handlers/localCache.py	(working copy)
@@ -25,7 +25,7 @@
 import urllib2
 import httplib
 import unittest
-import md5
+import hashlib
 from core.controllers.misc.homeDir import get_home_dir
 
 import StringIO
@@ -47,7 +47,7 @@
     id += request.get_full_url()
     for h in request.headers.keys():
         id += h + request.headers[h]
-    return md5.new(id).hexdigest()
+    return hashlib.md5(id).hexdigest()
 
 class CacheHandler(urllib2.BaseHandler):
     '''
Index: core/data/url/handlers/MultipartPostHandler.py
===================================================================
--- core/data/url/handlers/MultipartPostHandler.py	(revision 3264)
+++ core/data/url/handlers/MultipartPostHandler.py	(working copy)
@@ -42,7 +42,7 @@
 import urllib
 import urllib2
 import mimetools, mimetypes
-import os, stat, md5
+import os, stat, hashlib
 from core.data.fuzzer.fuzzer import string_file
 
 class Callable:
@@ -102,7 +102,7 @@
             # '127.0.0.1.1000.6267.1173556103.828.1'
             # This contains my IP address, I dont like that...
             # Now:
-            boundary = md5.new(mimetools.choose_boundary()).hexdigest()
+            boundary = hashlib.md5(mimetools.choose_boundary()).hexdigest()
         if buffer is None:
             buffer = ''
 
Index: extlib/pyPdf/pyPdf/pdf.py
===================================================================
--- extlib/pyPdf/pyPdf/pdf.py	(revision 3264)
+++ extlib/pyPdf/pyPdf/pdf.py	(working copy)
@@ -46,8 +46,8 @@
 import utils
 from generic import *
 from utils import readNonWhitespace, readUntilWhitespace, ConvertFunctionsToVirtualList
-from sets import ImmutableSet
-
+#from sets import ImmutableSet
+ImmutableSet = frozenset
 ##
 # This class supports writing PDF files out, given pages produced by another
 # class (typically {@link #PdfFileReader PdfFileReader}).
@@ -115,7 +115,7 @@
     # encryption.  When false, 40bit encryption will be used.  By default, this
     # flag is on.
     def encrypt(self, user_pwd, owner_pwd = None, use_128bit = True):
-        import md5, time, random
+        import hashlib, time, random
         if owner_pwd == None:
             owner_pwd = user_pwd
         if use_128bit:
@@ -129,8 +129,8 @@
         # permit everything:
         P = -1
         O = StringObject(_alg33(owner_pwd, user_pwd, rev, keylen))
-        ID_1 = md5.new(repr(time.time())).digest()
-        ID_2 = md5.new(repr(random.random())).digest()
+        ID_1 = hashlib.md5(repr(time.time())).digest()
+        ID_2 = hashlib.md5(repr(random.random())).digest()
         self._ID = ArrayObject((StringObject(ID_1), StringObject(ID_2)))
         if rev == 2:
             U, key = _alg34(user_pwd, O, P, ID_1)
@@ -156,7 +156,7 @@
     # @param stream An object to write the file to.  The object must support
     # the write method, and the tell method, similar to a file object.
     def write(self, stream):
-        import struct, md5
+        import struct, hashlib
 
         externalReferenceMap = {}
         self.stack = []
@@ -177,7 +177,7 @@
                 pack2 = struct.pack("= 3:
         for i in range(50):
-            md5_hash = md5.new(md5_hash[:keylen]).digest()
+            md5_hash = hashlib.md5(md5_hash[:keylen]).digest()
     return md5_hash[:keylen]
 
 def _alg33(owner_pwd, user_pwd, rev, keylen):
@@ -1114,14 +1114,14 @@
     return val
 
 def _alg33_1(password, rev, keylen):
-    import md5
-    m = md5.new()
+    import hashlib
+    m = hashlib.md5()
     password = (password + _encryption_padding)[:32]
     m.update(password)
     md5_hash = m.digest()
     if rev >= 3:
         for i in range(50):
-            md5_hash = md5.new(md5_hash).digest()
+            md5_hash = hashlib.md5(md5_hash).digest()
     key = md5_hash[:keylen]
     return key
 
@@ -1131,8 +1131,8 @@
     return U, key
 
 def _alg35(password, rev, keylen, owner_entry, p_entry, id1_entry, metadata_encrypt):
-    import md5
-    m = md5.new()
+    import hashlib
+    m = hashlib.md5()
     m.update(_encryption_padding)
     m.update(id1_entry)
     md5_hash = m.digest()
Index: extlib/scapy/scapy.py
===================================================================
--- extlib/scapy/scapy.py	(revision 3264)
+++ extlib/scapy/scapy.py	(working copy)
@@ -3111,9 +3111,9 @@
             if loctrace:
                 trt[trace_id] = loctrace
 
-        tr = map(lambda x: Gnuplot.Data(x,with="lines"), trt.values())
+        tr = map(lambda x: Gnuplot.Data(x,with_="lines"), trt.values())
         g = Gnuplot.Gnuplot()
-        world = Gnuplot.File(conf.gnuplot_world,with="lines")
+        world = Gnuplot.File(conf.gnuplot_world,with_="lines")
         g.plot(world,*tr)
         return g
 
Index: plugins/attack/db/dbDriverFunctions.py
===================================================================
--- plugins/attack/db/dbDriverFunctions.py	(revision 3264)
+++ plugins/attack/db/dbDriverFunctions.py	(working copy)
@@ -13,7 +13,7 @@
 
 import urllib
 import time
-import md5
+import hashlib
 import os
 import random
 
Index: plugins/discovery/favicon_identification.py
===================================================================
--- plugins/discovery/favicon_identification.py	(revision 3264)
+++ plugins/discovery/favicon_identification.py	(working copy)
@@ -43,7 +43,7 @@
 from core.controllers.w3afException import w3afException, w3afRunOnce
 
 import re
-import md5
+import hashlib
 import os.path
 
@@ -86,7 +86,7 @@
             response = self._urlOpener.GET( def_favicon_url, useCache=True )
 
             if not is_404( response ):
-                favmd5=md5.new(response.getBody()).hexdigest()
+                favmd5=hashlib.md5(response.getBody()).hexdigest()
 
                 try:
                     # read MD5 database.
Index: plugins/discovery/findCaptchas.py
===================================================================
--- plugins/discovery/findCaptchas.py	(revision 3264)
+++ plugins/discovery/findCaptchas.py	(working copy)
@@ -33,7 +33,7 @@
 import core.data.kb.knowledgeBase as kb
 import core.data.kb.info as info
 
-import sha
+import hashlib
 import mimetypes
 import core.data.parsers.documentParser as documentParser
 
@@ -121,7 +121,7 @@
                     except:
                         om.out.debug('Failed to retrieve the image for finding captchas.')
                     else:
-                        res[ img_src ] = sha.new(image_response.getBody()).hexdigest()
+                        res[ img_src ] = hashlib.sha1(image_response.getBody()).hexdigest()
 
         return res
 
Index: plugins/discovery/phpEggs.py
===================================================================
--- plugins/discovery/phpEggs.py	(revision 3264)
+++ plugins/discovery/phpEggs.py	(working copy)
@@ -36,7 +36,7 @@
 import core.data.kb.knowledgeBase as kb
 import core.data.kb.info as info
 
-import md5
+import hashlib
 
 class phpEggs(baseDiscoveryPlugin):
@@ -274,7 +274,7 @@
         else:
             cmp_list = []
             for r in response:
-                cmp_list.append( (md5.new(r[0].getBody()).hexdigest(), r[1] ) )
+                cmp_list.append( (hashlib.md5(r[0].getBody()).hexdigest(), r[1] ) )
             cmp_set = set( cmp_list )
 
             found = False
Index: scripts/script-all.w3af
===================================================================
--- scripts/script-all.w3af	(revision 3264)
+++ scripts/script-all.w3af	(working copy)
@@ -10,7 +10,7 @@
 output config console
 set verbose False
 back
-discovery all, !fingerMSN, !fingerGoogle, !fingerPKS, !spiderMan
+discovery all, !fingerMSN, !fingerGoogle, !fingerPKS, !spiderMan !detectReverseProxy
 discovery
 grep all
 grep
@@ -20,6 +20,6 @@
 bruteforce
 back
 target
-set target http://localhost/w3af/
+set target http://localhost/
 back
 start
Index: scripts/script-find_captcha.w3af
===================================================================
--- scripts/script-find_captcha.w3af	(revision 3264)
+++ scripts/script-find_captcha.w3af	(working copy)
@@ -13,7 +13,7 @@
 
 back
 target
-set target http://localhost/w3af/discovery/find_captcha/index.php
+set target http://localhost/
 back
 
 start
Index: w3af_console
===================================================================
--- w3af_console	(revision 3264)
+++ w3af_console	(working copy)
@@ -2,7 +2,76 @@
 
 import getopt, sys, os
 import gettext
-
+import hashlib
+import csv
+import Cookie
+import core.controllers.outputManager as om
+import core.data.constants.browsers as browsers
+import core.data.constants.dbms as dbms
+import core.data.constants.httpConstants as httpConstants
+import core.data.constants.httpConstants as http_constants
+import core.data.constants.severity as severity
+import core.data.constants.w3afPorts as w3afPorts
+import core.data.dc.form as form
+import core.data.kb.config as cf
+import core.data.kb.info as info
+import core.data.kb.info as infokb
+import core.data.kb.knowledgeBase as kb
+import core.data.kb.vuln as vuln
+import core.data.parsers.documentParser as documentParser
+import core.data.parsers.dpCache as dpCache
+import core.data.parsers.urlParser as urlParser
+import core.data.request.httpPostDataRequest as httpPostDataRequest
+import core.data.request.httpQsRequest as httpQsRequest
+import core.data.url.httpResponse as httpResponse
+from core.controllers.basePlugin.baseAttackPlugin import *
+from core.controllers.basePlugin.baseAuditPlugin import *
+from core.controllers.basePlugin.baseBruteforcePlugin import *
+from core.controllers.basePlugin.baseDiscoveryPlugin import *
+from core.controllers.basePlugin.baseEvasionPlugin import *
+from core.controllers.basePlugin.baseGrepPlugin import *
+from core.controllers.basePlugin.baseManglePlugin import *
+from core.controllers.basePlugin.baseOutputPlugin import *
+from core.controllers.basePlugin.basePlugin import *
+from core.controllers.coreHelpers.fingerprint_404 import *
+from core.controllers.daemons.proxy import *
+from core.controllers.daemons.webserver import *
+from core.controllers.misc.factory import *
+from core.controllers.misc.get_local_ip import *
+from core.controllers.misc.groupbyMinKey import *
+from core.controllers.misc.homeDir import *
+from core.controllers.misc.is_private_site import *
+from core.controllers.misc.levenshtein import *
+from core.controllers.misc.temp_dir import *
+from core.controllers.misc.webroot import *
+from core.controllers.sql_tools.blind_sqli_response_diff import *
+from core.controllers.sql_tools.blind_sqli_time_delay import *
+from core.controllers.threads.threadManager import *
+from core.controllers.threads.w3afThread import *
+from core.controllers.w3afException import *
+from core.data.constants.common_directories import *
+from core.data.db.db import *
+from core.data.db.history import *
+from core.data.db.temp_persist import *
+from core.data.dc.form import *
+from core.data.exchangableMethods import *
+from core.data.fuzzer.formFiller import *
+from core.data.fuzzer.fuzzer import *
+from core.data.fuzzer.mutant import *
+from core.data.getResponseType import *
+from core.data.kb.shell import *
+from core.data.options.option import *
+from core.data.options.optionList import *
+from core.data.parsers.dpCache import *
+from core.data.parsers.urlParser import *
+from core.data.request.frFactory import *
+from core.data.request.httpQsRequest import *
+from core.data.searchEngines.googleSearchEngine import *
+from core.data.searchEngines.msn import *
+from core.data.searchEngines.pks import *
+from core.data.searchEngines.yahooSiteExplorer import *
+from core.data.url.xUrllib import *
+
 # First of all, we need to change the working directory to the directory of w3af.
 currentDir = os.getcwd()
 scriptDir = os.path.dirname(sys.argv[0]) or '.'

[/slider]
I’ll have both GUI and console packaged versions uploaded soon.

DECAF – Detect and Eliminate Computer Assisted Forensics [COFEE]

fuzion — Mon, 14 Dec 2009 18:21:10 +0000

Worried about Microsoft’s COFEE? Now there is DECAF, a tiny application which will monitor Windows boxes and detect the presence of COFEE. There are lots of neat little features already enabled with this version. Check out their description:

DECAF is a counter intelligence tool specifically created around the obstruction of the well known Microsoft product COFEE used by law enforcement around the world.

DECAF provides real-time monitoring for COFEE signatures on USB devices and running applications. Upon finding the presence of COFEE, DECAF performs numerous user-defined processes; including COFEE log clearing, ejecting USB devices, drive-by dropper, and an extensive list of Lockdown Mode settings. The Lockdown mode gives the user an automated approach to locking down the machine at the first sign of unusual law enforcement activity.

DECAF is highly configurable giving the user complete control to on-the-fly scenarios. In a moments notice, almost every piece of hardware can be disabled and pre-defined files can be deleted in the background. DECAF also gives the user an opportunity to simulate COFEE’s presence by sending the application into a ‘Spill the cofee’ type mode. Simulation gives the user an opportunity to test his or her configuration before going live.

Download DECAF, view more screenshots, and read more about it here:

http://decafme.org/

Pentoo i686 and x86_64 2009.0 final

fuzion — Sat, 05 Dec 2009 05:04:10 +0000

Pentoo i686 and x86_64 2009.0 final are out now. Check out some of the features in the well made gentoo-based penetration testing live linux distro:

It features the following :

Changes saving
Enhanced cracking software
- NTLM/MD4/MD5 cuda bruteforcer
- WPA PSK rainbowtables generation accelerated through CUDA, STREAM or PADLOCK
- John The Ripper with MPI support allowing you to run it on all your local or remote cores
Kernel 2.6.31.6 and wifi 2.6.32_rc7 with all the patches from Zero, including the freq patches for ath5k
A slight and sexy UI, Enlightenment DR17, built from SVN

Enabled Firefox Extensions:

Add N Edit Cookies 0.2.1.3
Firebug 1.4.5
FoxyProxy Standard 2.15
HackBar 1.4.2
HttpFox 0.8.4
Live HTTP headers 0.15
Multiproxy Switch 1.32
No-Referer 1.3.1
ShowIP 0.8.17
SQL Inject Me 0.4.4
SQL Injection! 1.3
Tamper Data 10.1.0
User Agent Switcher 0.7.2
XSS Me 0.4.3

Get it here:


http://www.pentoo.ch/download/

pentoo-i686-2009.0.iso
pentoo-x86_64-2009.0.iso

Pentoo i686 2009.0 Final Screenshots:

CFIR and REAPER Security and Forensics Live CDs

fuzion — Mon, 30 Nov 2009 02:00:42 +0000

Linux Computer Forensics & Incident Response LIVECD or CFIR is a pretty straightforward forensics distro.


http://sourceforge.net/projects/cfirproject/

Azril Azam on Facebook


http://www.facebook.com/people/Azril-Azam/1128729650

REAPER is an interesting forensics distro that aims to automate the gathering of documents from a host machine.

Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) – Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).


http://sourceforge.net/projects/reaperforensics/

http://cybercrimetech.com/projects/reaper/reaper.php

Here are a few screens I took from a VM.

New Nmap Beta Released [Nmap 5.10]

fuzion — Mon, 23 Nov 2009 20:05:47 +0000

Changes include:
    14 new NSE scripts, bringing the total to 72!

    A brand new (much faster and more efficient) --traceroute system

    The Zenmap host filter (Ctrl-L) for drilling down to the exact
    systems you want to see in a big scan based on the criteria you
    specify.  For example, type "apache" to see all the hosts running a
    version of the Apache web server.

    UDP protocol-specific payloads make UDP scanning and host discovery
    much more effective.

    And more than 100 other significant changes!

Download Nmap 5.10BETA1 for Windows


http://nmap.org/dist/nmap-5.10BETA1-win32.zip

Cain & Abel 4.9.32 released

fuzion — Sat, 26 Sep 2009 02:33:34 +0000

Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
Changes in this version:

Added Abel64.exe and Abel64.dll to support hashes extraction on x64 operating systems.
Added x64 operating systems support in NTLM hashes Dumper, MS-CACHE hashes Dumper, LSA Secrets Dumper, Wireless Password Decoder, Credential Manager Password Decoder, DialUp Password Decoder.
Added Windows Live Mail (Windows 7) Password Decoder for POP3, IMAP, NNTP, SMTP and LDAP accounts.
Fixed a bug of RSA SecurID Calculator within XML import function.
Executables rebuilt with Visual Studio 2008.

via Cain & Abel 4.9.32 released.