Tool name : Metasploit Framework     Description : The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework [...]

read full post »

At BlackHat DC 2009 Moxie Marlinspike demonstrated how to subvert HTTPS with SSLStrip. SSLStrip intercepts HTTP traffic, watches for HTTPS links inside the data stream and maps these HTTPS links to HTTP. Whenever a victim clicks on such a mapped HTTPS link SSLStrip will notice it and act as a HTTP2HTTPS proxy server. All the [...]

read full post »

      Tool name : Tor     Description : Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP [...]

read full post »

      Tool name : Ettercap     Description : In case you still thought switched LANs provide much extra security Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering [...]

read full post »

      Tool name : Tcpdump     Description : Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application [...]

read full post »