SecurityXploded.com
Follow us on Twitter
Home Page - www.SecurityXploded.com
 
 
 
 
    New Tool: DllHijackAuditor      
 
dllhijackauditor DllHijackAuditor is the free tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the system.

DllHijackAuditor helps in discovering all such Vulnerable Dlls in a Windows application which otherwise can lead to successful exploitation resulting in total compromise of the system. With its simple GUI interface DllHijackAuditor makes it easy for anyone to instantly perform the auditing operation. It also presents detailed technical Audit report which can help the developer in fixing all vulnerable points in the application.



For more information and to download, visit main page of DllHijackAuditor.



Stay tuned to our Twitter post for latest news on upcoming releases and updates.
 
 
 
    Coming Up:  SpyDLLRemover 4.0      
 
spydllremover SpyDLLRemover is the standalone tool to effectively detect and delete spywares from the system. It comes with advanced spyware scanner which quickly discovers hidden Rootkit processes as well suspicious/injected DLLs within all running processes. It not only performs sophisticated auto analysis on process DLLs but also displays them with various threat levels, which greatly helps in quick identification of malicious DLLs. The DLL search feature helps in finding a malicious DLL within all running processes using partial or full name.

The upcoming version 4.0 comes with some of these great features
  •  Advanced 'Online Threat Verification' of suspicious items using VirusTotal, ThreatExpert & ProcessLibrary etc.
  •  Improved Auto-Analysis which will significantly reduce the manual analysis items.
  •  Fully Re-sizable window for better usability and analysis
  •  Option to open the suspicious DLL/EXE with Notepad, WordPad, UltraEdit or any of your favorite application (such as PEditor) for extended analysis.
  •  Enhanced user interface with new banner/icon

As per the current schedule, SpyDLLRemover 4.0 is expected to come out at the end of this month. 

Stay tuned to our Twitter post for latest news.


 
 
 
    Coming Soon:  IMPasswordDecryptor     
 
impassworddecryptor IMPasswordDecryptor is the FREE software to instantly recover stored passwords from most of the popular instant messengers. Most of the messengers have the auto-login feature which requires the user account information including password to be saved for subsequent logins. If user opts to save or remember the password then the username and password are stored on the system in proprietary format.

In this direction, IMPasswordDecryptor helps in recovering such stored passwords for popular instant messengers. This not only helps in recovering the password but also helps in knowing what all sensitive information being stored on your system so that you can take care of it before handing over the system to others.

IMPasswordDecryptor is a standalone application which does not require any installation and can be run directly after copying it to your system. It works on most of the Windows platforms starting from Windows XP to latest operating system, Windows 7.

Watch our Twitter post for more news 


 
 
 
    SecurityXploded Tools on BackTrack    
 
Here is the great news for all the users of SecurityXploded that your favorite password recovery tools are now available on BackTrack, world's popular and most loved Linux security distribution. Few days back I have got surprise email from BackTrack team asking for approval to include our tools on BackTrack.They have also expressed interest to include some of our upcoming Linux versions such as FireMasterLinux.  After my consent, the BackTrack team has already put all of our password recovery tools on BackTrack repository under 'Windows-Password-Recovery-Tools' section and same is available for all BackTrack users now.

Update (6th Aug 2010): I have just received information from BackTrack team that all the password recovery tools have now been put into BackTrack 4 R1 Release.

backtrack

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. It is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date.

It is great privilege to have our tools on the BackTrack and for our users its great to have all their favorite tools at one place where ever they go on the earth.

Read the complete story here

 
 
 
    Recent Tool Updates
 
 
 
    Latest SX News
 
2nd sep 2010 Updated ProcNetMonitor 2.7. Now it displays detailed process info for 64 bit processes as well. Removed False Positive alerts from Antivirus.
30th Aug 2010 Released DllHijackAuditor, new tool to Audit against the Dll Hijack Vulnerability.
27th Aug 2010 Published Book Review for "Cyber Fraud: Tactics, Techniques and Procedures"
25th Aug 2010 Released SpyBHORemover 2.5 with enhanced features such as Injected Process List, Right click popup menu for all lists, Improved threat analsys etc.
7th Aug 2010 Updated SXPasswordSuite 1.1 with GooglePasswordDecryptor & ThunderbirdPassDecryptor
...more updates
 
 
 
    Featured article of the month :  Password Secrets of Popular Windows Applications  
In today's Internet driven world, all of us use one or other applications starting from browsers, mail clients to instant messengers. Most of these applications store the sensitive information such as user name, password in their private location using proprietary methods.But most applications use simple methods or rather obscure methods to store the credentials which can easily put your privacy in jeopardy as any spyware on your system can easily uncover these secrets.

In this context, this article is going to throw a light on those dark regions by exposing the secret storage location and encryption mechanism used by most popular applications.It is also going to present the pointers on how one can uncover such passwords using the tools available today.

 Read more >>>
 
 
 
    Recent Blog Posts [RSS ]
 
Security Blog by Nagareshwar
Presenting DllHijackAuditor – Smart Tool to Audit Dll Hijack Vulnerability
August 30th, 2010
DllHijackAuditor is the FREE tool to Audit against the  DLL Hijacking Vulnerability for any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the [...]
 
Book of the Month – Cyber Fraud: Tactics, Techniques and Procedures
August 27th, 2010
Gone are the days when those BlackHat Hackers would tickle you for fun, Now they will poke you & take your diamonds without you even knowing anything about it until it’s too late. Landscape in the Cyber underground has completely changed since then, making it more like well organized business controlled by global entities around [...]
 
Released SpyBHORemover 2.5
August 25th, 2010
SpyBHORemover (previously called BHORemover) is the advanced tool to explore and eliminate malicious BHO’s from the system. BHO stands for ‘Browser Helper Objects’ which are plugins written for ‘Internet Explorer’ to enhance its capabilities. Often this feature is being misused by many spyware programs to monitor user’s browsing habits and to steal the users credentials [...]
 
DLL Hijacking Exploit – All at One Place
August 24th, 2010
The web is full of recent DLL Hijacking Exploit after HDMoore and other security researchers have reported about numerous Windows applications suffering  from these flaws.  Here I have decided to put together simple version with all the relevant links at one place so that one gets the complete picture. . What is DLL Hijacking Vulnerability [...]
 
Unleashing VASTO – A Virtualization Assesment Toolkit
August 23rd, 2010
VASTO is the first of its kind toolkit designed to asses the security of various Virtualization solutions including VMWare and Xen server.  It is implemented as set of modules which can be integrated into Metasploit , the popular penetration testing framework.  This makes it very easy for pen testers to directly integrate VASTO with their [...]
 
 
 
 
    Latest Tweets from SecurityXploded.com
 
 
 
 
 
 
 
 
 
 
 
 
 
Home - Tools - Articles - Research - Download - Statistics - Blog - PAD Files - About - Contact