The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: hacking tools

WiFiPhisher — Automated Phishing Attacks Against Wi-Fi Networks

WiFiPhisher — Automated Phishing Attacks Against Wi-Fi Networks
January 05, 2015Swati Khandelwal
A Greek security researcher, named George Chatzisofroniou , has developed a WiFi social engineering tool that is designed to steal credentials from users of secure Wi-Fi networks. The tool, dubbed WiFiPhisher , has been released on the software development website GitHub on Sunday and is freely available for users. "It's a social engineering attack that does not use brute forcing in contrast to other methods. It's an easy way to get WPA passwords ," said George Chatzisofroniou. However, there are several hacking tools available on the Internet that can hack a secure Wi-Fi network, but this tool automates multiple Wi-Fi hacking techniques which make it slightly different from others. WiFiPhisher tool uses "Evil Twin" attack scenario. Same as Evil Twin, the tool first creates a phony wireless Access Point (AP) masquerade itself as the legitimate Wi-Fi AP. It then directs a denial of service (DoS) attack against the legitimate Wi-Fi access poi

Adobe Releases Emergency Flash Player Update to Address Critical Vulnerability

Adobe Releases Emergency Flash Player Update to Address Critical Vulnerability
November 26, 2014Mohit Kumar
Adobe has rolled-out an urgent out-of-band update for a critical remote code-execution vulnerability in its popular Flash Player that is currently being exploited by hackers. The critical vulnerability ( CVE 2014-8439 ) in Flash Player for Windows, Mac and Linux was originally mitigated more than a month ago in October 14, 2014 patch release, but a French researcher Kafeine found its exploits in the Angler and Nuclear malware kits after Adobe released a patch, according to security vendor F-Secure. " The vulnerability is being exploited in blind mass attack. No doubt about it : the team behind Angler is really good at what it does ," Kafeine said in a blog post . The vulnerability allows an attacker to execute arbitrary code due to a weakness in the way a dereferenced pointer to memory is handled. An attacker could serve a specially crafted Flash file to trigger the vulnerability, which would lead to the execution of attacker's code in order to take control

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google
November 20, 2014Wang Wei
Google on Tuesday launched a Security testing tool "Firing Range" , which aimed at improving the efficiency of automated Web application security scanners by evaluating them with a wide range of cross-site scripting (XSS) and a few other web vulnerabilities seen in the wild. Firing Range basically provides a synthetic testing environment mostly for cross-site scripting (XSS) vulnerabilities that are seen most frequently in web apps. According to Google security engineer Claudio Criscione, 70 percent of the bugs in Google's Vulnerability Reward Program are cross-site scripting flaws . In addition to XSS vulnerabilities , the new web app scanner also scans for other types of vulnerabilities including reverse clickjacking , Flash injection , mixed content, and cross-origin resource sharing vulnerabilities. Firing Range was developed by Google with the help of security researchers at Politecnico di Milano in an effort to build a test ground for automated scanners

Suspected Wirelurker iOS Malware Creators Arrested in China

Suspected Wirelurker iOS Malware Creators Arrested in China
November 18, 2014Mohit Kumar
It's been almost two weeks since the WireLurker malware existence was revealed for the first time, and Chinese authorities have arrested three suspects who are allegedly the authors of the Mac- and iOS-based malware that may have infected as many as hundreds of thousands of Apple users. The Beijing Bureau of Public security has announced the arrest of three suspects charged with distributing the WireLurker malware through a popular Chinese third-party online app store. The authorities also say the website that was responsible for spreading the malware has also been shut down. "WireLurker" malware was originally discovered earlier this month by security firm Palo Alto Networks targeting Apple users in China. The malware appeared as the first malicious software program that has ability to penetrate the iPhone's strict software controls. The main concern to worry about this threat was its ability to attack non-jailbroken iOS devices. Once a device infected

SEANux — Syrian Electronic Army To Release its Own Linux-based Distribution

SEANux — Syrian Electronic Army To Release its Own Linux-based Distribution
October 13, 2014Mohit Kumar
Lots of Linux distributions are offered free of cost on the Internet by a number of companies, non-commercial organizations and by many individuals as well, and now, the notorious Syrian Electronic Army (SEA) has announced their own Linux distribution known as SEANux . A Linux distribution is a coordinated collection of software consisting of a customized version of the kernel together with hundreds of open source (i.e., free) utilities, installers, programming languages and application programs. Some of the most popular distributions are Fedora (formerly Red Hat), SuSE, Debian, Ubuntu, Kali Linux, Tails OS and Mint Linux. SEA (Syrian Electronic Army) is the same group of hackers who made the headlines in past year by launching advance phishing attacks against media organisations, usually Western media outlets. The group is reportedly aligned with president Bashar al-Assad and had purposely targeted social media accounts of a number of high-profile media outlets inclu

FBI — Botnets Infecting 18 Computers per Second. But How Many of Them NSA Holds?

FBI — Botnets Infecting 18 Computers per Second. But How Many of Them NSA Holds?
July 17, 2014Swati Khandelwal
Botnets - a secretly compromised networks of ordinary home and office computers with rogue software or "malware" that are controlled by an individual criminal or a group - has dramatically increased over the past several years and are considered to pose the biggest threat to the Internet. Cyber criminals have brushed-up their hacking skills and are using Botnets as a cyber weapon to carry out multiple crimes like DDoS attacks (distributed denial of service), mass spamming, page rank and advertising revenue manipulation, mining bitcoins, cyber espionage and surveillance etc. 18 BOTNET INFECTIONS PER SECOND According to the director of FBI's cyber division, Joseph Demarest, Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Yesterday during a hearing before a U.S. Senate committee, he says that every second 18 computers worldwide are part of botnet armies, which amounts to over 500 million comp

Kali Linux introducing Emergency Self Destruct feature to Full Disk Encryption

Kali Linux introducing Emergency Self Destruct feature to Full Disk Encryption
January 08, 2014Mohit Kumar
Full disk encryption is expected to be the top security technology to be adopted this year. Take a moment to think about the information that is present on your personal computer, i.e. Photo s , passwords, emails, Important documents from work or  Financial data and  trade secrets. Many of us from the Security Industry obviously have enough confidential and important data regarding our work, source codes, or researches stored in our laptops or systems. What if your computer is stolen or seized by any Law enforcement agency at the Airport? Best example to explain the situation is as follows: We all know  Guardian journalist ' Glenn Greenwald ', who  has written a series of stories in July 2013 revealing the NSA's secret surveillance programs, leaked by whistleblower Edward Snowden . In August 2013,  The partner of the Guardian journalist ' Glenn Greenwald ', was returning from a trip to Berlin when he was stopped by officers at the Airport under Terrorism Act 20

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store
October 13, 2013Wang Wei
Three men allegedly installed Credit Card Skimming keylogger at into cash registers in a Nordstrom department store in the Florida. Those Keyloggers were connected via a keyboard cord between the keyboard and the computer to intercept the information transmitted between the two devices and Furthermore, the gang used the connectors designed to resemble common PS2 cables. Krebs has indicated  on his blog that such keyloggers can be easily obtained online for about $40 only. Placing such a devices would have allowed criminals access to data for anyone applying for a Nordstrom credit card , plus any numbers typed in via the keyboard.  In order to collect the captured data, criminals have to return back after few days to collect the keylogger from store. But at this time it is unknown if the men ever returned to the store in order to retrieve the keyloggers and Nordstrom are unaware of any arrests being made. An alert circulated by the police department in Avent

NSA bought Hacking tools from 'Vupen', a French based zero-day Exploit Seller

NSA bought Hacking tools from 'Vupen', a French based zero-day Exploit Seller
September 18, 2013Mohit Kumar
The US government, particularly the National Security Agency  has been paying a French security firm for backdoors and zero day hacks. According to a contract newly released in response to a Freedom of Information request, last year the NSA purchased a 12-month subscription to a " binary analysis and exploits service " sold by Vupen, a zero-day Exploit Seller based in France. VUPEN is one of a handful of companies that sell software exploits and vulnerability details, who do original vulnerability research and develop exploits for bugs that they find. They Sold those exploits to the Governments and Law enforcement agencies. VUPEN has promised that the company only will sell its services to NATO countries and will not deal with oppressive regimes. It is unclear how much money the NSA spent on the Vupen exploits package because the cost has been redacted in the released contract. Last year, Vupen researchers successfully cracked Google's Chrome browser, but declined to

Download Tortilla Tool - Anonymize everything through Tor

Download Tortilla Tool - Anonymize everything through Tor
July 17, 2013Mohit Kumar
Recent disclosures by whistleblower Edward Snowden claiming that internet traffic is being intercepted and used by the Americans in their war on terror, force to re-think about the user's privacy and online anonymity. It has been relatively common knowledge for years that wherever we go on the web, we leave clear tracks, so it shouldn't really have come as much of a surprise to discover this has been going on. The best thing you can do to stay anonymous online is to hide your IP address . If someone knows your IP address, it is the easiest way to trace your online activity back to you and they can easily determine the geographic location of the server that hosts that address and get a rough idea of where you're located. TOR is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Browsing with TOR is a lot like simultaneously using hundreds of different proxies that are randomized periodically.

WiFi Hacking software AirCrack-NG updated after 3 years

WiFi Hacking software AirCrack-NG updated after 3 years
June 03, 2013Wang Wei
The Best WiFi hacking suite  AirCrack-NG updated to 1.2 Beta 1 after three years from the last release. Aircrack-ng is a set of tools for auditing wireless networks. New version added a few new tools and scripts (including distributed cracking tool). Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. Release Notes: Compilation fixes on all supported OSes. Makefile improvement and fixes. A lot of fixes and improvements on all tools and documentation. Fixed licensing issues. Fixed endianness and QoS issues. Download AirCrack-NG for Linux and For Windows

Sandcat Browser 4.0 released, new tools added for Pen-Testers

Sandcat Browser 4.0 released, new tools added for Pen-Testers
May 29, 2013Mohit Kumar
Sandcat Browser, The fastest web browser with many useful security and developer oriented tools updated to version 4.0 with the fastest scripting language packed with features for pen-testers. Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a dramatically improved user experience on several fronts.  Sandcat 4 adds several new pen-tester extensions as part of the new incarnation of its Pen-Tester Tools extension pack. This includes: a Request Loader, a XHR Editor, a XHR Fuzzer, a CGI Scanner, a HTTP Brute Force extension, enhanced request editors, enhanced script runners, and more. New versions comes with a revamped and enhanced Live Headers. You can now view not only the request headers and response headers but the response of HTTP requests and XHR calls. The captured requests can be viewed, exported to and imported from individual files via its Live Headers bar. It adds the ability to save the full request details of captured requ

Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features

Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features
April 26, 2013Mohit Kumar
BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. Security professionals have been relying on the BackTrack security distribution for many years to help them perform their assessments. A couple of weeks ago, futuristic major release of BackTrack was announced as   Kali Linux . Today Backtrack team released few updates to Kali Linux as version 1.0.3 and fixed couple of bugs. " Our first attempts at building an accessible version of Kali failed and after a bit of digging, we found that there were several upstream GNOME Display Manager (GDM3) bugs in Debian, which prevented these accessibility features from functioning with the GDM greeter. Working together with an upstream GNOME developer, we knocked out these bugs and had the fixes implemeted in Kali, and hopefully in future builds of GDM3 in Debian ." Download  new version of Kali Linux ( kali-linux-1.0.3-i386.iso ) wi

Distributed Red Team Operations with Cobalt Strike

Distributed Red Team Operations with Cobalt Strike
February 12, 2013Mohit Kumar
What if you could easily host malicious websites, send phishing emails, and manage compromised hosts across diverse internet addresses? This week's Cobalt Strike adds the ability to manage multiple attack servers at once. Here's how it works: When you connect to two or more servers, Cobalt Strike will show a switch bar with buttons for each server at the bottom of your window. Click a button to make that server active. It's a lot like using tabs to switch between pages in a web browser. To make use of multiple servers, designate a role for each one. Assign names to each server's button to easily remember its role. Dumbly connecting to multiple servers isn't very exciting. The fun comes when you seamlessly use Cobalt Strike features between servers. For example: Designate one server for phishing and another for reconnaissance. Go to the reconnaissance server, setup the system profiler website. Use the phishing tool to deliver the reconnaissance website through

Fast Network cracker Hydra v 7.4 updated version download

Fast Network cracker Hydra v 7.4 updated version download
December 23, 2012Mohit Kumar
One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version. Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. Change Log New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!) Added support for win8 and win2012 server to the RDP module Better target distribution if -M is used

Nmap 6.25 released with 85 new NSE scripts

Nmap 6.25 released with 85 new NSE scripts
December 03, 2012Mohit Kumar
After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 . It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Updates: integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissio

Secunia launches Secunia Vulnerability Intelligence Manager 4.0

Secunia launches Secunia Vulnerability Intelligence Manager 4.0
October 30, 2012Mohit Kumar
78% of vulnerabilities are found in third-party programs. Security teams cannot monitor all of them manually or determine which ones are critical to their organization. Secunia, the leading provider of IT security solutions that enables businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the new version of Secunia's Vulnerability Intelligence Manager, the VIM 4.0. The Secunia VIM 4.0 is the latest evolutionary step in the technology Secunia has developed to help organizations handle vulnerabilities and protect business critical information and assets against potential attacks. Because it covers more than 40,000 software systems and applications, the VIM 4.0 solution provides the most comprehensive intelligence about software vulnerabilities available to organizations, ensuring that all security threats can be dealt with before the IT infrastructure is compromised by cybercriminals . "  We're very happy with

Patriot Hacker 'The Jester' list his all time favorite Open Source Intelligence toolset

Patriot Hacker 'The Jester' list his all time favorite Open Source Intelligence toolset
October 26, 2012Mohit Kumar
Most of the readers have question in mind that, How hackers know everything about their target ? How to DOX (finding personal information) someone ? So answer is --  Open Source Intelligence (OSINT). A Patriot Hacker ' The Jester ' (or "th3j35t3r") who made his name after harassing Anonymous activist group, disrupting WikiLeaks and stalking "jihadist" sites has finally list his all time favorite Open Source Intelligence (OSINT) toolset. Open Source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence. Hacker posted list of some free available tools on his blog , includes Maltego, Creepy, Spokeo, CaseFile, FoxOne Scanner (Jester's Edition). OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense, as " produced from publicly available information that is coll
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.