In this page you’ll find links to some of the codes we release. Some are written just by us and some are written with our students.
Hope you will find them useful.
- Simple Port Fuzzer
- Random IP Addresses Generator
- Automatic Network Reconnasaince Tool
- Compact Wireless Drivers Installation
- Combina Installer
- NTLM C library for Linux
- Nmap Automatic Installation and Update
- Extreme GnuGP of up to 16,384-bit key!
Hack n’ Beer – Networking
Hack ‘n’ Beer comes with a v.2 per your request, Hacking networks and spoofing LANs, The event will be in the Rubi bar in Tel-Aviv at 14th of January, it will begin at 19:30 and will continue into the night, Reserving seats can be done through mail or phone. Same as last Hack n’ Beer – we start with a little theory and learning some new cool tricks, then you get some hands on Will be held at the Rubi Bar in Tel Aviv at Yermiyahu 7. Bring your BackTrack with you if you want and prepare you self for some challenges ....
read moreSSH Hardening
So, in this tutorial we will look at ways we can configure SSH to be more secure than it regularly is. This tutorial will not bring new stuff to the table, but rather collect other tutorials and will try to have some explanations made of the actions you are doing rather than just typing commands. We’ll see how to get your Secure Shell really Secure. SSH and Known Hosts – Built-In Hardening In your ‘.ssh’ folder you have a little file named ‘known_hosts’. This file contains a list of hosts which you have...
read morelazydorks 0.2
So, while we have Hacking Defined Experts still in session, Itzik Moshe wrote this. We think it’s cool and it has a really nice interface with shiny colours so here you go. wget http://hackingdefined.org/tools/lazydorks.txt Or you can view the source here: #!usr/bin/python # -*- coding: utf-8 -*- #LazyDorks Tool v0.2 Written by Itzik Moshe, Jan 2013 #See-Security Hacking Defined Experts 39 try: import mechanize except ImportError: print "LazyDorks require Mechanize library.\nPlease Install: 'sudo pip install mechanize'" exit()...
read moreTop Tips for Your PenTest
This is a short list with some of the top tips for penetration testers. These are not technical tips, but rather tips for a correct work methodology. These are not presented in a specific order since they are all equally important and none should be disregarded while conducting and preparing for your pen-test. Document EVERYTHING! When you get a work order, open up a new folder with the name of the company and the date. Create a spreadsheet which contains all time lines and activities. Document time of calls, when attacks and meetings...
read moreExtreme GPG Key (16,384)
So, as you most hackers love your privacy, and even if you are not a hacker, we still LOVE those big GPG keys. Only issue is that today, computers are growing stronger and stronger. In the GnuPG package, hardcoded is a limit of 4096-bit key generation. Ergo you cannot create a key bigger than 4,096-bit. So, we took the source of that nice ol’ GnuPG 1.4.12 and modified it to hard code a top limit of 16,384-bit key generation. Any program can handle the understanding of this but not generate. So, here are the instructions of getting,...
read moreAutomatic Nmap Installation
Okay, so lately we got a new Nmap version 6.25 which has better support in detecting Windows 7 services and Windows 8. For full change log at Nmap you can click here. Now, since it has not been pushed in the repository, and it can for now be updates only by SubVersion we built this for you. This will detect local Nmap version and latest Nmap version and will download the tarball, decompress it and compile it. You can get it directly via wget from here. #! /bin/bash # Moving to temporary directory to prevent junking the system cd /tmp...
read moreNTLM for Linux
So, got caught with a little project with my students. Trying to make an improved version of ‘combina’ which will also be able to output NTLM hashes and a bit more. Could not find a normal NTLM C lib in Linux, so took an old C++ script which I could not find the original writer so if someone can locate – that would be handy and nice, and changed it a bit. Now it’s in C and it should be system independent. If anyone wants to write a man page and then create an install file that would be nice. You can ‘wget’...
read moreThe Internet and Governments
Background ( preferably dont skip this part ) The internet has changed our lives. The change is not yet over nor close to being over, but from being a 56k dial up modems of large entities and IT-savvy people (politically correct word for geeks) it had spread to every 14-yo teenager’s iPhone. Internet had become a part of our basic infrastructure such as water, electricity and suer systems. In israel you can see the difference when a city like Haifa is manifesting a project which it’s intention is to make the internet accessible to...
read moreNTDS Privilege Escalation
Okay, so lets assume you just hi-jacked a machine inside a network. You don’t have time to enable the keylogger function in meterpreter since you really need to get some network credentials right now. Lucky for us, Windows stores those temporary credentials. What we do most of the times is try to get the SAM hash dump trying to crack passwords. But those are just for local users. Sure, in most pen-tests that would be good since the local admin password is usually the same on all machines, but lets assume you really need those network...
read morecombina
So, combina is a program built to generate word lists and rainbow tables very efficiently and exactly for your purpose. This program works on all Debian machines we have encountered (Ubuntu 10.04, Ubuntu 12.04, Ubuntu 12.10 all in 32bit and 64 bit) . If anyone knows of something else, please contact us. In any case, here is a little script to install it for you including the dependencies. #!/bin/bash cd /tmp mkdir wakawaka cd wakawaka wget http://hackingdefined.org/tools/combina-0.4.1_src.tar.gz tar -xvf combina-0.4.1_src.tar.gz sudo apt-get...
read more