HackDig : Dig high-quality web security articles for hacker

RWMC – Retrieve Windows Credentials With PowerShell

RWMC is a Windows PowerShell script written as a proof of concept to Retrieve Windows Credentials using only PowerShell and CDB command-line options (Windows Debuggers).It allows to retrieve credentials from Windows 2003 to 2012 and Windows 10 (It was tested on 2003, 2008r2, 2012, 2012r2 and Windows 7 – 32 and 64 bits, Windows 8 and Windows 10 Home edi
Publish At:2016-01-26 04:10 | Read:3951 | Comments:0 | Tags:Hacking Tools Password Cracking Windows Hacking hacking wind

LaZagne – Password Recovery Tool For Windows & Linux

The LaZagne project is an open source password recovery tool used to retrieve passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases and so on). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment
Publish At:2015-12-29 07:05 | Read:5838 | Comments:0 | Tags:Windows Hacking Linux Hacking Hacking Tools Password Crackin

PowerSploit – A PowerShell Post-Exploitation Framework

PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. Basically PowerSploit is a PowerShell Post-Exploitation Framework that helps you with various tasks like DLL injection, invoking shellcode and setting up script persistence.It also includes reflective PE injection and ca
Publish At:2015-12-21 18:15 | Read:4077 | Comments:0 | Tags:Windows Hacking Hacking Tools powershell privilege escalatio

SprayWMI – PowerShell Injection Mass Spray Tool

SprayWMI is a method for mass spraying Unicorn PowerShell injection to CIDR notations. It’s an alternative to traditional, ‘noisy’ tools which leave something on the disk like PsExec, smbexec, winexe and so on.These tools have worked really well, however, they are fairly noisy creating a service and touching disk which will trigger modern d
Publish At:2015-12-08 04:45 | Read:4802 | Comments:0 | Tags:Exploits/Vulnerabilities Hacking Tools Windows Hacking power

windows-privesc-check – Windows Privilege Escalation Scanner

Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfiguration that could allow local unprivileged users to escalate privileges to other users or to access local applications (e.g. databases).Essentially it’s a Windows privilege escalation scanner, the Microsoft side of the World counterpart to unix-prive
Publish At:2015-10-17 08:15 | Read:3589 | Comments:0 | Tags:Security Software Windows Hacking PyInstaller Python windows

WinRAR Vulnerability Is Complete Bullshit

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation.I got interested (obviously..as that’s what I do here) and went to read about it, I have to call pretty sketchy, non-technical reporting from the The Register for once, it seems like it was written by a
Publish At:2015-10-01 07:05 | Read:3870 | Comments:0 | Tags:Exploits/Vulnerabilities Windows Hacking 7zip winrar winrar

peinjector – MITM PE File Injector

The peinjector is a MITM PE file injector, the tool provides different ways to infect Windows platform executable files (PE COFF) with custom payloads without changing the original functionality. It creates patches, which are then applied seamlessly during file transfer. It is very performant, lightweight, modular and can be operated on embedded hardware.Fea
Publish At:2015-09-21 17:05 | Read:3889 | Comments:0 | Tags:Hacking Tools Programming Windows Hacking inject shellcode i

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types.Techniques such as Pass the H
Publish At:2015-07-28 01:40 | Read:3279 | Comments:0 | Tags:Exploits/Vulnerabilities Hacking Tools Password Cracking Win

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows!A real show of support for open source technology and a commitment to making Windows servers more technologically r
Publish At:2015-06-09 23:25 | Read:3158 | Comments:0 | Tags:Countermeasures Windows Hacking microsoft openssh openssh in

Samba Service Hit By Remote Code Execution Vulnerability

A critical vulnerability has been fixed in Samba — Open Source standard Windows interoperability suite of programs for Linux and Unix, that could have allowed hackers to remotely execute an arbitrary code in the Samba daemon (smbd).Samba is an open source implementation of the SMB/CIFS network file sharing protocol that works on the majority of opera
Publish At:2015-02-24 20:40 | Read:2531 | Comments:0 | Tags:hacking linux hacking news linux remote code execution Remot

Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions

Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets).This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections
Publish At:2015-02-19 21:55 | Read:3022 | Comments:0 | Tags:Hacking Tools Password Cracking Windows Hacking dump windows

15-Year-Old JasBug Vulnerability Affects All Versions of Microsoft Windows

Microsoft just issued a critical patch to fix a 15-year-old vulnerability that could be exploited by hackers to remotely hijack users’ PCs running all supported versions of Windows operating system.The critical vulnerability — named "JASBUG" by the researcher who reported the flaw — is due to a flaw in the fundamental design of Windows th
Publish At:2015-02-11 17:25 | Read:3550 | Comments:0 | Tags:hacking news JasBug Vulnerability Microsoft Microsoft Patch

SnoopyPro – Windows USB Sniffer Tool

SnoopyPro is a lightweight, standalone (no installation necessary) USB sniffer tool, it will log all data exchange between USB Device and its driver under a Windows environment. It definitely works on Windows XP, unsure about newer versions.SnoopyPro allows you to intercept, display, record and analyze USB protocol and all the data transferred between any US
Publish At:2015-02-02 22:45 | Read:7049 | Comments:0 | Tags:Hardware Hacking Windows Hacking snoopy pro snoopypro usb us

Sparty – MS Sharepoint and Frontpage Auditing Tool

Sparty is an open source Sharepoint and Frontpage auditing tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web admin
Publish At:2014-11-20 10:20 | Read:4482 | Comments:0 | Tags:Web Hacking Windows Hacking frontpage auditing tool frontpag

Microsoft Schannel Vulnerabilty – Patch It NOW

So yah, it seems like every implementation of TLS is broken and some may say this Microsoft Schannel vulnerabilty is actually worse than Heartbleed. Why is it worse you ask? Because it allows remote code execution, which honestly – is about as bad as it gets.This is a critical update, a really, really critical patch that must be applied ASAP to all Win
Publish At:2014-11-13 02:50 | Read:3011 | Comments:0 | Tags:Cryptography Exploits/Vulnerabilities Windows Hacking micros

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud