October, 2008 | Blog Bujarra.com

Using Brutus – Password cracker

Discharge – AKI is quite fast and very easy to handle, The passes that can crack are: HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet, other types such as IMAP, NNTP, NetBus etc . And this version contains these features: Gradual authentication engine, 60 Simultaneous connections by target, No username, Single username and multiple username modes, List of passwords, Combo list (user/password) and configurable brute force modes, Highly configurable authentication sequences, Import and export custom authentication types as BAD files seamlessly, Being able to use SOCKS proxy for each session, Username and password list generation and manipulation functionality, HTML Forms Interpretation for HTML Form/CGI Authentication Types, Be able to save the cracking session and be able to return to it whenever desired. System Requirements: Windows 95, […]

Enumeración de usuarios…

La primera manera para sacar información de los usuarios que están logeados en un PC es con el comando ‘nbtstat’ (ver en NetBIOS), otra manera parecida es con el programa ‘nbtscan’ (descargar AKI), si ejecutas sólo el comando te dirá todas las opciones que tiene, example:

LANguard Network Security Scanner

You can download it from AKI. First things, Create a Scan Profile: To do this, we are going to “Configuration” > “Scanning profiles” > right button and > “New” > “Scanning Profile”:

NeWT Security Scanner (Nessus for Windows)

We downloaded it from AKI, We install and run it:

Scanner Nmap

Download it from AKI, and unzip it. It will be necessary to have the WinPcap libraries, If you don't have them, Download the latest version of HTTP://winpcap.polito.it/ or AKI.

Web Server Vulnerability Scanner: N-Stealth Security Scanner

N-Stealth is a non-free web server security scanner. It is generally, Updated more frequently than free web scanners such as Whisker and Nikto, but they exaggerate on their website. Allege “20.000 Vulnerabilities and exploits” so what “Dozens of vulnerability checks are added every day” And this is highly questionable. Also, It should be noted that basically, All General Tools Vulnerability Analysis {“VA tools”} such as nessus, ISS, Retina, SAINT, and SARA include components for web scanning. Maybe they are not so up-to-date, or are flexible enough. n-stealth is only for Windows and the source code is not included.

Vulnerability Scanner: Retina Network Security Scanner

Download it from AKI, And then, Like everyone else, First of all, keep it up to date, for this we open it.

Escaner de vulnerabilidad Shadow Security Scanner de Safety-lab

The first thing is to create the rules to be able to scan something, or else use an existing one.

X-Scan Vulnerability Scanner

This is a free vulnerability scanner, Its official website is: www.xfocus.org and those who have translated it into Spanish are the Seguridad0 team. You can download it from AKI, Not installed, you simply unzip it where you want and to open it you have to click on the executable (xscan_gui.exe).