Cyber World

To Audit Management and Multiple Databases HexorBase is a database application designed for management and audit multiple database servers simultaneously from a single location, is able to perform SQL queries and brute force attacks against servers common database ( MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ). This tool is simple to use and very practical, may have to know a little SQL, but the basics. Video: HexorBase runs on Linux and presumably Windows, and requires: python-qt4 python python-MySQLdb cx_Oracle python-psycopg2 python-python-qscintilla2 pymssql To install it you must download and from the console: root @ host: ~ # dpkg-i hexorbase_1.0_all.deb Project website and download HexorBase:  http://code.google.com/p/hexorbase/

This tools is a hacker friendly. Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET. There has a 175 tools list in one software.... Tools Content Download Here

DRIL (Domain Reverse IP Lookup) Tool is a Reverse Domain Tool that will really be useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which uses a Bing API key. DRIL has a simple user friendly interface which will be helpful for penetration tester to do their work fast without a mess, this is only tested on Linux but as it is JAVA it should work on Windows too. There are various other tools which carry out similar tasks .. Download Here

sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine. Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.   Its a good tools for find Sql Vulnerability. New Features/Changes --> Rewritten SQL injection detection engine (Bernardo and Miroslav). Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav). Added full support for both time-based blind SQL injection and error-based SQL injection techniques...

Download Here Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization. Customisation   1. Email Trace back is set to Off as default and emails will not be sent , If you are setting this feature on make sure you change the default email address (lionaneesh@gmail.com)  to Your email address , Please Change it before using. 2. Username and Passwords are set to lionaneesh and lionaneesh respectively , Please change them for better security. 3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed. Default Login Username : lionaneesh Password : lionaneesh Features       Shell     Platform Independent     Mass - Mailer     Small Web-Server Fuzzer ...

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.         Download Here

Features:  >> Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB authentication mode) >>  Bruteforce of 'sa' password (in 2 flavors: dictionary-based and incremental). >> Creation of a custom xp_cmdshell if the original one has been removed >> Upload of netcat (or any other executable) using only normal HTTP requests (no FTP/TFTP needed). >> TCP/UDP portscan from the target SQL Server to the attacking machine, in order to find a port that is allowed by the firewall of the target network and use it for a reverse shell. >> Direct and reverse bindshell, both TCP and UDP >> ICMP-tunneled shell, when no TCP/UDP ports are available for a direct/reverse shell but the DB can ping your box. >>   DNS-tunneled pseudo-shell, when no TCP/UDP ports are available for  a direct/reverse shell, but the DB server can resolve external hostnames  (check the documen...