the main
Programs
New hacker programs. A selection of "hacker" programs for android. Scanners Web Resources for Android

New hacker programs. A selection of "hacker" programs for android. Scanners Web Resources for Android

A penstress or on simple penetration tests is a legal way to deal with a real burglary, and even getting money for it. Advanced security audit is usually performed on a laptop with and specific equipment, but many security bars are easy to detect and using a conventional smartphone and tablet. In this article, we will look at 14 hacker applications that will allow you to perform a pensture using Android, without pulling out a laptop.

The article is written in research purposes. All information is familiarized. Neither the author of the article nor the administration is responsible for the unlawful use of the programs mentioned in the article.

Hacker programs for hacking from a smartphone

All hacker applications for android are divided into several groups:

  • Web resources scanners - hacker utilities to search for vulnerabilities.
  • Combines - allow you to search for vulnerabilities (and exploits for them) both in the software and in the hardware. Perform Sniffination, MITM attacks, etc.
  • Sniffiers are hacker applications for intercepting and analyzing traffic.
  • Auxiliary utilities - Tools helping in a penny.
  • Directories and search engines - applications that perform auxiliary functions.

Scanners Web Resources for Android

Let's start an overview of the programs for hacking a smartphone from the most important thing, namely from web application scanners. Here we have three applications that will allow you to find open admins, sting the password, test the site on XSS vulnerability, the possibility of SQL injections, make up the listings of directories and much more.

Mobile web application vulnerability scanners Lite is looking for typical errors in the configuration of the specified web server and tries to get the listing of directories (usually - successfully). Among the additional tools there is a haze generator and AES decrypter.
The application has simple and understandable settings. Supports HTTPS and checks the correctness of TLS. Able to search for XSS, brow CGI and perform in the dictionary. Can work in the background and in multi-threaded mode. Contains the Google Hacks database and automatically determines known vulnerabilities.


Kayra's report and screen about

For each item marked in the scan settings, a detailed report is created. On the screenshot only its small part is visible. The free version is quite functional, but sometimes annoying advertising. There are no advertising and restrictions in the paid version, its cost at the time of writing the article is 159 rubles.

  • Tested version: 1.4.0
  • Size: 4.7 MB
  • Android version: 4.1 and above
  • ROOT required: No

The next hacker program for Android is Droidsqli. The DROIDSQLI application is used to check websites for a vulnerability to SQL injections of four types:

  • Normal SQL Injection is a classic option with the transmission of the Union All Select parameter;
  • ERROR BASED SQL INJECTION - Use in queries knowingly incorrect syntax to obtain an error message revealing additional database parameters;
  • Blind SQL Injection - a series of querys with True / False response analysis from a DBMS that allows you to restore the database structure;

Time Based SQL Injection - the formation of additional queries causing the suspension of the DBMS at a certain time, which makes it possible to increase data extraction.


Demonstration of Error Based SQL-Injection

The DroidSQLI utility automatically selects the injection method, and also uses query filtering techniques.

To start the site testing, you must manually find the entry point. Is it usually a webpage address containing a view request? Id \u003d x or? P \u003d x, where x is an integer positive number. In our example, the dyiload for the id parameter looks like this:

id \u003d (Select Count (*), Concat (0x71626b6a71, (select (ELT (4777 \u003d 4777, 1))), 0x7170767871, Floor (Rand (0) * 2)) x from information_schema. Plugins Group by x) a)

The network has a lot of sites vulnerable to SQL injections. I think you can easily find some such, just looking at the history of your browser.

  • Tested version: 1.1
  • Size: 705 KB
  • Android version: 4.2 and above
  • ROOT required: No

The following tool for hacking from smartphones is the DroidBug Admin Panel Finder Free utility. The application is looking for admin panels in default addresses of different CMS. The result of its work does not always correspond to the real position of things, since the IDS and WAF are standing on popular web servers. They block the bust of the URL or redirect it to Honeypot (trap), which meets HTTP 200 OK to all requests, and collects the info itself on the attacking.

However, in less popular sites with safety, everything is very sad, and the valid admin panel is in seconds. In a paid version, worth 139 rubles, removed advertising and unlocked the ability to escape the mixed template for PHP / ASP / CGI / CFM / JS support sites.


Search for Admins on the site
  • Tested version: 1.4
  • Size: 6.3 MB
  • Android version: 2.1 and above
  • ROOT required: No

Combines for hacking from a smartphone

The Internet consists not only of web applications, and the holes find not only in them. The next selection of hacker applications for Android will allow you to look for vulnerabilities (and exploits for them) in software and hardware, perform sniffing, mitm attacks, leave and do a lot of other interesting things.

cSPloit is a Dean of the most functional tools for scanning networks and search for vulnerabilities on found hosts. Maps network card and displays information about all devices found in it. Able to determine their IP / Mac and Vendor (according to the first three MAC addresses), to determine the OS installed on them, search for vulnerabilities using MetaSploit Framework RPCD and brutfort passwords.


Search for clients and MITM attack

Performs MITM attacks of different types through the DNS spoofing (it is possible to replace media files in traffic on the fly, JS injections, hijacking sessions and capture cookie for authorization without password entry). Also knows how to disconnect individual devices (or disconnect them with a scope from the access point). Intercepts traffic and saves it in format.pcap or redirects where you wish.

cSPLOIT contains a tool for creating and sending to the selected host any TCP / UDP package. The link redirects to the online service to select and operate vulnerabilities under a certain model. The base has ceased to be updated in 2015, but still retains relevance. In my brief test on the ASUS router, which is produced since the end of 2016, in the fresh firmware (April 2018) a vulnerability was discovered first described in 2009.


Open ports and selection of exploits for the chosen target

Additionally, the CSPLOIT helps to create a hostele remote and get complete control over the past past past. In general, it is a unambiguous Must Have for Pentesters, and not only for them.

  • Tested version: 1.6.6 RC2
  • Size: 3.5 MB
  • Test assemblies CSPLOIT NIGHTLY available
  • Android version: 2.3 and above
  • Requires Ruth: Yes!
  • in System / Bin

cSPLOIT, INTERCEPTER-NG and other powerful utilities deserve more detailed consideration in individual articles. We propose first to get used to the basic principles of pentest on the example of simple applications, and then go to hardcore.

Fork Csploit from Simone Margaritelli, who ordered to live for a long time in 2014. The project remained in the beta stage with a very raw code. If the CSpoit worked for me without complaints, the last three versions of the DSPloit dropped with an error almost immediately after launch.


The same Csploit, side view

Since Margaritaleli got a job in Zimperium, DSPloit's work was included in the Zanti branded utility.


Scanning Wireless Network and Host Detection
  • Tested (not quite successful) Version: 1.1.3c
  • Size: 11.4 MB
  • Android version: 2.3 and above
  • ROOT required: Yes!
  • Additional requirements: Install BusyBox in / System / Bin, show a tendency to masochism

zanti.

Mobile application for penzes from Zimperium. More modern, stable and visual analog of DSPLOIT.

The Zanti interface is divided into two parts: scanning and mitm. In the first section, he, like the DSPLOIT and the original CSPLOIT, mapits the network, defines all hosts, their parameters and vulnerability.


Nmaps network

A separate function is the definition of vulnerabilities on the smartphone itself. According to the program report, our test Nexus 5 contains 263 holes that will not be closed because the life of the device has expired.


Detection of vulnerabilities

zanti helps to hack routers and receive full access to them (with the ability to change the admin password, set another SSID, PSK, and so on). Using MITM attacks, Zanti reveals unsafe elements on three levels: in OS, applications and device settings.

Key feature - generating a detailed report on all scanned elements. The report contains explanations and tips to eliminate the found flaws.


Zanti report
  • Tested version: 3.18
  • Size: 24 MB
  • Android version: 2.3 and above
  • Requires Ruth: Yes!
  • Notes: Zanti does not work on devices with architecture processors x86 and x86_64

Sniffiers to intercept traffic on Android

No pen prestater do without good. This is the same ordinary tool like a knife on the cook table. Therefore, the following section of the article is devoted to applications for intercepting and analyzing traffic.

- This is an advanced sniffer focused on making MITM attacks. Captures traffic and analyzes it on the fly, automatically defining authorization data in it. Can save the intercepted traffic in format.pcap and analyze it later.

Among the automatically defined data formats, there are passwords and hashies for the following protocols: AIM, BNC, CVS, DC ++, FTP, HTTP, ICQ, IMAP, IRC, KRB5, LDAP, MRA, MYSQL, NTLM, Oracle, Pop3, Radius, SMTP, SOCKS , Telnet, VNC.


Scan and Arp Spoofing

Intercepter-NG collects files transmitted via FTP, IMAP, POP3, SMB, SMTP and HTTP. CSPLOIT and analogs from intercepted packets and analogs, intercepter-NG uses ARP spoofing to execute MITM. It supports SSLStrip, which allows you to perform MITM attacks even with HTTPS traffic, replacing the HTTPS requests of the attacked hosts of their HTTP options through the built-in DNS proxy.

In addition, he knows how to determine the ARP spoofing in relation to itself (useful when connecting to public hotspots) and protect against it. When you click the icon in the form of an umbrella, ARP cache is checked.

  • Tested version: 2.1 (Console - 0.8)
  • Size: 5.2 MB
  • Android version: 2.3 and above
  • Requires Ruth: Yes!
  • Additional requirements: Install BusyBox in / System / Bin

A simpler and "legal" TCP / UDP packet analyzer with the ability to intercept https sessions via MITM. Does not require, because it uses the process of proxing traffic through android through and the SSL certificate substitution.

In Android 6.0.1 and more recent versions you need to manually add a CA certificate through the application settings.


Traffic capture

Packet Capture works locally. He does not perform ARP spoofing, hijacking sessions and other attacks on external hosts. The application is positioned as for debugging and downloaded from the official market. Able to decode packages as text / hex / urlencoded, but does not yet support compressed (GZIP) HTTP requests.

With Packet Capture, it is convenient to control the network activity of installed applications. It shows not just the amount of traffic transmitted, and what exactly and where each program or the built-in Android component sends, which packages and from which servers receives in response. Excellent utility for the search for Trojan bookmarks and annoying advertising.

  • Tested version: 1.4.7
  • Size: 4.5 MB
  • Android version: 2.3 and above
  • ROOT required: No

Auxiliary hacker utilities for Android

If advanced feedback utilities require root and busybox, then applications are simply available in the Play Store and work on any smartphone without tricks. ARP spoofing and MITM attacks do not fulfill, but to scan the wireless network, the detection of hosts and explicit safety problems is enough.

This program scans the ether in search of access points with the WPS function. I find such, she tries to try on them default pins. They are a bit, and they are known from the manuals of routers manufacturers.

If the user has not changed the default PIN and did not turn off the WPS, then the utility is most in five minutes it moves all the known values \u200b\u200band gets WPA (2) -PSK, no matter how long and complex it is. The password from the wireless network is displayed on the screen and is automatically saved in the Wi-Fi smartphone settings.


WPPS hotspot detection

Since the release of that article WPSAPP has been updated and has become better in all respects. She knows more Pins of various vendors, quickly goes through them and learned to brutfort in new modes. The utility works both on the rutted smartphones and without root rights. She has many analogues, but they are all less effective.

  • Tested version: 1.6.20
  • Size: 3.0 MB
  • Android version: 4.1. It works much better on Android 5.1 and newer
  • ROOT required: preferably, but not necessarily

Support and free Wi-Fi-Network Scanners. A very convenient utility for detecting access points (including hidden), clarifying their parameters (Mac, vendor, channel, encryption type), signal power estimates and distance to them. The distance from the router is calculated by the formula for direct visibility, so it is not always indicated quite accurately.


Display of hidden networks and evaluation of channel noise

Wifianalyzer allows you to visually see the situation on the air, filter out targets by signal level, SSID used by the frequency (2.4 / 5 GHz) and the type of encryption. You can also manually determine the least roaming channel by the schedules of two types: the usual and temporary accumulation.

In short, WiFianalyzer is what is worth starting exploration in wireless networks. The search for targets with certain parameters will save a bunch of time with further operation with advanced utilities.

  • Tested version: 1.8.11
  • Size: 1.6 MB
  • Android version: 4.1 and above
  • ROOT required: No

Fing.

Often, the functionality of hacker utilities intersects with the possibilities of completely legal tools that system administrators use for setup networks.

Fing is one of these tools. It quickly scans the Wi-Fi network to which you managed to connect (for example, using WPSApp), and defines all hosts. It can be in demand to check your own wireless network for NSDs, but agree, to explore unfamiliar networks much more interesting.


Defining ports and services on selected hosts

Fing performs advanced analysis of NetBiOS, UPNP and Bonjour names, therefore it determines the types of devices and shows more of their properties. Fing integrated Ping and Tracerout utilities. He also knows how to send Wol (Wake On LAN) requests, remover of "sleeping" devices that support this function.

Fing automatically defines open ports and services associated with them. When SMB, SSH, FTP and other Fing is detected, offers to connect to them, causing external programs from your menu for this. If the corresponding utility (for example, AndSMB) is not installed, the fing opens a link to load it.

Additional features of the program are open after registering the Fing account. You can perform the inventory of devices and networks. Even more functions opens after the acquisition of hardware FingBox. He knows how to track the connection of unborn guests and selectively block their devices, as well as check the Internet connection to typical problems and automatically eliminate them.

  • Tested version: 6.7.1
  • Size: 10 MB
  • Android version: 4.1 and above
  • ROOT required: No

The application defines all client devices in a wireless network, and then uses ARP spoofing to selectively shut down or enjoys the connection to all other than yourself. And then you can download files at full speed somewhere in the cafe, looking at how other visitors are tormented.


Netcut - find and nod!

Joke! So to do is not unforgettable, but quickly pound an attacker, without climbing the settings of the router, - why should I? You can not just turn off the connection for any host, but constantly block its attempts to connect to the access point until it change the MAC address (see the Jail tab).

If someone tries to make such a fint regarding your device, Netcut will determine the ARP cache poisoning and clears it (see Netcut Defender). For a dollar per month, you can get an account Pro, remove advertising and restrictions.

  • Tested version: 1.4.9
  • Size: 12 MB
  • Android version: 4.0 and above
  • ROOT required: Yes!

References and search engines for a pensector

Finally, we will tell about a pair of useful utilities that do not have a direct relationship to hacking, but perform auxiliary and informational function more.

Welcome! On this site, all the best from the team of hackers is collected. In the "Files" section you will find everything you need for any hacker: WMrobber, Trojans, viruses, Joiner, Keyspy, textbooks, various collections and much more.

All files are packed in archives (RAR) with the same password. On how to get the password, see the "Password" section.

Below are some of the available programs.

WebMoney Robber V2.5.
Description This program will change your life! With it, you can get big money. Internet connection is required (Modem / LAN). The program does not require your WM Indefikator, password and keys; And you can use it from any computer.

Detailed instructions for using the program is in the archive downloaded.

All trojans, clab. Spies, viruses, etc., downloaded from our site, are not determined by any antivirus.

Thanks to the "deactivation of an emulator" method, antiviruses will not be able to determine our products for a long time.

In extreme cases, new software versions will be released.

Joiner Glue File V1.5
Description Joyner - the program glues various files to one EXE file. For example, you can glue the virus with some exciting game and send to your enemy. He will launch the game and get infected with a virus, nothing suspension. This joiner can glue up to 255 different files. It has a wide variety of settings for each glued file. Can encrypt, compress, add glued files to autoload, etc. And of course, the result of the result (the result of gluing) is not determined by antivirus.!

Trojan ETH V3.5 (Elusive Trojan Horse)
Description This is a remote administration system. Functionality exceeds Remote Administrator. Through this Troyan, it is possible, as in Radmin, fully control the sacrifice computer (full control). It has the search function for passwords and keys from various programs (Webmoney, postal clients, etc.) on the victim's computer. This Troyan is prescribed in six places, and firmly sits in the system. It is not visible in the list of processes. Suitable for all Windows operating systems.

Claw. Spy MSKEYSSPY NET V1.0
The description is firmly prescribed in the system. Not visible in the list of processes. Disasters EN and RU keyboard layout, upper and lower case registers. It has more variety of settings. Leads a detailed log file with the date and time of entries. Shows the header of the program in which the keys click. Sends a log file to the host by mail.

Anonymity in Network v2.0
Description hides your IP address and MAC address (at the program level).

MSCOOKIE EDITOR V1.5.
Description Cookie File Editor. You can also edit PWL files.

Tutorial: Free Internet.
Description If you are tired of paying for the use of the Internet, then this collection is for you. Here are collected thirty best ways. All ways are relevant.


Tutorial: hacking on the Internet.
Description Tutorial on hacking sites, E-mail addresses, etc.

Collection of passwords to paid porn sites.
A description of about 1000 passwords to 100 best porn plats. The collection is often updated. Workers passwords at least 95%.

Collection of celebrity e-mail addresses
Description These are personal and little-known postal addresses of popular pop stars and cinema. Having writes to such an e-mail, your letter is not lost in a pile of letters from fans. The collection contains addresses of 83 celebrities.

Hacker Top Programs

Hidden from guests

It has a number of features that can help the pen prestater and hakra. Two compatible applications used in this tool include "Burp Suite Spider", which can be listed and scheduled various pages and website parameters by studying Cubes. Initiates the connection with these web applications, as well as "Intruder", which performs a range of automated attacks of nancent web applications.

Burp Suite. It is a great web hacking tool that many pensets can use to verify the website vulnerability and the fiction of web applications. Burp Suite works using a detailed knowledge of the application that was withdrawn from the HTTP protocol. The tool works through the algorithm that is configured and can generate a malicious attacking HTTP query that hackers are often used. Burp Suite is specially indispensable to detect and identify vulnerabilities for SQL injection and cross-site scripting.

Hidden from guests

Also known as "IPScan" is a freely available network scanner for hacking, which is simultaneously fast and easy to use. The main goal of this hacking tool to scan IP addresses and ports is to find open doors and ports in other people's systems. It is worth noting that Angry IP Scanner also has a bunch of other ways to hack only to know how to use it. General users of this hacking tool are network administrators and system engineers.

Hidden from guests

It is an amazing tool for network hacking, which can be configured in one of three specified modes:
  1. it can be used as an interceptor
  2. package registrar
  3. to detect intrusion online
More often, hackers use the sniffer mode, it gives them the opportunity to read network packets and display them on the graphical user interface. In the registrar mode of packages, SNORT will conduct an audit and register packets on the disk. In intrusion detection mode, SNORT monitors network traffic and analyzes it with a set of rules defined by the user.

THC HYDRA - is often considered as another password cracker. ThC Hydra is extremely popular and has a very active and experienced developer team. In essence, Hydra is fast and stable for hacking logins and passwords. It uses the dictionary and brutize the attacks to try various combinations of logins and passwords on the entry page. This hacking tool supports a wide range of protocols, including Mail (POP3, IMAP, etc.), databases, LDAP, SMB, VNC, and SSH.

Wapiti - has very devoted fans. As a tool for feeding (or Frymvork), Wapiti is able to scan and identify hundreds of possible vulnerabilities. In fact, this multipurpose hacker utility can check the security of web applications by performing the "black box" system. That is, it does not study the source code of the application, but scans the HTML-pages of the application, scripts and forms where it can shove their data.

Today it is a hacker top programs. Do you have information Freshly? - Share it in the comments. Have questions? - Set. We will always answer and explain everything.

  • Michael Hendrickx.
  • URL: michaelhendrickx.com/lilith.
  • System: * Nix / Win.

Lilith is a perl "Web script, designed to audit web applications. More precisely, it is a scanner and an injector HTTP-forms. Tulza analyzes a web page for tags

and then test them on SQL injections. Lilith works Almost the same as an ordinary search spider, only with a small hacker bias: it is injecting various special mixes in the forms with certain values, and then analyzes the web server response. Main features and functionality Utilities:

  • a small number of false positives (however the author warns that the results can be correct not 100%, check them with handles);
  • coldFusion support;
  • many parameters for transmission of additional information scripts (cookies, user agent, etc.);
  • advanced logging of all scanning parameters;
  • recursive file scanner and directory.

Warning!

All information is provided solely for informational purposes. Neither the editors nor the author are responsible for any possible harm caused by the materials of this article.

In the simplest case, the scanner starts like this:

./lilith.pl www.target.com.

  • d - directory or file to start scanning;
  • u - data for Basic Authentication;
  • p - proxy;
  • T - interval between requests;
  • f - write an extended log to the file;
  • r - recursive corolling;
  • A - output to the screen of all HTTP codes.

The remaining parameters, as well as detailed helpe in English, you will find on the official scanner website.

Shellfy: Convenient SHELLA control

  • Anonymous.
  • URL: bit.ly/sw1i4w.
  • System: * Nix / Win.

If you want to work comfortably with a lot of shells, you can hardly find a better shellfy tool. The main idea of \u200b\u200bthis system written in Perl is the centralization of everything and everything. Shellfy consists of two parts: client and server. The client part represents the usual php-shell, which must be saved on a remote server (more precisely, a lot of shelves that need to be kept on different servers), and the server part is, actually, the Perl itself, the shell control script itself.

The main program window contains six tabs, whose names speak for themselves:

  • Shells;
  • "Domains" (Domains);
  • "Statistics" (STATS);
  • "Update" (Update);
  • "Settings" (settings);
  • "Proxy" (Proxy).

There is also an additional section called "Terminal", which is responsible for "Communication" with Shell on a remote server. The program is on your car, and the shell himself is on a remote server. It also allows parallel to download several sessions.

Start work with a script is simple enough: Floors All the contents of the archive in your CGI-BIN directory and run the SETUP.PL script. It will hold all the necessary manipulations in automatic mode. For a detailed manual for working with Shellfy and is looking for it in a folder with a program.


Static code analysis with Agnitio

  • David Rook.
  • URL: .
  • System: Windows.

The IB community knows a great set of programs for static analysis of source code for critical errors. Tulza Agnitio is beneficial to the openness of sorts and versatility among them. Joke Lee, the analyzer supports most of the popular programming languages: ASP, ASP.NET, C #, Java, JavaScript, Perl, PHP, Python, Ruby, VB.NET, as well as XML.

Let us list only some features and functionality of this wonderful program:

  • the ability to work in a team in the process of research;
  • beautiful profiles for manual code analysis;
  • a convenient profile of the studied application for analyzing its sources;
  • detailed reports sorted by the name of the researcher, the application name and many other parameters;
  • list of cases for future code analysis;
  • automatic static code analysis;
  • the built-in list of leading questions intended for assistance in the code analysis (the so-called check list).

The huge advantage of the project is also its frequent updates. As you can see, Agnitio may well come in handy by any professional pen prestater (or a whole team of professionals) in his daily work.


Pentest HTTP interfaces

  • Corey Goldberg.
  • URL: www.webinject.org.
  • System: * Nix / Win.

WebInject is a free utility designed to automatically test web applications and web services. It is suitable for testing individual system components with HTTP interface (JSP, ASP, CGI, PHP, AJAX, Servlets, HTML Forms, XML / SOAP Web Services, REST, etc.), and to create a whole test of tests, With which you can collect statistics and monitor the operation of the system almost in real time (for example, track the time of response of web applications). Since the XML language appears as an API to create tests, any programmer will be able to cope with the setting. The XML format also generates reports on penstures, and therefore, they can be successfully used in any compatible external program.

The undoubted plus of the program is the fact that it is written on Perl and can work almost on any platform. However, today Exnector WebInject is available only for Windows only. To start the utility in another OS, you will need a Perl working interpreter.


NetworkMiner package analyzer

  • Erik Hjelmvik.
  • URL: bit.ly/egh2pr.
  • System: Windows.

The wonderful NetworkMiner utility is one of the best tools to analyze the intercepted data that is saved in PCAP format. The utility passively analyzes the dump with traffic, unmistakably defines participants in the exchange of network data and recognizes operating systems installed on each host, on the size of the window, the lifetime of the package and the unique set of flags. NetworkMiner also issues structured information about open sessions, active ports and other network infrastructure, removes banners of various demons. One of the most important features of the program is the ability to retrieve files and certificates transmitted over the network. This feature can be used to intercept and preserve all kinds of audio and video files. FTP, HTTP and SMB protocols are supported. Extraction of user data (logins and passwords) is also available. The program can also be used to sniffing and parseing the WLAN traffic (IEEE 802.11). By the way, the "total" for 500 euros, the developer also offers a paid version of his creation, from the legs to the head hung with all other buns. But in most cases we are quite enough and the free version of NetworkMiner.

We collect subdomains and e-mail accounts

  • EDGE-SECURITY.
  • URL: Bit.ly/oa9vi.
  • System: * Nix / Win.

If you are interested in any site, then first of all you will probably try to get a maximum of information about him. This information includes e-mail accounts, user names, virtual hosts and subdomains. Of course, various hacker combines like Acunetix WVS include the appropriate modules, but to apply them for this purpose - it's like shooting from guns on sparrows. In general, I advise you to use the wonderful Theharvester utility first demonstrated at the latest Blackhat conference. This python script collects all the above information from all available public sources, such as search engines and servers with PGP keys.

Functionality and features of the utility:

  • customizable interval between requests;
  • generation of reports in XML and HTML;
  • verification of the found virtual hosts and subdomains;
  • calculation of subdomains on DNS;
  • DNS REVERSE LOOKUP;
  • building advanced graphs for reports;
  • search for information about users and hosts in Google, Bing, Linkedin and Exalead.

An example of a team to search with Tulse all e-mail "OS domain Microsoft.com in the first five hundred results issued by Google, looks like this:

./theharvester.py -d Microsoft.com -L 500 -B Google

Facebook!

  • Ahmed Saafan.
  • URL: code.google.com/p/fbpwn.
  • System: * Nix / Win.

Many people lay out more information about themselves on social networks. And make a huge mistake! Almost anyone with due diligence can learn about you and your friends everything! As an example of one of the funds for disclosing personal data, I will give a FBPWN toolz - an open cross-platform Java application designed to dump Facebook user profiles. The prog sends the list of specified users requests for adding friends and is waiting for confirmation notifications. As soon as the victim approves the request, the application saves all the photos, a list of her friends and other information from its profile in the specified local folder.

A typical FBPWN work scenario looks like this:

  1. All available information is collected from the victim's page.
  2. Then the Friending plugin is started, adding to the friends of all the victim's friends (to have several common friends).
  3. Further, a clonning plugin comes into business, cloning the name and photo of one of the victim's friends.
  4. Requests the above request to add to the list of friends.
  5. After confirming the query, all available pages are included. After a few minutes, the sacrifice may remove your fake account from friends, but it will be too late. 🙂

Programs

You may also like