What are the Best Tools for Virus Removal

As a network administrator, helpdesk tech, or other computer professional, you don't remove that many viruses. Most company networks are secure enough that viruses are not really an issue. The issue is when friends, family and people from work get viruses in their home computers. There are so many request for virus removal that it is easy to be desensitized. I am as guilty as anyone when someone asks for help and I tell them they should take their computer to the Geek Squad, or Nerd Herd. There are literary thousands of viruses, and unless you are a professional virus expert it is impossible to keep up with all the removals. So, listed below are some popular virus removal tools and programs.

Some viruses are so specialized that you must first discover the virus you have before you can remove it. There are many no-cost online virus checkers. Listed here are but a few to help isolated the infection:  {.......}

Read more...

Get a Free Flash Application Security Scanner - SWFScan

HP SWFScan is a free tool developed by HP Web Security Research Group, which will automatically find security vulnerabilities in applications built on the Flash platform

HP is offering SWFScan because:

• Their research shows that developers and increasingly implementing applications built on the Adobe Flash platform without the required security expertise.
• As a result, they are seeing a proliferation of insecure applications being deployed on the web.
• A vulnerable application built on the Flash platform widens your website’s attack surface creating more opportunity for malicious hackers.

How SWFScan works and what vulnerabilities it finds:

• Decompiles applications built on the Adobe Flash platform to extract the ActionScript code and statically analyzes it to identify security issues such as information disclosure.
• Identifies and reports insecure programming and deployment practices and suggests solutions.                      {.......}
  
  
  

Read more...

How to Secure Website Using Web Security Testing Framework

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.
Key Features

1. JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading browsers.
2. Multiple Environments – The core technology can run in normal browsers, xulrunner, xpcshell (command line), inside Java or as part of a custom V8 (Chrome’s JavaScript Engine) build. The core is written with extensibility in mind so that more environments can be supported without changing even a single line of code.
3. Multi-platform – The tool is available and successfully runs on Windows, Mac OS, Linux and other operating systems.
4. Automatic Updates – Every single piece of the tool is subjected to automatic updates. This means that newer and more advanced versions of the tool can be shipped to your front door without you lifting your finger. This however is completely optional. The automatic update can be turned off if needed.                     {.......}
   
   

Read more...

A Brief Descriptoin about Scapy

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

What makes Scapy different from most other networking tools
First, with most other tools, you won’t build someting the author did not imagine. These tools have been built for a specific goal and can’t deviate much from it. For example, an ARP cache poisoning program won’t let you use double 802.1q encapsulation. Or try to find a program that can send, say, an ICMP packet with padding (I said padding, not payload, see?). In fact, each time you have a new need, you have to build a new tool.             {......}

Read more...

How to steal Cookie using Surf Jack

A tool which allows one to hijack HTTP connections to steal cookies – even ones on HTTPS sites! Works on both Wifi (monitor mode) and Ethernet.

Features:

• Does Wireless injection when the NIC is in monitor mode
• Supports Ethernet
• Support for WEP (when the NIC is in monitor mode)

Known issues:

• Sometimes the victim is not redirected correctly (particularly seen when targeting Gmail)
• Cannot stop the tool via a simple Control^C. This is a problem with the proxy

Requires:

• Python 2.4
• Scapy

You can download Surf Jack here:

surfjack-0.2b.zip

Or read more here.

Read more...

Hacking Tool ! Botnet

Ever wonder how hackers are able to do all the stuff they do?  Many expert hackers do not just log on to systems using manual processes.  They get help from robots.  Yes, that’s right – robots.  Not your typical idea of a robot though but something that is called as such because they work autonomously and automatically.

Botnet, also known as robotic network,  is a group of computers that run the same computer robotic application controlled or manipulated by human operators.  They are also called as botmasters for the purpose of doing co-related tasks. The system is organized in a simple hierarchical structure comprised of many computers, also called as drones or zombies, and a command center that controls all of the drones or zombies into action. Botnets can be large (composed of ten to twenty thousand drones) or small (composed of five hundred to a thousand drones).  It really depends on the sophistication and complexity of its use.

Botnets are very good tools in the hacking world because of their ability to gain other computers that could be used for any purpose. If you are familiar with the security vulnerabilities of a network, its workstations and servers, you can wrest control all of its computers in a matter of days, hours or even minutes with the aid of a very sophisticated botnet application.  Once control is obtained, the task can be done remotely or autonomously.

Read more...