dSploit APK Download – Hacking & Security Toolkit For Android


dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities. It aims to offer to IT security experts the most complete and advanced professional toolkit to perform network security assessments on a mobile device.

dSploit APK Download - Hacking & Security Toolkit For Android


Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many TCP protocols, perform man in the middle (MiTM) attacks such as password sniffing (with common protocols dissection), real-time traffic manipulation and more.

Features from dSploit APK Download Hacking Toolkit for Android

Features available on dSploit to hack using an Android phone:

  • WiFi Cracking – The WiFi scanner will show in green access points with known default key generation algorithms, clicking on them allows you to easily crack the key
  • RouterPWN – Launch the http://routerpwn.com/ service to pwn your router.
  • Trace – Perform a traceroute on the target.
  • Port Scanner – A syn port scanner to find quickly open ports on a single target.
  • Inspector – Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
  • Vulnerability Finder – Search for known vulnerabilities for target running services upon the National Vulnerability Database.
  • Login Cracker – A very fast network logon cracker which supports many different services.
  • Packet Forger – Craft and send a custom TCP or UDP packet to the target, such as Wake On LAN packets.
  • MITM – A set of Man-in-the-Middle (MitM) tools to command & conquer the whole network.
  • Simple Sniff – Redirect target’s traffic through this device and show some stats while dumping it to a pcap file.
  • Password Sniffer – Sniff passwords of many protocols such as HTTP, FTP, IMAP, IMAPS, IRC, MSN, etc from the target.
  • Session Hijacker – Listen for cookies on the network and hijack sessions.
  • Kill Connections – Kills connections preventing the target to reach any website or server.
  • Redirect – Redirect all the HTTP traffic to another address.
  • Replace Images – Replace all images on webpages with the specified one.
  • Replace Videos – Replace all youtube videos on webpages with the specified one.
  • Script Injection – Inject a javascript in every visited webpage.
  • Custom Filter – Replace custom text on webpages with the specified one.

Requirements for dSploit APK Download To Work

For dSploit to work correctly you need:

– An ARM CPU
– Gingerbread Android (at least Android 2.3)
– Root
– A full install of BusyBox (every utility, not a partial install)

You can download dSploit here:

Source: dsploit-master.zip
APK: dsploit_1.0.31b.zip

Password for the APK .zip file is darknet123.

Or read more here.


Topic: Hacking Tools

Scallion – GPU Based Onion Hash Generator


Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor’s hidden services) using OpenCL.

Scallion - GPU Based Onion Hash Generator


Scallion runs on Mono (tested in Arch Linux) and .NET 3.5+ (tested on Windows 7 and Server 2008)

Scallion was used to find collisions for every 32bit key id in the Web of Trust’s strong set demonstrating how insecure 32bit key ids are.

At a high level Scallion works as follows:

  1. Generate RSA key using OpenSSL on the CPU
  2. Send the key to the GPU
  3. Increase the key’s public exponent
  4. Hash the key
  5. If the hashed key is not a partial collision go to step 3
  6. If the key does not pass the sanity checks recommended by PKCS #1 v2.1 (checked on the CPU) go to step 3
  7. Brand new key with partial collision!

The basic algorithm is described above. Speed/performance is the result of massive parallelization, both on the GPU and the CPU.

Dependencies for Onion Hash Generator

To run Scallion successfully you need:

  • OpenCL and relevant drivers installed and configured. Refer to your distribution’s documentation.
  • OpenSSL. For Windows, the prebuilt x86 DLLs are included
  • On windows only, VC++ Redistributable 2008

Scallion runs on Mono (tested in Arch Linux) and .NET 3.5+ (tested on Windows 7 and Server 2008).

Scallion Usage Onion Hash Generator

You can download Scallion here:

scallion-gpg.zip

Or read more here.


Topic: Cryptography

WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords


WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine. This tool will help you in a Wifi penetration testing and could also be useful when performing red team assessments or internal infrastructure engagements.

WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords


Each option in the tool generates the “.txt” file as an output, if you run the tool multiple times, the output gets appended to the previous results.

Features of WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords

Option 1:Shows the wireless networks available to the system. If the interface name is given, only the networks on the given interface will be listed. Otherwise, all networks visible to the system will be listed.

Option 2: Shows a list of wireless profiles configured on the system.

Option 3: Shows the allowed and blocked the wireless network list.

Option 4: Shows a list of all the wireless LAN interfaces on the system.

Option 5: Generates a detailed report about each wireless access point profile on the system. Group Policy Profiles are read-only. User Profiles are readable and writeable, and the preference order can be changed.

Option 6: Dumps the cleartext passwords of every wireless profile on the system. Make sure to generate the profile file (by selecting option 2) before running this option. Always run this as an administrator user to see the cleartext password. User needs to provide the individual wireless name by reading the profile names (option 7).

Option 7: It opens the list of wireless profiles on the system using notepad.

Option 8: It saves WLAN profiles to XML files.

Option 9: Exit gracefully.

You can download WiFi-Dumper here:

Wifi-Dumper-master.zip

Or read more here.


Topic: Hacking Tools

truffleHog – Search Git for High Entropy Strings with Commit History


truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.

truffleHog - Search Git for High Entropy Strings with Commit History


truffleHog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks have been added, and the ability to surpress entropy checking has also been added.

or

truffleHog will go through the entire commit history of each branch, and check each diff from each commit, and check for secrets. This is both by regex and by entropy. For entropy checks, it will evaluate the shannon entropy for both the base64 charset and hexidecimal charset for every blob of text greater than 20 characters comprised of those character sets in each diff. If at any point a high entropy string >20 characters is detected, it will print to the screen.

Using truffleHog to Search Git for High Entropy Strings

You can download truffleHog here:

truffleHog-dev.zip

Or read more here.


Topic: Hacking Tools
AIEngine - AI-driven Network Intrusion Detection System

AIEngine – AI-driven Network Intrusion Detection System

AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with capabilities of learning without any human intervention, DNS domain classification, Spam detection, network collector, network forensics and many others. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so […]

Topic: Security Software
Sooty - SOC Analyst All-In-One CLI Tool

Sooty – SOC Analyst All-In-One CLI Tool

Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process. The main goal of Sooty is to perform as much of the routine checks as possible which allows the analyst more time to spend on deeper analysis. Features of Sooty SOC […]

Topic: Countermeasures