[Ghost Phisher Tool] Fake DNS Server, Fake DHCP Server and Fake HTTP server

Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honeypot, could be used to service DHCP request … Continue reading [Ghost Phisher Tool] Fake DNS Server, Fake DHCP Server and Fake HTTP server

[MASTIFF2HTML] Static Analysis Framework Results Viewer

MASTIFF2HTML is a python program that is used to create a GUI results interface in HTML from MASTIFF results. Download the python program at:http://adf.ly/1462hTMASTIFF is an automated static malware analysis framework.Learn more about MASTIFF at:http://www.tekdefense.com/news/2013/2/22/tektip-ep23-mastiff-with-a-splash-of-maltrieve.html

[Zeus] Registry Analysis Using Volatility Framework

How to analysis a registry from the memory using Volatility Framework.In this video I’m using Zeus Memory for registry analysis, and l will show F-secure top10 malware registry launchpoints. Not all but some of themDownload Zeus Memory : http://malwarecookbook.googlecode.com/svn-history/r26/trunk/17/1/zeus.vmem.zipMost trojans, worms, backdoors, and such make sure they will be run after a reboot by introducing autorun … Continue reading [Zeus] Registry Analysis Using Volatility Framework

[OWASP HTTP Post Tool] DoS Apache Webserver Attack

This Tutorials shows, how you can easily take out an Apache Webserver with one HTTP POST Tool using a std. slow DSL Connection.This is NO Slowloris Attack!Limitations of HTTP GET DDOS attack:- Does not work on IIS web servers or webservers with timeout limits for HTTP headers.- Easily defensible using popular load balancers,such as F5 … Continue reading [OWASP HTTP Post Tool] DoS Apache Webserver Attack

[Knock] Subdomain Scanner

Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. For more information I have posted a documentation page. If you want to see how it works, you can see this sample output: Simple Scan Zone Transfer Scan Wildcard Bypass New: Knock is now … Continue reading [Knock] Subdomain Scanner

[BeEF] Fake Browser Update Exploitation

How to use BeEF Framework for fake browser update exploitation.Fake Browser Update : - In BeEF Framework there is a new feature available in social-engineering called Clippy using this feature we are sending the fake Update notification and if user click on that so obviously he is going to install that exe and other side … Continue reading [BeEF] Fake Browser Update Exploitation