Information You Should Know About OLX.IN

OLX.IN is a no cost on the internet ad web page,if you don't know what categorized web page indicates then generally it is a web page which details different ads according to groups.And whose ads if you ask,then the web page details ads of individuals,people like you and me who want to offer their factors on the internet without any stress.So if you have a mobile phone,laptop or almost anything that you want to offer,just sign-up with OLX India and get your item detailed ,you will most probably discover some one fascinated there.

The organization is designed to make dealing procedure as easy as possible so all you have to do is sign-up with them,while applying you will be requested to choose your condition.And once authorized you can make your no cost record by hitting “Post A Free Ad”,this requires you to new web page where you have to provide details about the item that you are trying to offer and publish images and you are done.Just this individual phase and your item will be detailed.Although it is not necessary to publish images of the item you are record for offer but it is recommended to do so because individuals will be more enthusiastic about items with images.Furthermore OLX.IN does come with functions which will help make your record a achievements,the functions are as follow:

• It allows you to easily design rich colorful ads with pictures and videos
• You can control your selling, buying, and community activity in My OLX
• You would be able to display your ads on your social networking profile (Facebook, Myspace, …)
• Mobile ready:allows you to access the site from your mobile phone
• The main thing is that if you don’t know English then you can switch to any other language you want.

Have a Question That OLX.IN Is a Trusatable Company ?
Definitely yes. If you are an Indian internet users who don’t believe in local companies when it comes to anything online then you would be relieved to know that OLX.IN is not a local Indian company, in fact OLX was created in Argentina in 2006 and at present OLX deals with more than 96 countries.

So, OLX is the best place to buy and sell things easily in INDIA

`
OLX.IN ADS

OLX.IN offers very interesting ADS which force the buyer to Buy things. Most of us have seen many Advertisements on TV which look somewhat Different Than any other TV Advertisements.

With the institutional campaign “Where Buyers Meet Sellers” OLX.In has been rigorously showing ads on TV in India since 2011.Their TV Ad campaigns are funny and normally depicts how people are willing to sell almost anything if they get a right price for it on OLX.IN. Below is a funny ad for you,hope you enjoy it 

 

 

Read More

Cloudy with a chance of phone calls !

It’s not every day that you can report savings thanks to a cloud, but that’s exactly what’s possible if you look into various new phone systems technologies for your workplace.

One of the most popular methods of making savings on existing phone systems is by reducing revenue costs on multiple analogue exchange lines and replacing this requirement with a single data link into each office that requires telephony.

How to use just digital links

Within the UK, many businesses and public sector organizations such as schools and hospitals run on archaic equipment that is dependent on analogue copper lines into the building. One of the main reasons why so many organizations still use these analogue phone systems is due to their reliability; however, many analogue phone switches are now finally approaching their end of life, and a lot of organizations are being forced into looking for alternatives.

Phone systems providers such as Siemens Enterprise Communications, Meridian and Mitel have all produced PABXs, Hi-Paths and other analogue phone switches that used to rely on multiple analogue lines to handle high volumes of incoming calls into a single phone number.

With the introduction of multi-channel fibre ISDN lines, the associated high revenue costs can now be safely reduced by replacing 30 analogue lines with a single fiber line instead.

What system is best placed to use a digital link?

Whilst existing analogue phone switches can be upgraded to accept incoming multi-channel ISDN connections, with the support of these switches approaching their expiration (2017 for Siemens PABX switches) and the reliability of the systems also being called into question, an IP based phone system is clearly the way to go.

So how can you make use of the cloud?

Firstly, for those that don’t know, the cloud is a term used for something which is stored online. Cloud based technologies can be lent to anything related to IT – not just phone systems – and all have a common theme, data/services aren’t stored in your local office, but are accessed online, via an internet connection and therefore, a data link.

Once you’ve decommissioned those thousands of pounds worth of analogue phone lines, you’ll have plenty of spare revenue to invest in IPT Telephony systems capable of contacting cloud based services such as virtual operators, call recording, voice mail facilities, call usage stats etc.

Whilst the majority of IPT technologies rely on a locally based phone switch for many of the aforementioned functions, the cloud can save you money by effectively leasing these services over your data link.

Image Source: http://www.flickr.com/photos/sdasmarchives/7316444746/sizes/z/in/photostream/

Read More

DiyWeb Admin Bypass and Remote file/shell Upload exploit

Hi Guys, hope you are well. so we are back on our Old topic after a long time ! enjoy new exploit and please share your views and share our Links on Facebook,twitter etc. Thanks !
so Now turn to work. our new exploit is DiyWeb admin bypass, in this vulnerability we can upload our shell, deface pages, and files by bypassing admin login panel.
Exploit title : DiyWeb Admin Bypass and & file Upload exploit
Discovered By : NoentryPhc
Sever : windows
Type : web application
Shell extention : .asp

Dork : "Power by DiyWeb" 
            inurl:/template.asp?menuid=
Poc : diyweb/menu/admin/image_manager.asp
This exploit's almost all vulnerable websites are Malaysiyan.
To upload your files Goto : http://www.website.com/diyweb/menu/admin/image_manager.asp
and upload your shell/deface there !
if .php extention is not allowed then your can try tamper data and live http headers
to acess your file goto : http://www.website.com/Images/yourfilehere and sometimes you have to find your manually on websites
Live Demo : 
http://otgmalaysia.com/diyweb/menu/admin/image_manager.asp
http://www.famosapadu.com.my/diyweb/menu/admin/image_manager.asp
find more using Google dork :) Thanks for reading. please share post on facebook and other social networks


JBOSS Exploitation:
http://resources.infosecinstitute.com/jboss-exploitation/
EC-Council Certification:
http://www.infosecinstitute.com/certifications/ec-council.html#ceh

Read More

Free Download "MANNU php Symlink shell" with Graphical User Interface

MANNU Shell is GUI based symlink php shell  .
download  shell from this link
 http://www.mediafire.com/?dfn61sm88n1ve1q
Download v 2.0 (password Protected)
http://www.mediafire.com/?6t7np02j7g30hc4

• username team
• password indishell

This script basically contains following functions
1.generates php.ini file :-
 it is to create php.ini file which help us to enable the disabled functions so that we can execute commands

2.Symlink the ROOT directory :-
  This option symlink the "/" directory (root directory) and gives the hyperlink to that directory where symlink has done
3.cms based symlink:-
  This option provides us the direct link of cms like joomla,wordpress
or you can get public_html diectory hyperlink just by providing website username(once we have done with second option)
4.website and username :-
 This function list the website hosted on server with their usernames.
5.username function :-
  in case /etc/named.conf has no read permission to list the server website
  just provide website name and press enter to get the username of the website

6.command execution :-
   you can run commands from this input box

first of all click on "generate php.ini" hyperlink (to enable all the functions on server) and the shell will show
hyperlink which we need to open in new tab and this process will enable the disabled function
and second step is to click on "symlink the root folder" hyperlink to check is server is vulnerable to symlink
when we will click on this option , shell will show hyperlink to "root" directory symlink
open it in new new tab,if we dont get 404 error, means symlink has been done
now you can use third and sixth option.

Read More

How to fix the iPad/iPhone Game Center or In-App Purchase Sandbox problem (This is not a Test User account error)

If you jailbreak your iPad or iPhone (like the latest iOS5.1.1), when you do in-app purchases (like subscribe or restore the purchase of the National Geographic Kids), you may get an annoying error message:


This is not a Test User account.
Please create a new account in the Sandbox environment. [Environment: Sandbox]

Then the purchase will fail.
Game Center also has Sandbox problem. Once you log in using your Game Center account, you will see a red "Sandbox" label on top of the Me icon in Game Center. Once this red "Sanbox" label appears, all your Game Center friends are gone. For example, you can no longer visit your friends in the popular Dragonvale game.

After searching the Internet and tried many different ways to fix, finally I found a way which completely fix the problem. Following is the the detail steps:

1. After the jailbreak, a app called Cyndia should already installed on your iPad or iPhone.

2. Open Cyndia, select "Sources" tab, click on Edit button at top-right corner and then click the Add button at top-left corner. Add the following resource:

http://sinfuliphonerepo.com/

3. Select "Search" tab, and search "AppSync". Select the corresponding version and install. For example, if you iPad is iOS5.1.1, choose AppSync for iOS5.x+.
After install is done, you can select Restart Springboard.

4. Search "Installous" and select Installous 5 and install. After install is done, you can select Restart Springboard.

5. Restart your iPad or iPhone.

6. Try the games and application which have the Sandbox problem. The annoying Sanbox problem should been fixed.
If the problem still there, you can uninstall and re-install these games or applications and the problem should be solved.

Enjoy your Sandbox free iPad or iPhone!

As a bonus, the Installous app you installed at step 4 has lots of free apps and games.

Read More

Top 5 iPhone Applications in 2012

There are now tens of thousands of applications available for your iPhone, iPod contact and iPad, and, amazingly, many of the best are no cost. The following list features our pick of the 10 best no cost iPhone programs, and includes iPhone programs for social media, travel, news, digital photography, efficiency and more. Most of these programs are also suitable for the iPod .If you are in fine of 5 best iphone applications of 2012 then you are at right place.

 

Iphone 5 best applications of 2012

1.Facebook

The biggest online community brings a firmly perfected experience to the iPhone and iPod touch, but however still enables you to access your connections, for and other important info. This sense of focus makes it in many ways superior to using Facebook in a pc web browser.

2.Angry Bird

iPhone and iPod contact game playing -- so symbolic of iOS that even though it's not created by The apple company, even though it's on other systems now, it's still the most popular, and still one of the most fun games ever to elegance the App Shop. While the concept of slingshotting variously operated birds at the variously created fortifications and taking variously wicked natural hogs might seem slim at first, fantastic game play and a continuous flow of up-dates keep it clean -- and consistently at or near the top of the maps. Provide it with a affair... and get ready to get rid of many an time pursuing those difficult three celebrity scores.

3. Adobe Photoshop

Electronic cameras modifying, until very lately, has been a process best matched for pc and computer systems, but Adobe shown that it could be done in the cellular space with Adobe photoshop Show, a free picture modifying program for the iPhone and other iOS gadgets. It's a leader of a cellular app, and can even manage disturbance decrease. All in all, Adobe Adobe photoshop Show is a strong resource for making light picture changes on your iPhone.

4.Drop box

ropbox provides 2GB of online storage area space place, with more available as part of a signing up. It allows you to availability details stored in your Dropbox, which can be used from any PC with online access. The iPhone app increases that to your mobile phone, where you are able to perspective the most common computer file kinds. These consist of PDFs, Term information, JPEG images and even MP3 details. Some video kinds are strengthened, while others are not.

What’s more, you can discuss details on your Dropbox with other people by emailing them a weblink to your online storage area space place. For anyone operating Apple’s newest iOS 4.0, you can operate those details in other third celebration programs too.The preferred operate allows you to store details off-line – offering you have got enough place – for immediate availability when you are not linked. You need to sign-up for a no cost Dropbox account – something that can be done in the iPhone app – and, for the best experience, set up the Dropbox software on your pc.

5. Instagram

The champion of Apple's popular "best app of 2011" prize, Instagram is a large hit which has totally changed giving images via iPhone and iPad. While the frequent photographic camera on your iPhone does a reasonable job, Instagram allows spruce-up your images by implementing lots of awesome filter systems and zoom contacts results to give your images a exclusive look and feel. But what create Instagram a achievements is its giving abilities. Once you're satisfied with your retro-looking taken, it's easy to publish it and it discusses it easily with buddies. Instagram creates the whole procedure simple and smooth, providing endless submissions for iPhone customers who love to papers their day with pictures

What I say about iphone best 2012 applications-

There are many other better iphone 5 applications and many of you might like other iphone applications but we have provide you the most used and the apps which are getting best response by the iphone lovers.

What you say about iphone best 2012 applications-

It all from my point of view now you say which applications you like are you agree with me did you find above provided  apps as iphone  best 2012 applications. come up with your comments.

Read More

Apple’s Failure to Block Stolen iOS

Apple has always remained fast in removing hacked content and applications from its portal. Be it applications or internal malicious software Apple has remained on the top of its league, being the most difficult to penetrate into and so it’s quite interesting to view Apple’s constant efforts in trying to remove an application that lets Apple users to download applications and its content free of cost rather than paying for it.

Unlike Android and Windows software Apple is difficult to hack into. Android users download paid applications from internet portals such as 4shared and File Crop but that didn’t work for Apple users as Apple’s security remained stable but that statement is a little off-track now as Apple’s jumped into the league of un-paid application download as well. Although Apple’s security caretakers are trying their utmost to remove this hack they’re failing miserably and the service is operating perfectly with its creators enjoying the prospective behind the wall.

Internal Apple employees have said that this application relies on a custom DNS server that catches requests from iOS devices. All the packet data intercepted from those purchases are then copied and that’s how applications are provided to users free of cost. Although Apple security providers tried to take measures in stabilizing this by blocking the server IP the measure failed. There is also a YouTube video that gives Apple’s users instructions about the hack and how it use to benefit your situation but Apple has claimed a copyright claim and since then the video has been removed from YouTube.

These situations might be amusing and beneficial for iOS users but for Apple it’s an internal disaster. According to Apple’s internal resources the Apple App Store has been used to download app-content more than 30,000 times the usual and this is quite a problem.

Although Apple has discovered the mind behind this hack as a Russian programmer known as Alexey V. Borodin, more commonly known as ZonD80 but they still haven’t been able to do much about it. Alexey Borodin is still continuing his efforts in providing iOS users with free applications and the host is still picking up whatever applications are being purchased on the App store. Apple’s security finders have even found out about the location of the DNS and say that it’s somewhere in Panama but even after their promising and serious tries they haven’t been able to back Borodin’s success down.

Apple has tried to cope up with the situation by providing a new version of the iOS known as the beta 3 but again this hasn’t helped cope up the situations with ZonD80’s amusing creation. Borodin has pushed himself a bit too far, he’s amused himself by providing a certain terms of service for the hack by saying that any possible damages won’t be accountable and the service doesn’t have a warranty time so user’s are supposed to use it on their charge and their responsibility.

Apple’s users are amused by this creation, this “new” App Store asks iOS user’s for their App Store passwords but they’re indulged to provide a completely random and fake one. According to Borodin this store is for everyone, free of cost.

The traffic on Borodin’s service is quite heavy with users pooling from everywhere to access their favorite applications free of cost. Although the service might run a little slow due to the intense load on the server Borodin wishes for money to buy a new machine with more bandwidth. His comical statements might be amusing for iOS users who are bundling their tablets and smart-phones with free applications, the internal employees of Apple are spending sleepless nights.

Author Bio:Stella Rebecca's major effort has revolved around latest gadgets. Recently she's been playing with the many Track Blackberry that are diverting the interest of the new generation. Readers can find out more about what's most recent and happening in the Blackberry Tracking Software world..

Read More

How To Install Android 4.0 VirtualBox

The mobile smartphone and tablet industry seems to have a very prominent divide, with a lot of consumers having their favorite operating system and choosing to stick to hardware which is powered by their chosen OS. Obviously fans of Apple’s iOS use the iPhone and iPad devices, whereas Android lovers have a wide range of hardware to choose from due to the fact that the OS is available to multiple manufacturers.But what happens if you are a die hard fan of iOS, or Windows Phone but you still want to sample the delights that Android Ice Cream Sandwich has to offer? I personally am an iPhone user for the last five years and will continue to be for the foreseeable future. But after recently getting my first taste of Android, I am severely tempted to shell out for a second device so I can have the benefits that both provide. For those that can’t, or won’t, purchase a second device then why not run Android 4.0 in virtualization on your desktop or laptop in order to see the Ice Cream Sandwich experience first hand? Android 4.0 is an operating system in its own right, but instead of running on a dual boot setup, we install and run ICS within a free of charge virtualization application known as VirtualBox. VirtualBox runs like any other application or program on your machine, but offers the benefits of being able to install a secondary OS within it which can be invoked quickly by the user. For all those die hard iOS and Windows Phone fans out there, this is a perfect way to experience the delights of Android.

Are you ready for a whirlwind journey down Ice Cream Sandwich lane? Buckle in and follow the simple steps below.

Step 1: Head over to the official Oracle VM VirtualBox site and download the relevant VirtualBox binary for your computers operating system (Windows/Mac OS X/Linux/Solaris).

Step 2: Find the saved location of the downloaded VirtualBox binary and install as you would with any other native application making sure to follow all on screen prompts and instructions.

Step 3: Head on over to the VMLite website and download a copy of the Ice Cream Sandwich which has been preconfigured for virtualization and features seamless mouse support for navigation. The download weighs in at 88MB in size so may take a while to download depending on your connection.

Step 4: Locate the downloaded ‘Android-v4.7z‘ file and extract the contents from within.

Step 5: Once the Android-v4.7z file has been opened, locate a file from within the archive called ‘Android-v4.vbox‘ which as you can tell by the file extension is a pre configured VirtualBox file.

Step 6: Double click on the Android-v4.vbox file which will load the VirtualBox application and boot up the ICS file.

Step 7: When the boot menu is presented in VirtualBox, press ‘start‘ on the top toolbar and then if required select the ‘Android Startup from /dev/sda‘ option.

Step 8: All steps are complete. Android 4.0 ICS should now be booting up allowing you to enjoy that Android goodness.

Windows and Linux users may find that an alternative, specific version Android 4.0 may be required, which can be found by visting the Android-x86 page. The performance of the Android ICS virtual installation will obviously not be as smooth as intended on an actual device built for purpose, but it does give a feel of the OS with apps being able to launch as well as widget customization.

Read More

ACUNETIX WEB VULNERABILITY SCANNER VERSION 8 + PATCH (CRACK) FULL

Worlds best and most popular Vulnerability scanner full version download


Features At a Glance :- 
* Manipulation of inputs from URLs:
Acunetix WVS can automatically identify URL parameters and manipulate them to detect vulnerabilities. This technology is not present in any other competing vulnerability scanner.
Replace manual intervention with scanner intelligence
* Automatic custom 404 error page identification:
Acunetix WVS 8 can automatically determine if a custom error page is in use, and recognizes it without needing any recognition patterns to be configured before the scan.
Interpret IIS 7 rewrite rules automatically
Using the web application’s web.config file, WVS 8 can automatically interpret rewrite rules without requiring any manual input.
Fix vulnerabilities while locking hackers out
* Imperva Web Application Firewall integration:
An exciting co-operation between Imperva and Acunetix; WVS 8 scan results can be imported into an Imperva Web Application Firewall and interpreted automatically as firewall rules.
Use WVS 8 as a true security scanning workhorse
* Multiple instance support:
Acunetix WVS 8 can be relaunched as multiple instances on the same machine, allowing the user to scan multiple websites enabling further support for multi-user scenarios on the same server/workstation.
Re-scan without re-configuring
* Scan settings templates:
WVS 8 can save the settings for the scan of a specific application as a template, making it quick and easy to recall those exact settings for the same application each time it is scanned. This is particularly useful when auditing multiple sites, enabling the user to load the template for each site instead of re-configuring everything manually.
Launch a scan quicker than before
* Simplified Scan Wizard:
In addition to the introduction of Scan Settings Templates and automatic custom 404 error page recognition, the Scan Wizard contains far less options so it’s much easier and quicker to kick off a scan.
Access your results from anywhere and everywhere
* Web-based scheduler:
Accessible via a web interface, the new Scheduler allows administrators to download scan results from any workstation, laptop, or smartphone. The new Scheduler will automatically launch another instance of WVS when multiple web scans are due, preventing multiple processes from depending on the resources of one WVS instance, and thereby allowing scans to complete in less time.
Identify threats unseen by other black-box scanners
* New HTTP Parameter Pollution vulnerability class:
At the time of writing, Acunetix WVS 8 is the only scanner that tests for this security vulnerability.
Ensure complex scans will complete automatically and successfully
* Smart memory management:
The following settings have been added to optimise scanning efficiency:
Define number of files per directory
Limit number of subdirectories per website
Assign Crawler memory limit
Other New Features:-
Real time Crawler status (number of crawled files, inputs discovered, etc.)
Support for custom HTTP headers in automated scans
Configurable log file retention
Detailed Crawler coverage report
Scan status included in report


Steps to get full version of Acunetix web scanner v8 for free
At First got to this link and download acunetix scanner
ID: acunetixwvsfullv8
Password: nFu834!29bg_S2q
Then install it and Open patch and click on patch


Now open Acunetix you will be asked for some details
Enter below details
License Key: 2e3b81463d2s56ae60dwe77fd54f7d60
Name: Hmily/[LCG]
ComPany: Www.52PoJie.Cn
Email: Hmily@Acunetix.com
Telephone: 110


Download PATCH (CRACK)

Mirror

Mirror

Read More

DPScan Drupal Security Scanner

The First Security scanner for Drupal CMS has been released by Ali Elouafiq, on his Blog. His team develop a tool that will enumerate at least the modules used by Drupal so we can simulate a White Box audit on our private machines.


This small tool is public and accessible to you for use however you please. It may help other auditors or penetration testers do their job faster, Here is a little demonstration. After downloading the script (in python), you simply type:
> python DPScan.py [website url]


Download Drupal Security Scanner 

Read More

BFT- Browser forensic tool

This software is an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually Internet Explorer, Google Chrome, Mozilla FireFox and Opera.
The program will attempt to find the keyword(s) in the history title and search, if the keyword is present or suspected to be, it will be display in the result list with his URL and Title.
The software also give you the possibility to edit the default keywords and of course add / modify your own keywords, to separate keywords subject you can create your own keywords categories and only scan for some keywords in the chosen category .
The program is fully asynchronous so it won't affect your work during the scan time nor it will block the customization of keywords and keylist and can be canceled at anytime.
Notice that this software will in any case alter the data, it will just open in read only and in background all history even if archived.
This software was coded by DarkCoderSc (Jean-Pierre LESUEUR) using Delphi XE (Object Pascal IDE) and is fully FREE. Feel free to contact me for giving a feedback and report bugs or suggestions. 

Download

Read More

DarkComet RAT 5.3 Final

The final version of DarkComet RAT 5.3 is out, and don't worry guy's it still the beginning of this 4 years project (already), DarkCoderSc have a lot of ideas / works to implement to this project for his next versions/ generations also i'm still working in a lite version even if in this version you already can lift functions you don't wan't to use using a new functionality in client settings.
Also VertexNet is not dead, it should rebirth soon as i have more free time and some other big projects to finalize, VertexNet will be totally recoded and of course Linked to the DarkComet RAT.
[Change for 5.3.1 FIX 1]
- New action added in FTP Client, you can copy to clipboard the link of a file (useful for file downloader (URL))
- A very huge bug was fixed for stub startup, now it works fine 
- A bug fix when using user list thumbnails

Screenshot :

[Curent Changes 5.3]
- [FIX ] HTTP Flood more efficient
- [FIX ] In settings the last theme is correctly set in the combobox
- [FIX ] Auto SIN Refresh ratio successfully saved in config.ini
- [GUI ] Client Settings GUI changed, it is now more user friendly and fit with the rest of DarkComet RAT Design
- [GUI ] EULA At startup is more beautiful
- [GUI ] No IP Gui revised
- [GUI ] User group Gui revised
- [FUNC] Search for update added in settings
- [GUI ] Keylogger GUI revised
- [FIX ] Now desktop correctly save snapshots (if option enabled)
- [DEL ] Delete in full editor (read only, archived, tempory) attributes to avoid some stub problems if used
- [FIX ] Users list flags support now Serbia Country (Republic of Serbia)
- [FIX ] VIP Lounge price and URL fixed
- [FUNC] HOT, Now you can chose wich functions you need in the control center, and not be bloated with functions you might never used. (In settings window)
- [FIX ] FTP Upload Keylogger Logs bug fixed
- [FUNC] FTP Wallet added in settings, it allow you to setup and test your FTP accounts for compatible DarkComet RAT FTP Functions
- [FUNC] FTP Wallet is now linked to the Edit Server keylogger FTP Managment
- [FUNC] Now you can upload files from file manager to one of your FTP account (compatible with the FTP Wallet)
- [FUNC] Embedded FTP Client added to DarkComet, multithread using Pure API, very fast and reliable and of course user friendly.
- [FIX ] Bug fixed when module startup enable, no more tons of process on reboot etc.. support Drag n Drop
- [FUNC] Drag And Drop added in File Manager to upload files frop explorer directly to remote computer
- [FUNC] New downloader method implemented using Pure low level API's instead of the shit URLDownloadUrlToFile bloated of crap
- [FUNC] File Downloader manager from control center been improved and bug fixed, now file are correctly downloaded, also you can chose a PATH from combobox shortcut
- [FUNC] Mass downloader from user list been improved and multithreaded, also download bug is now fixed
- [FUNC] Same as for mass downloader, update from URL bug fixed and improved

DOWNLOAD DarkComet RAT 5.3 Final

Read More

BRUTER (BINARY + SOURCE) WEB FORM/FTP/POP3/VNC/SMTP/MYSQL/IMAP/HTTP CRACKER

Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.
Here Home Page: http://worawita.sourceforge.net/



Download

Read More

Acunetix Web Vulnerability Scanner 8 BETA

As the BETA program for Acunetix Web Vulnerability Scanner 8 keeps gaining momentum, all the great feedback received from our BETA participants has helped us achieve the BETA 2 milestone. This brings a significant number of improvements to WVS 8, including new usability features, component enhancements, and a series of bug-fixes.


WVS 8 BETA 2 Change Log
The following updates have been included in the BETA 2 build of WVS 8:


Featured Improvements
Additional .NET AcuSensor support for .NET versions 3, 3.5, 4
Improved blind SQL injection timing tests for PostgreSQL
Improved blind SQL injection timing tests for request-timeout situations
Logs are now flushed to the log-file every 10 seconds when running in console mode
Scheduler feature: notification bar appears if the connection with the server is lost
Bug Fixes
Crash (runtime passive analysis) when “Disable Crawler Aerts” option is enabled
Problem with logging of HTTP_Anomalies when running multiple instances
Problem with writing to temp folder when running multiple instances
Issue with saving application logs to an invalid folder when running the Scheduler
Crash when multiple instances of WVS try to detect custom 404 error-page patterns
Scan does not resume correctly when the Scheduler automatically resumes a scan
Issue with retest functionality for web application scripts
Proxy crash, commonly when the process is already executing
Settings in use by another instance cannot be saved as a Scan Settings Template
Reporter crash when the text in the alert details is too long
Periodical vulnerability reports show incorrect publishing date
Database ID allocation is now synchronized between multiple WVS instances
Scan results cannot be download from the Scheduler since Internet Explorer 7 cache is not used
HTML report format is missing from the Scheduler web interface
Installer assigns full permissions to the license file (non-admin users receive an error when scanning)
Fixed the Scheduler’s Add Scan dialog on Internet Explorer 9
Errors related to a browser-tab do not appear if a different tab is being viewed
Malfunction with some Advanced Penetration testing tools when used through a proxy server
XSS tests are no longer case-sensitive
Scheduler returns invalid error message when connecting to password-protected applications
Scheduler not scanning password-protected applications
Crash with AcuSensor for .NET
False positives are saved for each user instead of globally
Changes to application settings not synchronized across multiple instances
Typos in UI
Reporter RTF-export malfunction
Reporter sets incorrect filename for exported and saved reports
Text wrap working inconsistently across reports

The Acunetix WVS Version 8 user manual is available in PDF Format and also in HTML Format.


Download Acunetix WVS Version 8 BETA

Read More

CAINE 2.5.1 (SuperNova) A GNU/Linux Live Distribution

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics 
Currently the project manager is Nanni Bassetti. 
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
The main design objectives that CAINE aims to guarantee are the following:
an interoperable environment that supports the digital investigator during the four phases of the digital investigation
a user friendly graphical interface
a semi-automated compilation of the final report
We recommend you to read the page on the CAINE policies carefully.
CAINE represents fully the spirit of the Open Source philosophy, because the project is completely open, everyone could take the legacy of the previous developer or project manager. The distro is open source, the Windows side (Wintaylor) is open source and, the last but not the least, the distro is installable, so giving the opportunity to rebuild it in a new brand version, so giving a long life to this project ....

CHANGELOG CAINE 2.5.1 "SuperNova"
Kernel 2.6-32.35 
ADDED:
ZFS Fuse 
exFat support 
Epiphany browser 
new mounter 
new TSK (Sleuthkit)
some fixings
New NAUTILUS SCripts 
ataraw 
bloom 
fiwalk 
xnview 
NOMODESET in starting menu 
xmount 
sshfs 
Reporting by Caine Interface fixed 
xmount-gui 
nbtempo 
fileinfo 
TSK_Gui 
Raid utils e bridge utils 
SMBFS
BBT.py
------------
Widows Side:
Wintaylor updated & upgraded

RBFstab and Mounter
1) "rbfstab" is a utility that is activated during boot or when a device is plugged.  It writes read-only entries to /etc/fstab so devices are safely mounted for forensic imaging/examination.  It is self installing with 'rbfstab -i' and can be disabled with 'rbfstab -r'.  It contains many improvements over past rebuildfstab incarnations.  Rebuildfstab is a traditional means for read-only mounting in forensics-orient distributions.
2) "mounter" is a GUI mounting tool that sits in the system tray.  Left clicking the system tray drive icon activates a window where the user can select devices to mount or un-mount.  With rbfstab activated, all devices, except those with volume label "RBFSTAB", are mounted read-only.  Mounting of block devices in Nautilus (file browser) is not possible for a normal user with rbfstab activated making mounter a consistent interface for users.
by John Lehr 
Live Preview Nautilus Scripts

CAINE includes scripts activated within the Nautilus web browser designed to make examination of allocated files simple. Currently, the scripts can render many databases, internet histories, Windows registries, deleted files, and extract EXIF data to text files for easy examination. The Quick View tool automates this process by determining the file type and rendering with the appropriate tool. 
The live preview Nautilus scripts also provide easy access to administrative functions, such as making an attached device writeable, dropping to the shell, or opening a Nautilus window with administrator privileges. The "Save as Evidence" script will write the selected file(s) to an "Evidence" folder on the desktop and create a text report about the file containing file metadata and an investigator comment, if desired. 
A unique script, "Identify iPod Owner", is included in the toolset. This script will detect an attached and mounted iPod Device, display metadata about the device (current username, device serial number, etc.). The investigator has the option to search allocated media files and unallocated space for iTunes user information present in media purchased through the Apple iTunes store, i.e., Real Name and email address. 
The live preview scripts are a work in progress. Many more scripts are possible as are improvements to the existing scripts. The CAINE developers welcome feature requests, bug reports, and critiques. 
The preview scripts were born of a desire to make evidence extraction simple for any investigator with basic computer skills. They allow the investigator to get basic evidence to support the investigation without the need of advanced computer forensics training or waiting upon a computer forensics lab. Computer forensics labs can used the scripts for device triage and the remainder of the CAINE toolset for a full forensic examination! 
John Lehr
-------------
CASPER PATCH
The patch changes the way how Casper searches for the boot media. By default, Casper will look at hard disk drives, CD/DVD-drives and some other devices while booting the system (during the stage when system tries to find the boot media with correct root file system image on it - because common bootloaders do not pass any data about media used for booting to an operating system in Live CD configurations). Our patch is implemented for CD/DVD versions of CAINE and enables CD/DVD-only checks in Casper. This solves the bug when Casper would select and boot fake root file system images on evidentiary media (hard disk drives, etc). ------------
Suhanov Maxim


DOWNLOAD CAINE 2.5.1 - SUPERNOVA

Read More