by Efrain 'ET' Torres
Colombia 2003
et@cyberspace.org
Today was one of those PuT0s days, i forgot to pay the water bill, and (for paying the bill) the ATM machines ("A toda hora" ATH) works like a colombian public employee (they dont.): 9/10/2003
But to do something different from all the Mi3rd4 around. Here is a little new proggy still in alpha-beta stages.
Is fow winNT/2k/XP. The idea was taken from the excellent HtmlBar by Bjarke Viksoe, and the
enhancement made by Richard van den Berg. The problem was that my htmlbar stop working so i made the same
functionality as a vb6 app. No toolbar, No plugins, Just a basic app that uses directly the webbrowser
control. I added some stuff i was needing in penetration tests, that involve any web application.
and off course , as the penetration tools should be. ITS FREE. ( Why you have to buy webproxy@)?
Play with it. If you notice you can do alot with it. Brute Forcing the PIN, SQL INJECTION (Blind) scan, XSS,
dictionary attacks, CGIs scanning... etc.
Greetz to Shohn, Daniel Solis, Floren, JC.Reyes... for some ideas and beta testing.
Requirements: Internet Explorer 5 or higher
The webbrowser control is has some weirds bugs.. some please remember that. And yes please write!!!
IDEAS. BUGS. GREETS. THANKS. ETC.
UGLY PEN-TEST BROWSER v1.00000 Beta
ps/ Soon a manual :D
Another Stupid bug Fixed: 26/9/2003
SHATTER MASTER v1.4
====================
Shatter Master is a win32 program made in VB6 to develop and exploit
shatter attacks in winNT/win2k/winXP systems in an Easy way.
Shatter Master 1.4
if you need the comctl32.ocx here it is:
comctl32.ocx
English version of IDSHTTP Article avaliable: 9/9/2003
IDSHTTP page
NEW: 13/8/2003
I have published the entire document, no problem.
Go to my thesis page IMMUNOLOGIC SYSTEM FOR INTRUSION DETECTION AT HTTP PROTOCOL LEVEL
Go to WMAP page WMAP 1.4 (A less stupid web scanner)