What is Pass-The-Hash Toolkit?

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).

Source: http://oss.coresecurity.com/projects/pshtoolkit.htm

John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus many more with contributed patches.

Source: http://www.openwall.com/john/
How To Install: http://www.openwall.com/john/doc/INSTALL.shtml

Purchased Rootkits | Subverting the Windows Kernel

A month ago I have bought Rootkits, Subverting the Windows Kernel by Greg Hoglund and James Butler and I find it superb.  If you are a rootkit developer or looking to be one, this is a must have book that you need to get a hold of.  It teaches you generally the stuffs you want to learn such as hiding processes, files and directories, registries and lots more.  Conquering the kernel level as well as beating up Antiviruses are one of the topics that are discussed on!  Recently I am busy with my final years so I hope I can find time to post some useful articles.

Rootkits | Subverting the Windows Kernel

Are you a programmer that loves to design malicious application?  Do you find malicious applications that you have made are easily detected by anti-virus software (oh come on, Fully Un-detectable (FUD) isn’t going to last long)?  Do you know the difference of user and kernel space?  Ever wanted to be able to stay on the same level as the anti-virus as well as getting rid of it?

Take yourself into a whole new level by learning how to develop a rootkit! Read the rest of this entry »