Penetration testing and Ethical hacking can be done by manually and automatically, both manual and automatic vulnerability scanning and hacking has their own importance like automatic process save time while manual hacking can find more vulnerabilities and so on. There are so many tools and techniques has been discussed before but in this article I will share a wonderful script written by phillips321 that can make the job of information gathering and enumeration easy.
Archive for March 2012
VirtualBox is of course the most suitable virtualization solution to run BackTrack. Unfortunately, with this latest version of BackTrack, the VirtualBox Guest Additions cannot be installed on a fresh new install. Fortunately after some modifications, everything can be fixed to compile these additions for the 3.2.6 Linux Kernel of BackTrack 5 R2.
Bugtraq system offers the most comprehensive distribution, optimal, stable and automatic security to date. Bugtraq is a distribution based on the 2.6.38 kernel has a wide range of penetration and forensic tools. Bugtraq can be installed from a Live DVD or USB drive, the distribution is customized to the last package, configured and updated the kernel. The kernel has been patched for better performance to recognize a variety of hardware, including wireless injection patches pentesting that other distributions do not recognize.
Spy software's (Keylogger, RAT) are the programs that has an ability to monitor a computer and to make log files for every activities, some keylogger works remotely and they can send the log files via email or FTP. There are so many keyloggers are available on the Internet and the usage of keyloggers depends on the need and requirement. Since we does not encourage the wrong usage of technology and in this article we will review some best keyloggers but the aim is not to hack someone via keylogger but the aim is to monitor the child's and employee.
Rouge access point or a fake access point is the real threat for WiFi users, Airsnarf - Rogue Access Point and Karmetasploit- Backtrack 5 Tutorial has been discussed before and in this article I will a wonder tutorial from a wonderful that discuss how to create a fake access point on backtrack 5. There are a lot of Tutorials and Scripts for setting up a Fake AP, The “Gerix” tool also have an option to auto set a Fake AP (for some reason this tool never worked for me).
Wordpress is one of the best and most popular content management system (CMS), since wordpress is famous and open source that is why hackers usually target wordpress software's and the websites / blogs that are using wordpress. Hackers normally use an innocent blogs for their bad purposes like malware spreading, phishing and other attack so it is always good to secure your website before a hacker exploit it.
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole features and tutorial has been discussed before but the new version of Mole (v3.0) has been released and available to download.