2010年4月13日
admin 3,275 views
From:http://hi.baidu.com/0×255
老外整理的渗透测试工具
Packet Shaper:
Nemesis: a command line packet shaper
Packit: The Packet Toolkit – A network packet shaper.
Hping by Antirez: a command line TCP/IP packet shaper
Sing: stands for ‘Send ICMP Nasty Garbage’; sends fully customizeable ICMP packets
Scapy: a new python-based packet generator
Password Cracker/Login Hacker:
John the Ripper: a well-known password cracker for Windows and *nix Systems
Djohn: a distributed password cracker based on “John the Ripper”
Cain & Abel: an advanced password recovery tool for windows systems. It sniffs the network packets an cracks authentication brute-force or with dictionary attacks.
Project RainbowCrack: Advanced instant NT password cracker
Rainbowtables: The shmoo group provides pre-generated rainbow tables for bittorrent download. The tables are generated with RainbowCrack (see above).
Windows NT password recovery tool by Peter Nordahl
THC-Dialup Login Hacker by THC. It tries to guess username and password against the modem carrier. As far as I know the only available dialup password guesser for *NIX.
Hydra by THC: a multi-protocol login hacker. Hydra is also integrated with Nessus.
Medusa: parallel network login auditor
THC imap bruter: a very fast imap password brute forcer
阅读全文…
2010年3月30日
xion 7,576 views
来源:milw0rm.com
######
Info
######
Title : The Art of Grey-Box Attack
Author : ZeQ3uL (Prathan Phongthiproek)
JabAv0C (Wiswat Aswamenakul)
Team : CWH Underground [www.milw0rm.com/author/1456]
Website : cwh.citec.us / www.citec.us
Date : 2009-07-04
##########
Contents
##########
[0x00] – Introduction
[0x01] – The Art of Microsoft Windows Attack
[0x01a] – Scanning & Enumeration
[0x01b] – Gaining Access
[0x01c] – Escalating Privilege
[0x02] – The Art of Unix/Linux Attack
[0x02a] – Scanning & Enumeration
[0x02b] – Gaining Access
[0x02c] – Escalating Privilege
[0x03] – Metasploit Ninja-Autopwned
[0x03a] – Nmap+Metasploit Autopwned
[0x03b] – Nessus+Metasploit Autopwned
[0x04] – Client-Side Attack with Metasploit
[0x04a] – Metasploit Payload Generator
[0x04b] – MS-Office Macro Ownage
[0x04c] – AdobeReader PDF Ownage
[0x05] – References
[0x06] – Greetz To
阅读全文…
2010年3月28日
admin 7,039 views
来源:http://hi.baidu.com/p3rlish/blog/item/f54f4c097a907f8ad1581b0b.html
All in one: pentest under metasploit
2009-06-02 00:27
作为一个知名的渗透测试框架,metasploit集成了几乎所有的入侵渗透工具,其强大的功能让人叹为观止。慢慢的发掘,你会喜欢上他的
今天我要给大家演示的就是如何在metasploit做入侵渗透测试,从基本的信息收集,到入侵,到内部渗透,所有的这一切都在metasploit中完成。首先我们更新metasploit到最新版本
root@ubuntu:/pentest/exploits/framework3# svn update
A modules/exploits/windows/browser/ibmegath_getxmlvalue.rb
版本6609。 已经是最新版本,启动framewokr3
root@ubuntu:/pentest/exploits/framework3# ./msfconsole
| | _) |
__ `__ \ _ \ __| _` | __| __ \ | _ \ | __|
| | | __/ | ( |\__ \ | | | ( | | |
_| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__|
_|
=[ msf v3.3-dev
+ — –=[ 376 exploits – 234 payloads
+ — –=[ 20 encoders – 7 nops
=[ 153 aux
msf >
确定目标之后,首先我们要收集信息,比如DNS查询,服务器类型查询,端口开放信息查询,我们进行如下操作,至于为何这样,后面再做解释
阅读全文…
2010年3月4日
root 1,453 views
Author: jianxin [80sec]
EMail: jianxin#80sec.com
Site: http://www.80sec.com
Date: 2008-12-24
From: http://www.80sec.com/release/xss-how-to-root.txt
[ 目录 ]
0×00 前言
0×01 xss渗透测试基本思路
0×02 一次黑盒的xss渗透测试
0×03 一次白盒的xss渗透测试
0×04 总结
0×00 前言
在web蓬勃发展的今天,xss毫无疑问已经变成最“流行”的漏洞,我曾经在安全公司的渗透测试报告里看到列为数十的高危xss漏洞,也看到越来越 多的安 全研究人员将目标投向xss攻击,发现100个甚至1000个之上的xss。 阅读全文…