Section: .. / groups / thc /
| /// File Name: |
hydra-2.5.tar.gz |
Description:
|
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
| | Author: | van Hauser | | Homepage: | http://www.thc.org | | Changes: | Added parallel scan support and included smbnt and cisco AAA support. | | File Size: | 48925 | | Last Modified: | Dec 2 23:03:21 2003 |
| MD5 Checksum: | c1836c8d1194cb99a5ccf7cb63dc657a |
|
| /// File Name: |
amap-4.5.tar.gz |
Description:
|
Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | Added portability fixes for OpenBSD and Cygwin. | | File Size: | 253075 | | Last Modified: | Nov 20 19:05:28 2003 |
| MD5 Checksum: | 3c58c31a0e8e264baa06f13e068d3f91 |
|
| /// File Name: |
secure_delete-3.1.tar.gz |
Description:
|
THC-Secure Deletion v3.1 for UNIX is the latest release of van Hauser's suite of secure deletion and overwriting utilities. Included are 'srm' - secure deletion of files; 'sfill' - secure overwriting of the unused diskspace on the harddisk; 'sswap' - for secure overwriting and cleaning of the swap filesystem; 'smem' - for secure overwriting of unused memory (RAM). Numerous command line options, detailed descriptions of theory and methods, and even comparisons to other popular wipe programs.
| | Author: | van Hauser | | Homepage: | http://www.thc.org/ | | Changes: | Linux LKM for secure file deletion included. Bug fixes. | | File Size: | 63597 | | Last Modified: | Nov 20 19:02:32 2003 |
| MD5 Checksum: | c210dd306c48164e6a366d5b20c757c9 |
|
| /// File Name: |
thc_imap_bruter.c |
Description:
|
IMAP password brute force tool. Can go up to 500 passwords / second on a remote host with 1000 connections in parallel if you like. It's fast and efficient.
| | Author: | Skyper | | Homepage: | http://www.thc.org | | File Size: | 7043 | | Last Modified: | Nov 8 20:15:24 2003 |
| MD5 Checksum: | ee7a531dda235cc708da677338b4dc44 |
|
| /// File Name: |
THC-CUPASS10.zip |
Description:
|
CUPASS uses techniques to guess the password of ANY user on a WindowsNT/W2K server or domain. CUPASS uses a flaw in the implementation of Microsofts NetUserChangePassword API to guess/change the users password. This release is the proof of concept code for the THC paper "CUPASS and the NetUserChangePassword Problem"
| | Author: | Doc Holiday | | Homepage: | http://www.TheHackersChoice.com | | File Size: | 34693 | | Last Modified: | Oct 30 00:21:33 2003 |
| MD5 Checksum: | a1c29ae4da5fa3fe0526b5e31e7f8e80 |
|
| /// File Name: |
thc-ipf10.zip |
Description:
|
IPF is the first command line tool for configuring the packet filter of Windows NT4 and Window 2000 systems. It replaces the annoying GUI alternatives and can be used as an elegant entry for writing advanced firewall scripts under the Windows system.
| | Author: | Doc Holiday, van Hauser | | Homepage: | http://www.thc.org | | File Size: | 20913 | | Last Modified: | Oct 30 00:19:53 2003 |
| MD5 Checksum: | 5dd95bfa08a6dfa1ee388733d336fbb1 |
|
| /// File Name: |
secure_delete-3.0.tar.gz |
Description:
|
THC-Secure Deletion v3.0 for UNIX is the latest release of van Hauser's suite of secure deletion and overwriting utilities. Included are 'srm' - secure deletion of files; 'sfill' - secure overwriting of the unused diskspace on the harddisk; 'sswap' - for secure overwriting and cleaning of the swap filesystem; 'smem' - for secure overwriting of unused memory (RAM). Numerous command line options, detailed descriptions of theory and methods, and even comparisons to other popular wipe programs.
| | Author: | van Hauser | | Homepage: | http://www.thc.org/ | | Changes: | Bug fixes. | | File Size: | 63126 | | Last Modified: | Oct 30 00:17:02 2003 |
| MD5 Checksum: | bbb4640652ca74e97d9484101ae0cea4 |
|
| /// File Name: |
thcrut-1.2.5.tar.gz |
Description:
|
THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.
| | Author: | Anonymous | | Homepage: | http://www.thc.org | | Changes: | Fixed a bug which skipped the first IP of the range. | | File Size: | 660673 | | Last Modified: | Oct 30 00:14:53 2003 |
| MD5 Checksum: | 190f08ce6839aecb0fa0ce8d5ddd09ee |
|
| /// File Name: |
hydra-2.4.tar.gz |
Description:
|
THC-Hydra is a high quality parallized login hacker for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.
| | Author: | van Hauser | | Homepage: | http://www.thc.org | | Changes: | Added mysql module, fixed VNC module, and a new ./configure script for better Solaris and *BSD support. | | File Size: | 39900 | | Last Modified: | Oct 30 00:11:37 2003 |
| MD5 Checksum: | a680f7f386b25a57458a1abd41adae5b |
|
| /// File Name: |
ffp-0.0.8.tar.gz |
Description:
|
THC-FuzzyFingerprint is a tool that generates fuzzy fingerprints as described in the corresponding paper, available here.. It generates very similar-looking fingerprints, an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints. Due to the fact that fuzzy fingerprinting doesn't try to collide the fingerprints, good results can be achieved in reasonable time.
| | Author: | Plasmoid | | Homepage: | http://www.thc.org | | File Size: | 200372 | | Last Modified: | Oct 30 00:07:08 2003 |
| MD5 Checksum: | ddcb6acaaf579c4219268812e49b285a |
|
| /// File Name: |
amap-4.3.tar.gz |
Description:
|
Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | More identifications added and various bug fixes. | | File Size: | 252744 | | Last Modified: | Sep 21 17:14:34 2003 |
| MD5 Checksum: | 36e59ff9dfc60effde6dab6235d2029f |
|
| /// File Name: |
amap-4.2.tar.gz |
Description:
|
Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | Various bug fixes, added 28 new response ids and triggers, and more. | | File Size: | 252003 | | Last Modified: | Aug 10 17:43:12 2003 |
| MD5 Checksum: | ec781fe4ed97d8d3fcccf64951aefa3e |
|
| /// File Name: |
grenzgaenger-alpha.tar.gz |
Description:
|
Grenzgaenger is a SOCKS-like hacker tool for tunneling nmap, netcat and exploits transparently through systems into protected networks.
| | Homepage: | http://www.thc.org/ | | File Size: | 14888 | | Last Modified: | Aug 10 17:40:02 2003 |
| MD5 Checksum: | feaef66318c61bb0910f5124a1b27757 |
|
| /// File Name: |
vmap-0.6.tar.gz |
Description:
|
Version mapper 0.5.2 is a utility for fingerprinting services by checking features and replies of bogus commands being fed to the daemon. Currently supports FTP, SMTP, POP3, IMAP, and HTTP.
| | Author: | Whyking, van Hauser | | Homepage: | http://www.thc.org | | File Size: | 37689 | | Last Modified: | Aug 10 17:36:53 2003 |
| MD5 Checksum: | 0bacf8350c52a2fdc37cb80beaece6c2 |
|
| /// File Name: |
amap-4.0.tar.gz |
Description:
|
Amap Version 4.0 is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | Rewritten from scratch to enhance speed and reliability. There are also new features, better documentation, and various other bug fixes. | | File Size: | 250753 | | Last Modified: | Jul 22 16:43:48 2003 |
| MD5 Checksum: | c92a0f159c1ccd34f63e932b81a5b660 |
|
| /// File Name: |
shagg-0.2.0.tar.gz |
Description:
|
THC-Shagg is an application to bruteforce check digit algorithms. It analyzes a given list of serial numbers and tries to find a matching algorithm and its setup. If such a setup is found, THC-Shagg is able to generate (extrapolate) new serial numbers, e.g. VISA and MasterCard credit card numbers, EAN numbers, IMEI, UPC or even EFT routing numbers.
| | Homepage: | http://www.thc.org/ | | File Size: | 138175 | | Last Modified: | Jul 18 19:20:42 2003 |
| MD5 Checksum: | 1825b468aaa405cc254095b81d372b05 |
|
| /// File Name: |
login_hacker-1.1.tar.gz |
Description:
|
THC Modem Login Hacker - A tool that will attempt to break into modem dialups using scripts written for minicom. Extremely configurable and a must have for any penetration test.
| | Author: | van Hauser | | Homepage: | http://www.thc.org | | File Size: | 14812 | | Last Modified: | Jun 29 16:44:54 2003 |
| MD5 Checksum: | 73d0b6398194c65e3ddd67741fe2adcd |
|
| /// File Name: |
amap-2.7.tar.gz |
Description:
|
Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | Added the ability to compile under Cygwin, Added some triggers and responses, and various bug fixes. | | File Size: | 41567 | | Last Modified: | Jun 17 00:06:07 2003 |
| MD5 Checksum: | 742448f85d6abf0897a7d0a703b66328 |
|
| /// File Name: |
amap-2.5.tar.gz |
Description:
|
Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | van Hauser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | Bug fix in the -o output and RPC scanning. | | File Size: | 40897 | | Last Modified: | May 30 23:36:49 2003 |
| MD5 Checksum: | 61ac4d3ebf00d0239927e0fc41918032 |
|
| /// File Name: |
thcrut-1.2.4g.tar.gz |
Description:
|
THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.
| | Homepage: | http://www.thc.org | | Changes: | New OS Fingerprint implementation by gathering tcp stack informations, banners, open/closed port characteristics and timing values and tosses them through a perl regular expression matrix to determine the OS with high accuracy. | | File Size: | 660639 | | Last Modified: | May 28 04:26:24 2003 |
| MD5 Checksum: | 34fce7eee288137735cc4c92e7753fcf |
|
| /// File Name: |
amap-2.1.tar.gz |
Description:
|
Amap V2.1 is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | Van Houser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | More application fingerprints, better identification, speed enhancements, amapcrap added, new features and bugfixes. | | File Size: | 34465 | | Last Modified: | May 8 17:07:56 2003 |
| MD5 Checksum: | 465f118051158b2a5c6760b39ac88436 |
|
| /// File Name: |
THCunREAL_V0.2.ZIP |
Description:
|
Updated version of the remote root exploit for Realserver 8 on several Windows platforms.
| | Author: | Johnny Cyberpunk | | Homepage: | http://www.thc.org/misc/sploits | | Changes: | New shellcode added and the code has been condensed. | | File Size: | 15460 | | Last Modified: | Apr 29 22:18:31 2003 |
| MD5 Checksum: | e6997ae88e68cb958cb34e60f1d9e429 |
|
| /// File Name: |
amap-1.2.1.tgz |
Description:
|
Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
| | Author: | Van Houser, DJ Revmoon | | Homepage: | http://www.thc.org | | Changes: | More application fingerprints, less bugs and SSL support! | | File Size: | 27314 | | Last Modified: | Dec 28 22:31:48 2002 |
| MD5 Checksum: | c84cdd211628573fc516575829629896 |
|
| /// File Name: |
hydra-2.2.tar.gz |
Description:
|
THC-Hydra is a parallel login hacker. With this tool you are able to attack several services at once (Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, VNC, ICQ, Socks5, PCNFS, Cisco and more). Includes SSL support and can be used with Nessus. Bugfix release.
| | Homepage: | http://www.thc.org | | File Size: | 37174 | | Last Modified: | Nov 23 19:42:23 2002 |
| MD5 Checksum: | 05042c1add6155ea48233df05a1e37ae |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
