This blog post lists the top 5 hacking tools to hack websites and web applications. BurpSuite, Havij etc. • Demonstration of various hacking tools used against web applications. Using Components with Known Vulnerabilities A10: Unvalidated Redirects and Forwards.
Category: - - - - - - - - - - - Class: - - - Operating System: - - - - - - - - A flash hacking alternative to variable editing and cheat engine, you can change values saved by the game in a “.sol” file. You will find the.SOL files in x: Documents and Settings [account-name] Application Data Macromedia Flash Player #SharedObjects followed by the name of the website. If the game was running from your computer, the.SOL will be in the “localhost” folder. Replace ‘x’ with your main drive, the one with your OS, and the account-name with the currently logged in user.
ARP cache poisoning tool written python using the Scapy packet library. Can poison using either ARP requests or ARP replies. It can also flood ARP tables and has a quick command for enabling ip-forwarding. Can scan an entire network and tell you at a glance what IP addresses are available and which are taken. It also beeps! Colasoft Packet Builder enables creating custom network packets; users can use this tool to check their network protection against attacks and intruders. Colasoft Packet Builder includes a very powerful editing feature.
Besides common HEX editing raw data, it features a Decoding Editor allowing users to edit specific protocol field values much easier. Users are also able to edit decoding information in two editors - Decode Editor and Hex Editor. Users can select one from the provided templates Ethernet Packet, ARP Packet, IP Packet, TCP Packet and UDP Packet, and change the parameters in the decoder editor, hexadecimal editor or ASCII editor to create a packet. Any changes will be immediately displayed in the other two windows. In addition to building packets, Colasoft Packet Builder also supports saving packets to packet files and sending packets to network. Simple security audit / Penetration test tool. This toolbar will help you in testing sql injections, XSS holes and site security.
A Hex Editor, Disassembler and Template Creator/Editor. Kon-Boot is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! The Spirit Molecule Ebook. Easy to use and excellent for tech repairs, data recovery and security audits. Live Hacking CD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification.
Based on Ubuntu this ‘Live CD” runs directly from the CD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. Multi-Protocol Brute forcing utility. Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields.
Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio.NET. Nmap ('Network Mapper') is a free and open source (license) utility for network exploration or security auditing.
Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Dawn Of War 2 Cheat Engine. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available. A Windows or other OS'es such as Mac or Linux hacking utility for hacking logon passwords.
Process Hacker is a tool for viewing and manipulating processes and their threads, modules, memory and handles, and viewing and editing services. It can also read/write process memory and search through process memory using literal bytes or regular expressions.
It can view the command line and current directory of a process, view/edit its DEP status, and even DRM-protect and unprotect it. It can run programs as another user or as SYSTEM, LOCAL SERVICE or NETWORK SERVICE if you have administator privileges.
This is achieved using a helper program which is installed as a system service (similar to PsExec). It loads symbols from various libraries automatically and uses them when displaying the call stacks of threads (just like Process Explorer). It also has a disassembler derived from OllyDbg's which can be accessed when viewing PE files' exports. It can bypass most kernel-mode hooks and user-mode hooks on ZwOpenProcess, ZwOpenThread and ZwOpenProcessToken. The Basics of Penetration Testing: PDF Web Application Attack and Audit Framework. W3af is a great piece of software designed for testing web applications. Written in Python.