Showing posts with label useful website. Show all posts
Showing posts with label useful website. Show all posts
Friday 10 June 2011
Online Alternative To Matlab
Today, I visited a website which provided the service of working on Matlab online in a website without any need of installing Matlab software. Although not comprehensive as the software itself, this web version can be quite useful in some cases.
This site offers as of now more than 500 Matlab R2009A commands. Only text commands are supported for now and they are working for graphical supports such as plots.
www.matlab-online.com
Thanks to Brisha for pointing this useful site. :)
Read more...
This site offers as of now more than 500 Matlab R2009A commands. Only text commands are supported for now and they are working for graphical supports such as plots.
www.matlab-online.com
Thanks to Brisha for pointing this useful site. :)
Read more...
Bookmark this post: | 
|
Thursday 9 June 2011
Advanced HTTP Fingerprinting With httprecon
One of the first steps in web server hacking involves fingerprinting to gather information regarding the web server and various mods applied to it. Fingerprinting the web server manually can be cumbersome so some good folks have developed an advanced open-source fingerprinting tool known as httprecon
*Description from official webpage:
The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.
Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easyness and efficiency of this kind of enumeration. Traditional approaches as like banner-grabbing, status code enumeration and header ordering analysis are used. However, many other analysis techniques were introduced to increase the possibilities of accurate web server fingerprinting.
Check the Page of httprecon project
Read more...
*Description from official webpage:
The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.
Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easyness and efficiency of this kind of enumeration. Traditional approaches as like banner-grabbing, status code enumeration and header ordering analysis are used. However, many other analysis techniques were introduced to increase the possibilities of accurate web server fingerprinting.
Check the Page of httprecon project
Read more...
Bookmark this post: |
|
Sunday 29 May 2011
Download Scribd.com PDFs Without Any Account
Earlier today, I had to download a PDF document from scribd.com but I didn't have any account in scribd.com and I have coded a script that would help me download the PDFs from scribd.com without any account.
To access the service, visit this link.
It will ask you for the URL of the PDF document. Just copy and paste the URL from address bar when you are viewing the PDF in scribd.com.
I hope this becomes useful for you sometimes. :)
Read more...
To access the service, visit this link.
It will ask you for the URL of the PDF document. Just copy and paste the URL from address bar when you are viewing the PDF in scribd.com.
I hope this becomes useful for you sometimes. :)
Note: Many people emailed me that the tool is not working. In fact, scribd has changed the way the documents are downloaded. Once I find the new bypassing method, I'll redo the script.
Read more...
Bookmark this post: |
|
Saturday 28 May 2011
Etherchange : Command Line Tool To Change MAC Address
I've already discussed on how to change mac adress of your ethernet card under windows as well as linux. One more such tool which is command line tool, is etherchange.
EtherChange can change the Ethernet address of the network adapters in Windows.
Usage instructions
Download the exe file and run it from a Command Prompt. It will give you the instructions you need. EtherChange only works if your account is in the Administrators group.
Download link: EtherChange
Read more...
EtherChange can change the Ethernet address of the network adapters in Windows.
Usage instructions
Download the exe file and run it from a Command Prompt. It will give you the instructions you need. EtherChange only works if your account is in the Administrators group.
Download link: EtherChange
Read more...
Bookmark this post: |
|
Friday 27 May 2011
Download Books From Google Books Using A GreaseMonkey Script
Do you want to download the undownloadable books from google books? If yes, here's the solution for you.
Google Book Downloader is a greasemonkey script that works in firefox with greasemonkey addon. Greasemonkey is a very useful firefox addon used to manipulate the webpage with the javascript.
For more details on the script and how to use it, refer to the official site.
The script is available at userscripts.org collection.
I hope this is useful.
Read more...
Google Book Downloader is a greasemonkey script that works in firefox with greasemonkey addon. Greasemonkey is a very useful firefox addon used to manipulate the webpage with the javascript.
For more details on the script and how to use it, refer to the official site.
The script is available at userscripts.org collection.
I hope this is useful.
Read more...
Bookmark this post: |
|
Tuesday 10 May 2011
Learn Web Hacking With WackoPicko
WackoPicko is a website that contains known vulnerabilities. It can prove as a very efficient way to master web hacking skills. This project is similar to Damn Vulnerable Web Application and is a collection of common web vulnerabilities.
For more information and downloads, you can check the WackoPicko github page.
Vulnerabilities
Reflected XSS
http://localhost/pictures/search.php?query=blah
The query parameter is vulnerable.
Stored XSS
http://localhost/guestbook.php
The comment field is vulnerable.
SessionID vulnerability
http://localhost/admin/login.php
The session cookie value is admin_session, which is an auto-incrementing value.
Stored SQL Injection
http://localhost/users/register.php -> http://localhost/users/similar.php
The first name field of the register users form contains a stored SQL injection which is then used unsanitized on the similar users page.
Reflected SQL Injection
http://localhost/users/login.php
The username field is vulnerable.
Directory Traversal
http://localhost/pictures/upload.php
The tag field has a directory traversal vulnerability enabling a malicious users to overwrite any file the web server uses has access to.
Multi-Step Stored XSS
http://localhost/pictures/view.php?picid=3
The comment field is vulnerable to XSS, however must go through a preview form.
Forceful Browsing
http://localhost/pictures/highquality.php?picid=3&key=highquality
The user doesn't have to purchase the picture to see the high quality version.
Command-line Injection
http://localhost/passcheck.php
The password field is vulnerable to a command line injections.
File Inclusion
http://localhost/admin/index.php?page=login
The page is vulnerable to a file inclusion vulnerability, however you have to include at the end.
Parameter Manipulation
http://localhost/users/sample.php?userid=1
The userid parameter can be manipulated to see any user's page when you need to be logged in otherwise.
Reflected XSS Behind JavaScript
http://localhost/piccheck.php
The name parameter is vulnerable.
Logic Flaw
http://localhost/cart/review.php
A coupon can be applied multiple times reducing the price of an order to zero. The coupon in the initial data is SUPERYOU21.
Reflected XSS Behind a Flash Form
http://localhost/submitname.php
The value parameter is vulnerable.
Weak username/password
https://localhost/admin/login.php
There is a default username/password combination of admin/admin.
Read more...
For more information and downloads, you can check the WackoPicko github page.
Vulnerabilities
Reflected XSS
http://localhost/pictures/search.php?query=blah
The query parameter is vulnerable.
Stored XSS
http://localhost/guestbook.php
The comment field is vulnerable.
SessionID vulnerability
http://localhost/admin/login.php
The session cookie value is admin_session, which is an auto-incrementing value.
Stored SQL Injection
http://localhost/users/register.php -> http://localhost/users/similar.php
The first name field of the register users form contains a stored SQL injection which is then used unsanitized on the similar users page.
Reflected SQL Injection
http://localhost/users/login.php
The username field is vulnerable.
Directory Traversal
http://localhost/pictures/upload.php
The tag field has a directory traversal vulnerability enabling a malicious users to overwrite any file the web server uses has access to.
Multi-Step Stored XSS
http://localhost/pictures/view.php?picid=3
The comment field is vulnerable to XSS, however must go through a preview form.
Forceful Browsing
http://localhost/pictures/highquality.php?picid=3&key=highquality
The user doesn't have to purchase the picture to see the high quality version.
Command-line Injection
http://localhost/passcheck.php
The password field is vulnerable to a command line injections.
File Inclusion
http://localhost/admin/index.php?page=login
The page is vulnerable to a file inclusion vulnerability, however you have to include at the end.
Parameter Manipulation
http://localhost/users/sample.php?userid=1
The userid parameter can be manipulated to see any user's page when you need to be logged in otherwise.
Reflected XSS Behind JavaScript
http://localhost/piccheck.php
The name parameter is vulnerable.
Logic Flaw
http://localhost/cart/review.php
A coupon can be applied multiple times reducing the price of an order to zero. The coupon in the initial data is SUPERYOU21.
Reflected XSS Behind a Flash Form
http://localhost/submitname.php
The value parameter is vulnerable.
Weak username/password
https://localhost/admin/login.php
There is a default username/password combination of admin/admin.
Read more...
Bookmark this post: |
|
Saturday 7 May 2011
HTML Parser For Blogs
I've written a small code snippet that will work as HTML parser for use in your blogs. It can be useful to put the google adsenses and to post source codes in your blog. Obviously it might have other usages but I am using it for posting source codes.
The parser can be accessed from the URL below:
www.nepali.netau.net/parser
Thanks.
Read more...
The parser can be accessed from the URL below:
www.nepali.netau.net/parser
Thanks.
Read more...
Bookmark this post: |
|
Saturday 16 April 2011
100s of Ebooks For Download [Link]
I was just google searching when I found this site with 100s of ebooks under different categories and I thought to share the link over here.
Link: http://www.sudancs.com/Books/
Copy the above link and paste in your address bar. This link consists of 100s of ebooks for direct download under following different categories:
I hope this is useful. Thanks. :)
Read more...
Link: http://www.sudancs.com/Books/
Copy the above link and paste in your address bar. This link consists of 100s of ebooks for direct download under following different categories:
Algorithms & Data Structure/
Artificial Intelligence/
Compilers/
Computer Architecture/
Computer Forensics/
Computer Graphics/
Cryptography/
Database/
Graphic @ Dezing/
Hacker & Cracker/
Hardware/
Image Processing/
Mathematics @ Physics/
NetWork @ Wireless/
Operating System/
Others/
Programming language/
Robotics/
Security/
Simulation & Modeling/
Software @ Megazne/
Software Engineering & OOP/
Steganography/
Artificial Intelligence/
Compilers/
Computer Architecture/
Computer Forensics/
Computer Graphics/
Cryptography/
Database/
Graphic @ Dezing/
Hacker & Cracker/
Hardware/
Image Processing/
Mathematics @ Physics/
NetWork @ Wireless/
Operating System/
Others/
Programming language/
Robotics/
Security/
Simulation & Modeling/
Software @ Megazne/
Software Engineering & OOP/
Steganography/
I hope this is useful. Thanks. :)
Read more...
Bookmark this post: |
|
Subscribe to:
Posts (Atom)