is a platform for android mobile or any other mobile for
doing Malware Analysis, Development, Application Pentesting,forensics.
You can use it in any mobile security research, and if you have Droid
Fusion, you don't need to worry about finding tools. There are more then
60 tools and scripts and it is free.
is a ransomware program that was released
around the beginning of September 2013 that targets all versions of
Windows including Windows XP, Windows Vista, Windows 7, and Windows 8.
This ransomware will encrypt certain files using a mixture of RSA &
AES encryption. When it has finished encrypting your files, it will
display a CryptoLocker payment program that prompts you to send a ransom
of either $100 or $300 in order to decrypt the files. This screen will
also display a timer stating that you have 96 hours, or 4 days, to pay
the ransom or it will delete your encryption key and you will not have
any way to decrypt your files. This ransom must be paid using MoneyPak
vouchers or Bitcoins. Once you send the payment and it is verified, the
program will decrypt the files that it encrypted.
Cryptolocker will encrypt users’ files using asymmetric encryption, which requires both a public and private key. The public key is used to encrypt and verify data, while private key is used for decryption, each the inverse of the other.Below is an image from Microsoft depicting the process of asymmetric encryption
The bad news is decryption is impossible unless a user has the private key stored on the cybercriminals’ server. Currently, infected users are instructed to pay $300 USD to receive this private key. Infected users also have a time limit to
send the payment. If this time elapses, the private key is destroyed,
and your files may be lost forever.
Files targeted are those commonly found on most PCs today; a list of file extensions for targeted files include:
In some cases, it may be possible to recover
previous versions of the encrypted files using System Restore or other
recovery software used to obtain “shadow copies” of files.
Is it possible to decrypt files encrypted by CryptoLocker?
Unfortunately at this time there is no way to retrieve the private
key that can be used to decrypt your files without paying the ransom.
Brute forcing the decryption key is not realistic due to the length of
time required to break the key. Also any decryption tools that have been
released by various companies will not work with this infection. The
only method you have of restoring your files is from a backup or Shadow
Volume Copies if you have System Restore enabled. Newer variants of
CryptoLocker attempt to delete the Shadow Copies, but it is not always
successful.
How to remove Cryptolocker -Malwarebytes
CryptoPrevent Tool :
FoolishIT
LLC was kind enough to create a free utility called CryptoPrevent that
automatically adds the suggested Software Restriction Policy Path Rules
listed below to your computer. This makes it very easy for anyone using
Windows XP SP 2 and above to quickly add the Software Restriction
Policies to your computer in order to prevent CryptoLocker and Zbot from
being executed in the first place..
CryptoPrevent
You can download CryptoPrevent from the following page:
Once you run the program, simply click on the Block button to add the
Software Restriction Policies to your computer. If CryptoPrevent causes
issues running legitimate applications, then please see this section on
how to enable specific applications.
Stop Sign Internet Security :
Suite provides a powerful on-access scanner component
designed to monitor the system in real time. Keeping the operating
system and associated software properly updated can also be crucial in
maintaining a malware-free environment.
Although removal of Cryptolocker is included with a Stop Sign subscription,
concern the user may not have a backup of their documents has prompted
the Stop-Sign Research and Development Team to decide to not incorporate
an automated removal of Cryptolocker into the scanner.
Anti-Malware can detect and remove this ramsomware malware. Malwarebytes detects Cryptolocker infections as Trojan.Ransom,
but it cannot recover your encrypted files due to the nature of
asymmetric encryption, which requires a private key to decrypt files
encrypted with the public key.
by Bit Defender an Encryption blocking tool that can detect and block malware from the installation .
Intrusion prevention Systems can block the communication protocol send from the Cryptolocker infected ssytem to the remote command-and-Control server , where the malware retrieves the key to encrypt the files.
is a universal solution against crypto ransomware. This type
of ransomware encrypts your personal files and demands a ransom fee to
be paid in order to regain access to your files.
HitmanPro's CryptoGuard monitors your file system for suspicious
operations. When suspicious behavior is detected, the malicious code is
neutralized and your files remain safe from harm. CryptoGuard works silently in the background at the file
system level, keeping track of processes modifying your personal files.
CryptoGuard works autonomously, so no user interaction is required.
is designed to provide secure encryption of data that resides on public
and private cloud storage. Users can link their favorable cloud storage
account to CloudCapsule, and encrypt, import and export files securely
through CloudCapsule. That is, as suggested by the name Capsule, it
creates a secure environment on a user's iOS device to securely access
data in the Cloud. By security, this means data is encrypted in the
storage server, in transit, and only decrypted and accessible within the
CloudCapsule app.
Features:
Capsule
1. Linking with public cloud storage services, including Dropbox and GoogleDrive. 2. Strong secure file encryption with RSA-2048 and AES-256 and integrity protection with RSA-SHA1 or HMAC-SHA256. 3. Import and automatically encrypt plaintext files to a Cloud storage. 4. Export encrypted file through iDevice's e-mail account.
Privacy Browser
1.
Spoof User-Agent to hide device information. For both PC and mobile
platforms (iOS and Android), our private browser can be disguised as
Opera, IE, Firefox, or Chrome. 2. Spoof location to hide user's actual location to web services.
is a Free for non-commercial use software which works on Windows, Mac, iOS and Android Platform without any issue. BoxCryptor allows you to secure your data in any Cloud Storage service you are using like Dropbox, SkyDrive, Google Drive or any other cloud storage provider. BoxCryptor uses the AES-256 standard to encrypt and protect your files. AES-256 is classified by the U.S. Government to protect “TOP SECRET” information. In the Unlimited versions you can add an additional security layer by filename encryption.
Boxcryptor
is a Free for non-commercial use software which works on Windows, Mac,
iOS and Android Platform without any issue. BoxCryptor allows you to
secure your data in any Cloud Storage service you are using like
Dropbox, SkyDrive, Google Drive or any other cloud storage provider.
BoxCryptor uses the AES-256 standard to encrypt and protect your files.
AES-256 is classified by the U.S. Government to protect “TOP SECRET”
information. In the Unlimited versions you can add an additional
security layer by filename encryption. Read more at http://technokarak.com/top-five-software-to-secure-and-encrypt-cloud-storage.html#mJyAuIiMbrZVhrES.99
is another tool which can be used to secure your cloud storage. It is very easy to use and doesn’t require a great deal of technical ability to sync all of your Dropbox files. It has got very simple interface in which you just have to drag and drop the files and encryption and decryption process is very simple. It uses a 256 key bit for both cryptographic processors and offers high level of security to the data.
Boxcryptor
is a Free for non-commercial use software which works on Windows, Mac,
iOS and Android Platform without any issue. BoxCryptor allows you to
secure your data in any Cloud Storage service you are using like
Dropbox, SkyDrive, Google Drive or any other cloud storage provider.
BoxCryptor uses the AES-256 standard to encrypt and protect your files.
AES-256 is classified by the U.S. Government to protect “TOP SECRET”
information. In the Unlimited versions you can add an additional
security layer by filename encryption. Read more at http://technokarak.com/top-five-software-to-secure-and-encrypt-cloud-storage.html#mJyAuIiMbrZVhrES.99
is software which lets you encrypt your data on your local disk before you upload it to the Cloud Storage. This ensures that none of the Cloud storage service lets access to your data. Cloudfogger uses AES (Advanced Encryption Standard) with 256 bit key to carry out the encryption and decryption procedure of the cryptography. Cloudfogger can be used for almost all the Cloud services like Dropbox, SkyDrive, Google Drive and others also
lets you Cloud in Confidence with free, easy Cloud file encryption services for Dropbox. The best part is, if you know how to use Dropbox, you already know how to encrypt files using Viivo! Start enjoying the benefits of free Cloud security right away.Viivo is a tool which is especially made to secure content in Dropbox and it works prefect in all the devices like Mac, PC, Windows, iOS, Android. It is freely available for non-commercial use
offers different but useful functionality. With the help of Cryptsync you can manage two folders containing the same content, one has the normal files which you are using and other folder contains the encrypted format of those files. Now suppose you have to put important data on Cloud Storage and want it to be private, in this case CryptSync work perfectly fine as you can upload the encrypted folder with all password protect files on the Cloud Storage. Both the folders remains always in sync which means that if some modifications happens in one folder than it will be reflected in other also.
Http clear-text protocol is normally secured via an SSL or TLS tunnel,
resulting in https traffic. In addition to providing encryption of data
in transit, https allows the identification of servers (and, optionally,
of clients) by means of digital certificates.
SSL Testing Criteria :
Large number of available cipher suites and quick progress in
cryptoanalysis makes judging a SSL server a non-trivial task. These
criteria are widely recognised as minimum checklist:
SSLv2, due to known weaknesses in protocol design
SSLv3, due to known weaknesses in protocol design
Compression, due to known weaknesses in protocol design
Cipher suites with symmetric encryption algorithm smaller than 112 bits
X.509 certificates with RSA key smaller than 2048 bits
X.509 certificates with DSA key smaller than 2048 bits
X.509 certificates signed using MD5 hash, due to known collision attacks on this hash
TLS Renegotiation vulnerability
The following standards can be used as reference while assessing SSL servers:
NIST SP 800-52
recommends U.S. federal systems to use at least TLS 1.0 with
ciphersuites based on RSA or DSA key agreement with ephemeral
Diffie-Hellman, 3DES or AES for confidentality and SHA1 for integrity
protection. NIST SP 800-52 specifically disallows non-FIPS compliant
algorithms like RC4 and MD5. An exception is U.S. federal systems making
connections to outside servers, where these algorithms can be used in
SSL client mode.
PCI-DSS v1.2
in point 4.1 requires compliant parties to use "strong cryptography"
without precisely defining key lengths and algorithms. Common
interpretation, partially based on previous versions of the standard, is
that at least 128 bit key cipher, no export strength algorithms and no
SSLv2 should be used.
SSL Server Rating Guide has been proposed to standardize SSL server assessment and currently is in draft version.
SSL Server Database can be used to assess configuration of publicly available SSL servers based on SSL Rating Guide.
SSLDigger v1.02 :
is a tool to assess the strength of SSL servers by
testing the ciphers supported. Some of these ciphers are known to be
insecure
System Requirements:
Windows .NET Framework (can be installed using Windows Update)
is a tool that verifies SSL certificate and supported protocols/ciphers of a SSL-enabled webserver.
It is open source and is easily modified to support new protocols and
ciphers as they become available, the result is graded and it runs both
on Linux and Windows.
will help you diagnose problems with your
SSL certificate installation. You can verify the SSL certificate on
your web server to make sure it is correctly installed, valid, trusted
and doesn't give any errors to any of your users. To use the SSL
Checker, simply enter your server's hostname (must be public) in the box
below and click the Check SSL button.
is a suite of tools for security testing of web
applications. It was designed for security auditors to help them with
web application planning and exploitation.
Sunrise Technologies is proudly announces WebSurgery v1.1!
WebSurgery is a suite of tools for security testing of web applications. It is designed to address the ongoing needs of security auditors so to facilitate them with web application planning and exploitation. Suite currently contains a spectrum of efficient, fast and stable web tools
(Crawler, Bruteforcer, Fuzzer, Proxy, Editor) and some extra functionality tools (Scripting Filters, List Generator, External Proxy).
Tools Features
====
- Crawler
Crawler is designed to be fast, accurate, stable and completely parameterized using advanced techniques to extract links from HTML, CSS, Javascript and AJAX.
- Bruteforcer
Bruteforcer for files and directories within the web application which helps to identify the hidden structure.
- Fuzzer
Fuzzer is a highly advanced tool to create a number of requests based on one initial request. Can be used to exploit (Blind) SQL Injections, Cross Site Scripting (XSS), Denial of Service (DOS), Bruteforce for Username / Password Authentication Login Forms and identification of
Improper Input Handling and Firewall / Filtering Rules.
- Proxy
Proxy is a server running locally and will allow you to analyze, intercept and manipulate HTTP/HTTPS requests coming from your browser or other application which support proxies.
- Editor
Advanced ASCII/HEX Editor to manipulate individual requests.
Extra
====
- Scripting Filters
Advanced Scripting Filters to filter specific requests / responses with support of regular expressions and large number of variables.
- List Generator
List Generator for different list types (File, Charset, Numbers, Dates, IP Addresses, Custom) with additional rules support.
- External Proxy
External Proxy redirects suite's traffic to another HTTP/SOCKS proxy.
is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes highly offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
V4.5 Additions ========== JavaScript Beautifier Pause and Resume support for Scan Jump to Payload Cookie Support for POST Request Cookie Support and Custom Headers for Header Scanner Added TRACE method Support Improved Interface Better Proxy Support WAF Fingerprinting Load Files <exploitation module> Hash Calculator Hash Detector
is an integrated Web Application security assessment and exploitation
platform designed with the whole spectrum of security professionals to
web application hobbyists in mind. It suggests a security assessment
model which revolves around an extensible exploit database. Further, it
complements the power with various tools required to perform all stages
of a web application attack.
WAppEx is also equipped with a penetration testing
toolbox that makes an effective synergy with the Exploit Database and a
crafty security expert. The provided tools include Manual Request,
Exploit Editor, Dork Finder, Hidden File Checker… More tools, such as a
crawler, a multi-purpose fuzzer… are to be added to the arsenal in the
future releases of WAppEx.
Still, keep your eyes peeled as this is just the beginning of a new, powerful war machine in the pentest battleground.
The full list features is as below:
An exploit database covering a wide range of vulnerabilities.
A set of tools useful for penetration testing:
Manual Request
Dork Finder
Exploit Editor
Hidden File Checker
Neighbor Site Finder
Find Login Page
Online Hash Cracker
Encoder/Decoder
Execute multiple instances of one or more exploits simultaneously.
Execute multiple instances of one or more payloads (for every running exploit) simultaneously.
Test a list of target URL’s against a number of selected exploits.
Allows you to create your own exploits and payloads and share them online.
A number of featured exploits (6) and payloads (39) bundled within the software exploit database:
Testing and exploiting of Local File Inclusion vulnerabilities
Testing and exploiting of Local File Disclosure vulnerabilities
Testing and exploiting of Remote File Inclusion vulnerabilities
Testing and exploiting of SQL Injection vulnerabilities
Testing and exploiting of Remote Command Execution Inclusion vulnerabilities
Testing and exploiting of Server-side Code Injection vulnerabilities
W3AF ( Web Application Attack and Audit Framework) :
w3af core and
it's plugins are fully written in python. The project has more than 130
plugins, which check for SQL injection, cross site scripting (xss),
local and remote file inclusion and much more.
The project’s goal is to create a framework to help you secure your web
applications by finding and exploiting all web application
vulnerabilities. w3af to identify more than 200 vulnerabilities and
reduce your site’s overall risk exposure. Identify vulnerabilities like
SQL Injection, Cross-Site Scripting, Guessable credentials, Unhandled
application errors and PHP misconfigurations.
is a suite of tools for security testing of web applications. It was
designed for security auditors to help them with web application
planning and exploitation.
It currently contains a spectrum of efficient, fast and stable tools
such as Web Crawler with the embedded File/ Dir Brute forcer, Fuzzer
(for advanced exploitation of known and unusual vulnerabilities such as
SQL Injections, Cross site scripting (XSS)), Brute force (for login
forms and identification of firewall-filtered rules, DOS Attacks) and
WEB Proxy (to analyze, intercept and manipulate the traffic between your
browser and the target web application).
is an Open Source, feature-full, modular, high-performance Ruby
framework aimed towards helping penetration testers and administrators
evaluate the security of web applications.
It is smart, it
trains itself by learning from the HTTP responses it receives during the
audit process and is able to perform meta-analysis using a number of
factors in order to correctly assess the trustworthiness of results and
intelligently identify false-positives.
It is versatile enough
to cover a great deal of use cases, ranging from a simple command line
scanner utility, to a global high performance grid of scanners, to a
Ruby library allowing for scripted audits, to a multi-user multi-scan
web collaboration platform.
is a free and open source scanner and testing platform to test the
security of web applications. Vega can help you find and validate SQL
Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive
information,
and other vulnerabilities. It is written in Java, GUI based, and
runs on Linux,
OS X, and Windows.
Vega includes an automated scanner for quick tests and an
intercepting proxy for tactical inspection. The Vega scanner finds XSS
(cross-site scripting), SQL injection, and other vulnerabilities.
Vega can be extended using a powerful API in the language of the
web: Javascript.
is an open source project which is used to scan and analysis remote system
in order to find various type of vulnerabilities. This tool is very powerful
and support multiple vulnerabilities.
Description :
[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service [+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin [+]format infector - inject reverse & bind payload into file format [+]phpmyadmin - Search Target phpmyadmin login page [+]lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF [+]apache users - search server username directory (if use from apache webserver) [+]Dir Bruter - brute target directory with wordlist [+]admin finder - search admin & login page of target [+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks [+]MITM - Man In The Middle Attack [+]Java Applet Attack - Java Signed Applet Attack [+]MFOD Attack Vector - Middle Finger Of Doom Attack Vector [+]USB Infection Attack - Create Executable Backdoor For Infect USB For Windows [+]ARP DOS - ARP Cache Denial Of Service Attack With Random MAC [+]Web Killer Attack - Down Your WebSite On Network(TCPKILL) [+]Fake Update Attack - Create Fake Update Page For Target OS [+]Fake Access point Attack - Create Fake AP & Sniff Victims Information