The big lie of computer security is that security improves by imposing complex passwords on users. In real life, people write down anything they can't remember. Security is increased by designing for the way humans actually behave. -Jakob Nielsen
A flash hacking alternative to variable editing and cheat engine, you can change values saved by the game in a “.sol” file. You will find the .SOL files in
x:\Documents and Settings\[account-name]\Application Data\Macromedia\Flash Player\#SharedObjects\
followed by the name of the website. If the game was running from your computer, the .SOL will be in the “localhost” folder. Replace ‘x’ with your main drive, the one with your OS, and the account-name with the currently logged in user.
Advanced Process Termination (APT) is a tiny but powerful utility that provides 18 unique process attacks:
- 2 kernel-mode termination techniques
- 12 user-mode process termination techniques
- 2 suspension techniques
- 2 fatal crash techniques
This arsenal makes APT ideal for testing the resistance of software to termination attacks, testing the configuration of your own security programs, as well as allowing you to terminate stubborn software that simply refuses to die.
APT also has internal anti-hook capabilities which transparently enables it to bypass most user-mode hooks which may otherwise try to interfere with termination techniques.
is a freeware
toolbar for Internet
Explorer 6, 7.0 and
Internet Explorer 8
which searches over
100 different search
Answers.com, etc. It
has an interface
intended to be more
Google's and Yahoo's
toolbars. It runs on
Windows 98 and
Windows XP and
version 6, 7 or 8
must be installed.
Advanced SystemCare Free (formerly Advanced WindowsCare Personal) has a one-click approach to help protect, repair, clean, and optimize your PC. With over 35 MILLION downloads since 2006, this fantastic, award-winning free registry cleaner and system optimizer is a "must-have" tool to speed up your slow computer. 100% safe with no adware, spyware, or viruses; a PC maintenance program that’s incredibly easy to use.
aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact, aircrack is a set of tools for auditing wireless networks.
With AnalyzeIt you can inspect any file to find extra information about it. You can discover the real file type [based on the content of the file] and fully detailed extension information: Program and/or extension function, File classification, MIME type, specific characters, Program ID, General notes and the company [+link] of the software used to create that type of file
There is a special section for information about analyzed executables: ImageBase, EntryPoint, CheckSum, Import and Export table, PE Directories [Resource, Exceptions, Reloc, Debug Datas, Description, Global PTR, TLS table, Local Config, Bound Import] and PE Sections with specific info: Name, RVA-Relative Virtual Address, Virtual Size, RAW Offset-File offset, RAW Size, Characteristics.
It can also detect what packer/cryptor/compressor/compiler processed the executable.
There is also a function to detect the OEP [Original Entry Point]
AutoHotkey is a free, open-source utility for Windows.
* Automate almost anything by sending keystrokes and mouse clicks.
* Create hotkeys for keyboard, joystick, and mouse. Virtually any key, button, or combination can become a hotkey.
* Expand abbreviations as you type them. For example, typing \"btw\" can automatically produce \"by the way\".
* Create custom data-entry forms, user interfaces, and menu bars.
* Remap keys and buttons on your keyboard, joystick, and mouse.
* Convert any script into an EXE file that can be run on computers that don\'t have AutoHotkey installed.
A VERY useful automation program. I've used it for all of the scripts I have ever made and I would like to see it put on the list. The program even has a very helpful forum to learn how to use the program effectively.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.
Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.
Colasoft Packet Builder enables creating custom network packets; users can use this tool to check their network protection against attacks and intruders. Colasoft Packet Builder includes a very powerful editing feature. Besides common HEX editing raw data, it features a Decoding Editor allowing users to edit specific protocol field values much easier.
Users are also able to edit decoding information in two editors - Decode Editor and Hex Editor. Users can select one from the provided templates Ethernet Packet, ARP Packet, IP Packet, TCP Packet and UDP Packet, and change the parameters in the decoder editor, hexadecimal editor or ASCII editor to create a packet. Any changes will be immediately displayed in the other two windows. In addition to building packets, Colasoft Packet Builder also supports saving packets to packet files and sending packets to network.
With Dexpot you may
virtual desktops for
for graphic design,
for example, and
virtual desktops in
order to keep track
of your open
Elite Keylogger is a very powerful yet easy-to-use covert surveillance tool. Elite Keylogger offers several main types of logs available, such as keystrokes log, screenshots log, Internet activity log, applications history, clipboard log, E-mail history, passwords log and printer monitor. You can configure these logs in a way most preferable for you.
HIEW stands for "Hackers' View".
This is an awesome Hex-Editor with many useful functions like assembly code highlighting, detailed info on executables, hex- and assembly editing, string- or code-search, etc.
A "must have" for those, who are interested in applications.
The Hex Workshop Hex Editor by BreakPoint Software is a complete set of hexadecimal development tools for Microsoft Windows 2000 and later. Hex Workshop combines advanced binary editing and data interpretation with the ease and flexibility of a modern word processor. With the Hex Workshop, you can edit, cut, copy, paste, insert, fill and delete binary data. You can also work with data in its native structure and data types using our integrated structure view and smart bookmarks. Data editing is quick and easy with our extensive features that allow you to: jump to file or sector location, find or replace data, perform arithmetic and logical operations, binary compare files, generate checksums and digests, view character distributions and export data to RTF or HTML for publishing.
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
L0phtCrack 6 is packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Yet it is still the easiest to use password auditing and recovery software available.
MSSQL Injection Helper for processing and dumping MS-SQL injections. You can make data extraction using several methods which increases your chances.
Program works without any installation, just extract in any place on your disk and it's ready.
Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you\'ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you\'ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
Process Hacker is a tool for viewing and manipulating processes and their threads, modules, memory and handles, and viewing and editing services. It can also read/write process memory and search through process memory using literal bytes or regular expressions.
It can view the command line and current directory of a process, view/edit its DEP status, and even DRM-protect and unprotect it.
It can run programs as another user or as SYSTEM, LOCAL SERVICE or NETWORK SERVICE if you have administator privileges. This is achieved using a helper program which is installed as a system service (similar to PsExec).
It loads symbols from various libraries automatically and uses them when displaying the call stacks of threads (just like Process Explorer). It also has a disassembler derived from OllyDbg's which can be accessed when viewing PE files' exports.
It can bypass most kernel-mode hooks and user-mode hooks on ZwOpenProcess, ZwOpenThread and ZwOpenProcessToken.
RocketDock is an
Skunkie of Punk
RocketDock is able
to show live updates
of minimized windows
as in Mac OS X, and
in Windows Vista it
can show live
thumbnail updates on
the taskbar. It is
Launcher, and Y'z
S-Tools is a stenography tool that hides files in BMP, GIF, and WAV files. You open up a copy of S-Tools and drag pictures and sounds across to it. To hide files you just drag them over open sound/picture windows. You can hide multiple files in one sound/picture and your data is compressed before being encrypted then hidden. Multi-threaded operation means that you can have many hide/reveal operations going simultaneously without fear of them interfering with you or holding up your work. You can even close the original picture/sound with no ill effects to ongoing threads. Encryption services come courtesy of "cryptlib" by Peter Gutmann (and others).
By Stash &
liu. The Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks. SearchDiggity is a GUI tool for both Google and Bing to help make quring faster easier and more automated. be sure to download the dictionary at the bottom of the page as well for more benefits.
Another editing program that supports just about any language you can think of and more that you can't. What I like best about it is that you can have up to 4 different tabs of code open in the same window at the same time. It means that you can reference other programs quickly and without opening a new window.
The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.
Turbo is a software "Turbo Switch". You may set the effective CPU speed anywhere from 1 to 100% of full speed. All programs will execute at the reduced CPU speed set by Turbo. Works with Win/9x and Win/NT. Freeware.
Unlocker is a tool
that can trace and
"unlock" the locking
used in system
files. However, its
main use is to
processes that are
using a certain
file, or force the
processes to stop
using the file, so
the user can safely
delete, rename or
move the file. It is
written by the
Win32dasm is a well built, Well engineered disassembler. What it does is it breaks down and translates the computer programs assembly language in to a form the user can understand (barely) enough to find what you need so you can change it later with another program(HackMan,Hex Workshop, etc) I think Win32dasm is one of the best programs out there its powerful, easy to use, fast, and its reliable. It's one of the only programs I will use.
WinDirStat (WDS) is a disk usage statistics viewer and cleanup tool for Windows. It shows disk, file and directory sizes in a treelist as well as graphically in a treemap, much like KDirStat or SequoiaView.
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
The webDOMinator is a bot that allows for automation of all actions online through super-scripting. Build up online profiles, start massive PM campaigns, automatic user lists, commenting, and utilizes super-scripts to get around most security on a web site