Monday, 11 March 2013

Biggest password cracking wordlist with millions of words



 Click Here to Download Torrent

CrackStation's 15GB 1.5 billion entry password cracking dictionary.

The wordlist is being sold by CrackStation using a "pay what you want" model. If you find this dictionary helpful, please consider making a small contribution at: http://adf.ly/KdKsl

From the web page:

The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago.

The format of the list is a standard text file sorted in non-case-sensitive alphabetical order. Lines are separated with a newline "n" character.

You can test the list without downloading it by giving SHA256 hashes to the free hash cracker. Here's a tool for computing hashes easily. Here are the results of cracking LinkedIn's and eHarmony's password hash leaks with the list.

The list is responsible for cracking about 30% of all hashes given to CrackStation's free hash cracker, but that figure should be taken with a grain of salt because some people try hashes of really weak passwords just to test the service, and others try to crack their hashes with other online hash crackers before finding CrackStation. Using the list, we were able to crack 49.98% of one customer's set of 373,000 human password hashes to motivate their move to a better salting scheme.

Click Here to Download Torrent
Posted by at No comments:
Labels: ,

Sunday, 10 March 2013

Gray Hat Hacking The Ethical Hackers Handbook , 3rd Edition



THE LATEST STRATEGIES FOR UNCOVERING TODAY'S MOST DEVASTATING ATTACKS


Thwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource.

  • Develop and launch exploits using BackTrack and Metasploit

  • Employ physical, social engineering, and insider attack techniques

  • Build Perl, Python, and Ruby scripts that initiate stack buffer overflows

  • Understand and prevent malicious content in Adobe, Office, and multimedia files

  • Detect and block client-side, Web server, VoIP, and SCADA attacks

  • Reverse engineer, fuzz, and decompile Windows and Linux software

  • Develop SQL injection, cross-site scripting, and forgery exploits

  • Trap malware and rootkits using honeypots and SandBoxes

About the Author


Allen Harper, CISSP, a retired Marine Corps Major, is the president and founder of N2NetSecurity, Inc., and a faculty member for the Institute for Applied Network Security, He has worked as a security consultant for the Internal Revenue Service and for Logical Security, LLC.

Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and a bestselling author. She was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Jonathan Ness is a software security engineer at Microsoft. He is a member of an Air National Guard unit where he leads network penetration tests against military facilities across the country and helps define the information warfare aggressor mission for the Air Force.

Chris Eagle is a senior lecturer in the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California. A computer engineer/scientist for 25 years, his research interests include computer network attack and defense, computer forensics, and reverse/anti-reverse engineering. He can often be found teaching at Black Hat or spending late nights working on capture the flag at Defcon

Gideon J. Lenkey, CISSP co-founded Ra Security Systems, a network security monitoring and consultancy. He has provided advanced training to the FBI and is the sitting president of the FBI's InfraGard chapter in New Jersey.

Terron Williams, NSA IAM-IEM, CEH, CSSLP, works for Elster Electricity as a Senior Test Engineer with his primary focus on Smart Grid Security. He has served on the editorial board for Hakin9 Magazine.

Product Details



  • Paperback: 720 pages

  • Publisher: McGraw-Hill Osborne Media; 3 edition (January 6, 2011)

  • Language: English

  • ISBN-10: 0071742557

  • ISBN-13: 978-0071742559

  • Product Dimensions: 7.2 x 1.5 x 9.4 inches



Download :
Gray Hat Hacking The Ethical Hackers Handbook



Posted by at No comments:
Labels: , , ,

Saturday, 9 March 2013

Professional Penetration Testing Ebook



Save yourself some money! This complete classroom-in-a-book on penetration testing provides material that can cost upwards of $1,000 for a fraction of the price!

Thomas Wilhelm has delivered pen testing training to countless security professionals and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

Penetration testing is the act of testing a network to find security vulnerabilities before they are exploited by phishers, digital piracy groups, and countless other organized or individual malicious hackers. The material presented will be useful to beginners all the way through to advanced practitioners.

  • Find out how to turn hacking and pen testing skills into a professional career

  • Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers

  • Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business

  • Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester

  • Learn through video - the DVD includes instructional videos that replicate classroom instruction and live, real-world vulnerability simulations of complete servers with known and unknown vulnerabilities to practice hacking skills in a controlled lab environment

Download :
Professional Penetration Testing Book



Posted by at No comments:
Labels:

Friday, 8 March 2013

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Book Description:

The internet security field has grown by leaps and bounds over the last decade. Everyday more people around the globe gain access to the internet and not all of them with good intentions. The need for penetration testers has grown now that the security industryhas had time to mature. Simply running a vulnerability scanner is a thing of the past and is no longer an effective method of determining a business’s true security posture. Learn effective penetration testing skills so that you can effectively meet and manage the rapidly changing security needs of your company. Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.
The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You’ll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution. Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more.



What you will learn from this book


  • Detailed step-by-step guidance on managing testing results and writing clearly organized and effective penetration testing reports

  • Properly scope your penetration test to avoid catastrophe

  • Understand in detail how the testing process works from start to finish, not just how to use specific tools

  • Use advanced techniques to bypass security controls and remain hidden while testing

  • Create a segmented virtual network with several targets, IDS and firewall

  • Generate testing reports and statistics

  • Advanced web application testing and exploitation

  • Perform an efficient, organized, and effective penetration test from start to finish


Approach:

An intensive hands-on guide to perform professional penetration testing for highly-secured environments from start to finish. You will learn to provide penetration testing services to clients with mature security infrastructure. Understand how to perform each stage of the penetration test by gaining hands-on experience in performing attacks that mimic those seen in the wild. In the end, take the challenge and perform a virtual penetration test against a fictional corporation.



Who this book is for:

If you are looking for guidance and detailed instructions on how to perform a penetration test from start to finish, are looking to build out your own penetration testing lab, or are looking to improve on your existing penetration testing skills, this book is for you. Although the books attempts to accommodate those that are still new to the penetration testing field, experienced testers should be able to gain knowledge and hands-on experience as well. The book does assume that you have some experience in web application testing and as such the chapter regarding this subject may require you to understand the basic concepts of web security. The reader should also be familiar with basic IT concepts, and commonly used protocols such as TCP/IP.





Book Details

Paperback: 414 pages

Publisher: Packt Publishing (May 2012)

Language: English

ISBN-10: 1849517746 ISBN-13: 978-1849517744

Download :
Advanced Penetration Testing for Highly-Secured Environments
Posted by at No comments:
Labels: ,
Subscribe to: Comments (Atom)