Tuesday 2 July 2013

Topera- The IPv6 port scanner invisible to Snort IDS.



Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools (Juniper or Checkpoint ones) use it as detection engine also. Mocking snort detection capabilities could suppose a high risk in some cases. Fixed some bugs: - Get local IPv6 address - Get local ethernet interface - sniffer packet counter - Some minor fixesYou can see an example of execution of Topera in link below demo  video.Download Topera IPv6 port scanner.

LIST OF BUG BOUNTY PROGRAMS/ HALL OF FAME PAYING SITES

LIST OF BUG BOUNTY PROGRAMS

Bug Bounty Program a well known topic is on the heat these days, known companies like: google, Facebook, Mozilla are paying for finding a vulnerabilities on their web servers, products, services or some associated applications. Here is a list for all the Security Researchers and Bug Hunters to target all the best :)

Bug Bounty Websites for Web Application Vulnerability

Mozilla
security@mozilla.org 
http://www.mozilla.org/security
http://www.mozilla.org/projects/security/security-bugs-policy.html
http://www.mozilla.org/security/announce

Google
security@google.com 
https://www.google.com/appserve/security-bugs/new?rl=xkp7zert49a5q6owod28bhr2

Friday 5 October 2012

Backtrack Wireless: Packet Sniffing and Injecting


Packet Sniffing and Packet Injecting

WLAN Frames:
  1. Management frames: Management frames are responsible for maintaining
    communication between the access points and wireless clients.
  2. Control frames: Control frames are responsible for ensuring a proper exchange of
    data between the access point and wireless clients.
  3. Data frames: Data frames carry the actual data sent on the wireless network. There
    are no sub-types for data frames.

Backtrack Penetration Testing: Exploitation


Medusa

Medusa is a log-in brute forcer that attempts to gain access to remote services by guessing at the user password. Medusa is capable of attacking a large number of remote services including FTP, HTTP, MySQL, Telnet, VNC, Web Form, and more. In order to use Medusa, you need several pieces of information including the target IP address, a username or username list that you are attempting to log in as, a password or dictionary file containing multiple passwords to use when logging in, and the name of the service you are attempting to authenticate with.

Backtrack Penetration Testing: Scanning


Scanning

The scanning process can be divided into three steps:
  1. Determining if a system is active.
  2. Port scanning the system.
  3. Scanning the system for vulnerabilities.

Backtrack Penetration Testing: Introduction


What is Penetration Testing?

Penetration testing is the legal and authorized attempt to exploit a computer system with the intent of making a network or system more secure. The process includes scanning systems looking for weak spots, and launching attacks and prove that the system is vulnerable to attack from a real hacker.

Backtrack Wireless: Introduction


Introduction:
This is a multi-part tutorial that will show you the tools of wireless attacks and penetration testing.
Required Hardware:
Most of this isn’t really required, but will be helpful on your hacking adventures.

Installing Backtrack


Tutorial 1: Installing Backtrack 5 to a Hard drive.
Tutorial 2: Installing Backtrack 5 to a Virtual Machine.
Tutorial 3: Installing Backtrack 5 via USB.
Installing Backtrack 5 to a Hard Drive
Head over to: http://www.backtrack-linux.org/downloads/ and download the BackTrack ISO and burn it to a bootable DVD or flash drive.
-Registering is up to you, just click “download” to skip.

TWO KIDS WIN FACEBOOK BOUNTY