Under9rounD.org

Hackers are concentrating their efforts on attacking applications in your website: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Web applications are accessible 24 hours a day, 7 days a week and control sensitive data such as customer details, credit card numbers and proprietary corporate
data.
Firewalls, SSL and locked-down servers are futile against web application hacking
Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications are often tailor-made, therefore tested less than off-the-shelf software, and are more likely to have undiscovered vulnerabilities. Manually auditing a website for vulnerabilities is virtually impossible - it needs to be
done automatically and regularly.

Read the rest of this entry »

GFI LANguard Network Security Scanner (N.S.S.) is a complete patch management solution.
After it has scanned your network and determined missing patches and service packs - both in the operating system (OS) and in Microsoft applications - GFI LANguard N.S.S. can deploy those service packs and patches network-wide, without user intervention.
GFI LANguard N.S.S. is the ideal companion to Microsoft SUS: Use GFI LANguard NSS to deploy service packs, Microsoft Office patches and patch reporting; and use Microsoft SUS for operating system patches.GFI LANguard Network Security Scanner is a patch management solution.
GFI LANguard supports service pack and application patching for English, Spanish, Italian, French and German versions of Windows NT/2000/2003/XP.
For those who do not want to use Microsoft SUS, GFI LANguard N.S.S. can deploy patches for English versions of Windows NT/2000/2003/XP. English-version Microsoft Exchange Server, Microsoft SQL Server and Microsoft ISA Server patches can also be deployed.

Read the rest of this entry »

Computer hacking forensic investigation  is the  process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.Securing and analyzing electronic evidence is a central theme in an ever-increasing number of conflict situations and criminal cases. Electronic evidence is critical in the following situations: Read the rest of this entry »

Network Support Specialist Technician DVD

The Network Support Specialist Tech DVD is a bootable DVD with all the tools needed to administer, toubleshoot, and support any size Network.Programs on Bootable portin of Disk:Verson 1 BacTrack Final
The Bootable portion of the disk is a Live-System based on KNOPPIX. With no
installation whatsoever, the analysis platform is started directly from the
CD-Rom and is fully accessible within minutes. Independent of the hardware in
use, the Auditor security collection offers a standardised working environment,
so that the build-up of know-how and remote support is made easier. Even during
the planning and development stages, our target was to achieve an excellent
user-friendliness combined with an optimal toolset. Professional open-source
programs offer you a complete toolset to analyse your safety, byte for byte. In
order to become quickly proficient within the Auditor security collection, the
menu structure is supported by recognised phases of a security check.
(Foot-printing, analysis, scanning, wireless, brute-forcing, cracking). Read the rest of this entry »

IP Full PACK
IP Board v2.2.1 PHP.NULL-DGT
IP Gallery v2.2.1 PHP.NULL-DGT
IP Blog v1.3.1 PHP.NULL-DGT
Invision Download Manager v1.1.0 Final PHP.NULL-DGT
96 modos from IPSBeyond
59 skins for forum
1 admin skin

Read the rest of this entry »

Nessus Security Scanner is an open-source vulnerability scanner that you can use to audit your network. Available from http://www.nessus.org, Nessus has three primary components: a server that launches tests, a client that controls the server, and vulnerability plugins. The server/client division lets clients communicate with one server and lets you distribute tests among different users, and Nessus’s many plugins let you run different attacks against a specified host and determine which holes are exploitable.

Although originally developed for UNIX systems—in fact, the Nessus server component runs only on UNIX—Nessus’s plugins can attack Windows machines as well, and a GUI client called NessusWX is available for Windows. The scanner uses OS-fingerprinting techniques to identify the target OS and runs only plugins related to that OS.

Read the rest of this entry »

SpoofGuard is a tool to help prevent a form of malicious attack called “web spoofing” or “phishing.”  Phishing attacks usually involve deceptive e-mail that appears to come from a popular commercial site. The email explains that the recipient has an account problem, or some other reason to visit the commercial site and log in. However, the link in the email sends the user to a malicious “spoof” site that collects user information such as account names, passwords, and credit card numbers. Once your user information is collected by a “spoof:” site, criminals may log into your account or cause other damage.

Read the rest of this entry »

::VulnScan & Expl0iters::
+Absinthe 1.3.1 Windows
+AnonFTP Anonymous Scanner
+Apache Scanner
+CGI Scanner
+DarkScanner 2.0
+FTP-IIS Fx Scanner
+HScan 1.20
+HTTP Server Detector
+ISS Internet Scanner v6.2.1
+JAAScoisX-Code RFI Code Exec Scanner
+N-Stealth Security Scanner v3.7 Built 67
+RFI T00l
+WebCheck
+Win32 x86 RFI Vuln Scanner Read the rest of this entry »

Read the rest of this entry »

Hackers are concentrating their efforts on attacking applications in your website: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Web applications are accessible 24 hours a day, 7 days a week and control sensitive data such as customer details, credit card numbers and proprietary corporate data.
Firewalls, SSL and locked-down servers are futile against web application hacking

Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 – which has to remain open. In addition, web applications are often tailor-made, therefore tested less than Read the rest of this entry »

Advanced Lan Scanner is a small, easy-to-use, highly configurable network scanner for Win32. And it`s fast. It`s VERY fast. Advanced Lan Scanner uses multithreading technique, that gives it ability to scan more than 1000 elements per second! If used to scan ports, Advanced Lan Scanner can scan all 65536 ports in less that minute! Also, fast scan is not only Advanced Lan Scanner good feature. It performs very deep scan upon each computer you wish, extracting users, services, shares and a lot of over useful information. It can connect to target machine using default user rights, or you can specify login and password to use. It also has a powerful export options with script language to describe your own save format! So, try our freeware program and see, how REAL Lan Scanner must look. Read the rest of this entry »

Safety Lab Shadow Security Scanner is a Proactive Computer Network Security Vulnerability Assessment Scanner with over 5000 audits.
This is a new generation of hi-tech software (network vulnerability assessment scanner) that perfor
med greatly in the 20th century and remains on the front line in the new millennium! Shadow Security Scanner (network vulnerability assessment scanner) has earned the name of the fastest - and best performing - security scanner in its market sector, outperforming many famous brands. Shadow Security Scanner has been developed to provide a secure, prompt and reliable detection of a vast range of security system holes. After completing the system scan, Shadow Security Scanner analyses the data collected, locates vulnerabilities and possible errors in server tuning options, and suggests possible ways of problem solution. Shadow Security Scanner employs a unique system security analysis algorithm based on a patented “intellectual core” Read the rest of this entry »

GFI LANguard Network Security Scanner (N.S.S.) is a complete network vulnerability management solution that allows you to scan, detect, assess and remediate any security vulnerabilities on your network. This award-winning solution scans the entire network, performs over 15,000 vulnerability assessments and identifies all possible security threats. The complete and thorough vulnerability assessment database includes standards such as OVAL (2,000+ checks) and SANS Top 20. GFI LANguard N.S.S. gives you the capability to perform multi-platform scans (Windows, Mac OS, Linux) across all environments and to analyze your network’s security health from a single source of data. This ensures that you are able to identify and remediate any threats in good time. When a scan is complete, GFI LANguard N.S.S. gives you all the functionality Read the rest of this entry »

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

• Verify that your network is set up the way you intended.
• Find locations with poor coverage in your WLAN.
• Detect other networks that may be causing interference on your network.
• Detect unauthorized “rogue” access points in your workplace.
• Help aim directional antennas for long-haul WLAN links.
• Use it recreationally for WarDriving. Read the rest of this entry »
  

THe hping security tool is available in different versions and for different systems. Hping2 is the old version of the tool supporting the command line interfiace, while the new hping3 is the evolution that adds a Tcl scripting engine. Note that hping3 even if used in command line mode (hping2 compatible mode) contains some fix, so if available for your system download hping3 instead of hping2. If you plan to use hping in order to perform automated networks scans and security tests you can use hping3 scripts instead of hping2 + shell scripts, it is much more powerful Read the rest of this entry »