Showing posts with label Windows. Show all posts
Showing posts with label Windows. Show all posts

Download and Use all Kali Linux Tools[Single Package] On Windows for Pentesting and Hacking - Complete Linux Environment

Download and Use all Kali Linux Tools[Single Package] On Windows for Pentesting and Hacking - Complete Linux Environment
Running all Pentesting tools on Windows Os

Have you ever wondered of using Kali Linux tools on Windows??yes , now you can download and plug in play all the Kali Linux Tools on Windows.The Good news is there is no need to install or remove any drivers specifically for these tools.Here are some the cool features of Pentest Box.

Features :-


It is a command line utility which is all what you want. You can get to know about the commands on


PentestBox directly runs on host machine instead of virtual machines, so performance is obvious.


PentestBox is entirely portable, so now you can carry your own Penetration Testing Environment on a USB stick. It will take care of all dependencies and configuration required to run tools.


Windows has already large support of drivers for Graphic Card and wireless. So now you don't have to worry about drivers compaitability issues. For Example now you can use your GPU power to crack hashes using Project RainbowCrack which is particularly not compaitable on linux environment.


PentestBox runs on host machine without any need for virtual machine. So it only need's 20 MB for launching compared to atleast 2GB of RAM need for running virtual machine distributions.


PentestBox contains a version of Mozilla Firefox Browser with nearly all security addons. To know the complete list of addons.


Consider a environment where you want to use PentestBox on many computers like office, lab, etc. Instead of installing PentestBox on each and every computer, you can just install that on one computer and share that folder as a drive to other computers on the same network. 


It is the same green font on black terminal but in an modern way.


All the dependencies required by tools are inside PentestBox, so you can even run PentestBox on freshly installed windows without any hassle.


PentestBox contains nearly all linux utilities like bash, cat, chmod, curl, git, gzip, ls, mv, ps, ssh, sh, uname and others. It even contains your favourite text editor "vim". For complete list, please look at
Because of this most of the pentesting tools which were earlier compatible only with Linux are working smoothly in PentestBox.


In the making of PentestBox we have included only the best tools , but in that process we have missed some tools which you might want to use. In that case you can easily install those tools using toolsmanager present inside PentestBox, it can install/update/Uninstall tools which are not there in PentestBox.


It is very light on Disk as well, it only acquires less than third of linux pentesting distro do.


It contains an update feature through which you can keep your tools updated. To know more about update feature, please click here.


Most users aren’t concerned about 32-bit support because they normally uses 64 bit systems. But this was introduced to make low-end systems in to a Pentesting Environment. Just to give an idea, i have tested PentestBox on this $200 machine, and it ran on it very smoothly.
Pentest Box is a 2GB package containing almost all pentest tools for hackers and pentesters.
Download Pentest Box From Official Site:
See the Below Video For Demo

How to crack Rainbow Hash Passwords using Rainbow Tables

Rainbow Table
The multi-platform password cracker Ophcrack-[Download it here] is unbelievably quick. however fast? It will crack the word "Fgpyyih804423" in a hundred and sixty seconds. the majority would take into account that password fairly secure. The Microsoft password strength checker rates it "strong". The Geekwisdom password strength meter-[Download it here] rates it "mediocre".

Why is Ophcrack thus fast? as a result of it uses Rainbow Tables.

To understand however rainbow tables work, you initially have to be compelled to perceive however passwords are hold on on computers, whether or not on your own desktop, or on a distant net server somewhere.

Passwords square measure ne'er hold on in plaintext. a minimum of they should not be, unless you are building the world's most insecure system exploitation the world's most naive programmers. Instead, passwords square measure hold on because the output of a hash perform. Hashes square measure unidirectional operations. even though AN aggressor gained access to the hashed version of your parole, it is not attainable to structure the parole from the hash worth alone.

But it's attainable to attack the hashed worth of your parole victimisation rainbow tables: monumental, pre-computed hash values for each attainable combination of characters. AN offensive computer might definitely calculate of these hashes on the fly, however taking advantage of a colossal table of pre-computed hash values allows the attack to proceed many orders of magnitude faster-- assumptive the offensive machine has enough RAM to store the whole table (or a minimum of most of it) in memory. it is a classic time-memory trade-off, precisely the type of cheating crosscut you'd expect a black hat aggressor to require.

How huge are rainbow tables? The installation dialog for Ophcrack ought to offer you AN idea:


It takes a protracted time to get these large rainbow tables, however once they are out there, each offensive pc will leverage those tables to form their attacks on hashed passwords that way more potent.

The smallest rainbow table obtainable is that the basic alphamerical one, and even it's 388 megabytes. that is the default table you get with the Ophcrack bootable ISO. Even that small-ish table is remarkably effective. I used it to attack some passwords I started in an exceedingly Windows XP virtual machine with the subsequent results:

                             found?                      seconds
Password1!                                700
Fgpyyih804423 yes                        159
Fgpyyih80442%                        700
saMejus9                 yes                        140

You wouldn't expect this rainbow table to figure on the passwords with non-alphanumeric characters (%&^$# and therefore the like) as a result of the table does not contain those characters. you may additionally note that that passphrases, that i'm a giant fan of, are proof against this system thanks to their length. on the other hand} again, this attack lined ninety nine.9% of all attainable fourteen character alphamerical passwords in eleven minutes, which was with the tiniest of the obtainable rainbow tables. we tend to might do higher by victimisation larger, additional complete rainbow tables. The Ophcrack documentation describes the variations between the obtainable rainbow tables it uses:

Alphanumeric 10k,388 MB Contains the LanManager hashes of ninety nine.9% of all alphamerical passwords. These are passwords made from mixed case letters and numbers (about eighty billion hashes). as a result of the LanManager hash cuts passwords into 2 items of seven characters, passwords of length one to fourteen will be cracked with this table set. Since the LanManager hash is additionally not case sensitive, the eighty billion hashes during this table set corresponds to twelve septillion (or 283) passwords.
Alphanumeric 5k,720 MB Contains the LanManager hashes of ninety nine.9% of all alphamerical passwords. However, as a result of the tables are doubly as giant, cracking is concerning fourfold quicker if you've got a minimum of one GB of RAM.

Extended 7.5 GB Contains the LanManager hashes of ninety six of all passwords made from up to fourteen mixed case letters, numbers and therefore the following thirty three special characters: !"#$%&'()*+,-./:;<=>?@[]^_` ~. There are concerning seven trillion hashes during this table set covering five octillion (or 292) passwords.

NT 8.5 GB You will use this table set to crack the NT hashes on machines wherever the LanManager hash has been disabled. The set contains ninety nine.0% of the hashes of the passwords made from the subsequent characters:

up to six mixed case letters, numbers and thirty three special characters (same as above)
7 mixed-case letters and numbers
8 lower-case letters and numbers
There are seven trillion hashes during this table, similar to seven trillion passwords (the NT hash doesn't suffer from the weaknesses of the LanManager hash).

Note that every one rainbow tables have specific lengths and character sets they add. Passwords that are too long, or contain a personality not within the table's listing, are utterly proof against attack from that rainbow table.

Unfortunately, Windows servers are significantly susceptible to rainbow table attack, thanks to inexcusably weak legacy LAN Manager hashes. i am surprised that the legacy LAN Manager support "feature" remains enabled by default in Windows Server 2003. It's extremely suggested that you simply disable LAN Manager hashes, significantly on Windows servers that happen to store domain credentials for each single user. it might be AN awful shame to inconvenience all of your Windows 98 users, however i feel the rise in security is worthwhile.

I scan that Windows Server 2008 can finally kill luminous flux unit hashes once it's free next year. Windows visual image already removed support for these obsolete hashes on the desktop. Running OphCrack on my visual image box ends up in this dialog:

All luminous flux unit hashes are empty. Please use NT hash tables to crack the remaining hashes.
I'd like to, however i am unable to notice a reliable supply for the eight.5 GB rainbow table of NT hashes that i would like to proceed.

The Ophcrack tool is not very versatile. It does not permit you to get your own rainbow tables. For that, you will need to use the Project Rainbow Crack tools, which might be wont to attack virtually any listing and any hashing algorithmic rule. But beware. there is a reason rainbow table attacks have solely emerged recently, because the worth of two to four gigabytes of memory in an exceedingly desktop machine have approached realistic levels. once I said large, I meant it. Here are some generated rainbow table sizes for the safer NT hash:

Character Set                                                             Length                            Table Size
ABCDEFGHIJKLMNOPQRSTUVWXYZ                          14                               0.6 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789  14                               3 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+= 14 24 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()- _+=~`[]|:;"'<>,.?/  14  64 GB

A rainbow table attack is sometimes overkill for a desktop machine. If hackers have physical access to the machine, security is tangential. that is rule variety three within the ten immutable  Laws of pc Security. There are any variety of tools which will reset passwords given physical access to the machine.

But once a distant hacker obtains an oversized list of hashed passwords from a server or info, we're in bother. there is vital risk from a rainbow table attack. that is why you must ne'er have confidence hashes alone-- invariably add some salt to your hash therefore the ensuing hash values are distinctive. seasoning a hash sounds sophisticated (and mistily delicious), however it's quite easy. You prefix a singular worth to the parole before hashing it:

hash = md5('deliciously-salty-' + password)
If you have preserved your parole hashes, AN attacker cannot use a rainbow table attack against you-- the hash results from "password" and "deliciously-salty-password" will not match. Unless your hacker somehow is aware of that every one your hashes are "delicously-salty-" ones. Even then, he or she would have to be compelled to generate a custom rainbow table specifically for you.
Tutorial For Obtaining Full Anonymity For RAT Users

Tutorial For Obtaining Full Anonymity For RAT Users

Hi Dudes!! Let's see on "how to stay anonymous while deploying or accessing a RAT on other devices".Below are the steps to be followed.Some may or may not use the equipment ,but If you use,do it according to the steps below for your safety.

/This theme is not so much about the use of the RAT, but rather about the safety and anonymity for the user./
/I've watched a lot of videos and read quite a few topics resulting to shape the plan of action, that is the best in my opinion. Below I will describe the whole process, all actions and security measures that I have taken. If I am right, maybe it will be useful for someone as a brief guide for the safe use of RAT./
1. Purchase of equipment.
/So first, I will give a brief list of what you need to buy./
1.1 Mobile Phone.
1.2 SIM card.
1.3 Laptop.
1.4 Prepaid card WebMoney.
1.5 External WiFi adapter.
1.1) Mobile Phone.

/Theoretically, by phone IMEI is possible to determine which store sold it, and turning in this store is possible to determine at what time the phone was sold. If the store has video capture, then knowing the time of the phone sale gives opportunity to find your image on the video, and this is a serious piece of evidence. Therefore, I have found in my city underground shop where they sell used mobile phones without the receipts and with no video capture, and bought the cheapest working mobile phone./
But some RAT Users may not use a mobile phone.

1.2) SIM card.

/Of course, SIM card must be anonymous, or framed on a stranger who has nothing to do with you, so I bought in the same underground store, without cameras and without a receipt./

1.3) Laptop.

/Next you need to find on the internet to advertise the sale of second-hand laptop, call to the owner (using previously bought mobile phone and SIM card) to arrange a meeting in a place without video capturing and buy this laptop./

1.4) Prepaid card WebMoney.

/Because in the future there will be some costs through the Internet, and we will need to pay anonymously, it is best to buy a prepaid card WebMoney. The required amount depends on the further choice of VPN provider and cryptor, which I will describe later. These services cost me $ 170 for the year./

1.5) External WiFi adapter.

/For extra insurance, we will need to hack someone’s WiFi router, and for this we need a powerful external WiFi adapter that can work in monitor mode. I chose for this purpose Alfa AWUS036H. Buy it, of course, with no video capture and receipts in the underground store or second-hand by the ad./
2. Setting up the equipment and the use of RAT.
/We now proceed to the main point. Briefly further steps:/
2.1 Changing the device IDs.
2.2 Hacking someone else’s WiFi router.
2.3 Registration of WebMoney account.
2.4 Purchasing and configuration of VPN.
2.5 Purchasing of crypter.
2.6 Creating of RAT.
2.7 Spreading of RAT.
2.1) Changing the device IDs.

/Before you connect the laptop to the internet, you need to make it as unrecognizable to any servers./
/After formatting of the hard drives and reinstalling of Windows you must change:/

2.1.1)/ MAC address. For Windows 7 with this task copes MAC Changer utility (old MAC-addresses will not be restored after a reboot). Just do not forget to change the MAC-address of the external WiFi adapter. The utility is free and it is easy to find on the Internet./

2.1.2) HWID. It is hidden in the registry, namely the HKEY_LOCAL_MACHINESoftwareMicrosoftCryptography.
Figures, perhaps we could put random, but I use the generator.

2.1.3)/ Volume ID. You can change it using tool from Microsoft./

2.2) /Hacking someone else’s WiFi router./

/Next, we need to gain access to someone else’s WiFi router. To do this, run on a laptop Live CD with Kali Linux operating system and hack someone else’s WiFi router. I will not write, how to do it because the internet is full of instructions. In the future, all internet connections will go exactly through this router, in case if our methods of protection will not work and our IP address will be detected. After gaining access to the settings of WiFi router, you must to setup port forwarding, as well as to disable logging on the router./

2.3) Registration of WebMoney account.

/Register WebMoney account using the Tor (all connections without a VPN need to carry out further through it). To verify the account use the purchased phone and SIM card./

2.4) Purchasing and configuration of VPN.

/We will not use DUC, because No-IP are keep the logs and will hand over you to law enforcement on the first request . Therefore, choose a good VPN server that does not keep logs, supports port forwarding, allocates fixed IP address, as well as accepts WebMoney. I choose for the “nVPN”. Account for the year with a permanent private IP costs me $ 60. Do not forget to open the ports in the VPN account. After the purchase, configure VPN, put it in startup and in the future go to the Internet only through him or through Tor./

2.5) Purchasing of crypter.

/Next, buy a good crypter for the same WebMoney. What crypter choose and how to use it will be better to read in the other topics on the forum./

2.6) Creating of RAT.

/Create your RAT and encrypt it. Do not forget that the network settings of your RAT need to use the IP address that was given by VPN provider and the port, that you have opened at the VPN server and on the router./

2.7) Spreading of RAT.

/Well, actually, the last – spread your encrypted RAT. How is it better to do – there are plenty of forum information./

2.*)/ Just want to draw your attention that for security purposes, prior to each new registration in any of the used Internet services, it is better to change the identity of the your laptop iron (MAC address, HWID or Volume ID). Just when you register you should to use every time a new, random names and nicknames. It is best to use online random generators./

Read More :Top RAT's For Download

Read More :Crypters -Bypass Anti-Virus Detection [Free Download]
3. Possible threats.
/We now analyze whether it is possible to track us. We will rely on worst-case scenarios./
3.1) /We assume that the victim called the police. Police checked the victim’s computer, found on what IP it sends requests. This is IP on private VPN server that does not keep logs. If the VPN provider deceived us, and kept some logs, there are the following options:/
3.1.1)/ VPN provider is kept routing logs and give to police your real IP, but the police did not come to you, they will come to the owner of the hacked WiFi router. Then they can see the logs of the router, but there will not be stored information about transmission of the data to devices, because we turned off logging on the router./

3.1.2) /VPN provider writes logs of account payments. He gives the police the address of your mail and WebMoney account number. It does not give the police nothing, because All actions are performed through Tor, address registered in false names, and to verify the WebMoney account we used an anonymous SIM card and anonymous phone./

3.2)/ If somehow the police will know the identity of the your laptop iron (MAC address, HWID or Volume ID), then they will not be able to find its previous owner, to find you, because we changed all of these data./

3.*) /As a result, I see in this plan are only 2 options to hunt you down:/

3.*.1) /If the police will find a WiFi router that you hacked and track the traffic, on which of the MAC address the data is transmitted, and determine the location of your laptop on the signal strength./

3.*.2)/ If the police will determine the phone number from which was done the verification of WebMoney Account , contact your service provider and if the service provider keeps very accurate triangulation logs of subscribers for all SMS sent, and will give your exact coordinates to police./

3.*.*)/ Both versions of events, I think it is highly unlikely because they require the concurrence of many circumstances./

Read More :Hiding RAT's Using Binders [Free Download]

/Do not consider me for the paranoid, but I think that if you decide to do forbidden things you need to do it safely and anonymously as possible./
Hacking WEP Password Using Windows [Aircrack-ng] [Windows Users]

Hacking WEP Password Using Windows [Aircrack-ng] [Windows Users]

Guide to WEP Cracking in Windows
/Many Windows users here are struggling to hack WiFi networks because most of the tutorials are based on kali linux and other Linux Tools ./
/I’m just sharing the Guide to WEP Cracking in Windows . The WEP is a very vulnerable to attacks and can be cracked easily ./
/It takes about 5-6 hours if the password is weak a high signal of the WiFi network you are going to hack and you have sometimes 10-12 for more complicated passwords and if the WiFi signal of the Network is weak ./
/The time taken also changes if the WiFi network you are going to hack has many other clients already accessing it ./
/You will be using two tools ./
1.Commview for WiFi :
/You will use this tool for capturing the packets sent and received through the Access Point you are going to hack ./
/The more packets you capture the better chances of cracking the password ./
/You will need more than 1,00,000 minimum packets to crack the password ./
/The packets will be captured in the .ncp format ./
You will use this tool to convert the .ncp to .cap .
/NOTE : Some WiFi cards are supported by Commview only in Windows 7 so i suggest you install Win 7 in ur Virtual Machine if your card isn’t supported ./
2.Aircrack-Ng GUI :
/You will use this tool to crack the password of the Access Point using the .cap files you obtained from the Commview application ./
/NOTE : You need to run this as administrator ./
/I have provided links for both the software below ./
Download Links :
/These are the links to the official website of the tools ./
/Some Anti Viruses might detect Aircrack as a virus . It is a false positive ./
1.Aircrack-NG GUI
Get it from here :
2.Commview for Wifi
STEP 1 :
/Install CommView for WiFi . It doesn’t matter whether you install it in VoIP mode or Standard mode . I used VoIP ./
/It automatically installs the necessary drivers . Allow it to install ./
/NOTE : You will not be able to connect to any Network using WiFi when using CommView ./
STEP 2 :
Click on the PLAY ICON in the Left First .
WEP Cracking in Windows

STEP 3 (Choosing the Network (a) ) :
A new window should pop up now .
Click on the START SCANNING button .
WEP Cracking in Windows
STEP 4 (Choosing the Network (b) ) :
/Click on the WiFi network you want to hack in the Right Coulumn and Click on CAPTURE.
NOTE : This tutorial is only for WEP protected networks ./
WEP Cracking in Windows
STEP 5 (Capturing the Packets) :
/The windows should close now and you should see that CommView has started Capturing Packets ./
WEP Cracking in Windows
STEP 6 (Saving the Packets ) :
/Now that the Packets are getting captured you need to Save them./
/Click on Settings->Options->Memory Usage/
/Change Maximum Packets in buffer to 20000/
WEP Cracking in Windows
Click on the LOGGING Tab .
In the Maximum Directory Size : 2000
Average Log File Size : 20
WEP Cracking in Windows
/Now CommView will automatically Start Saving packets in the .ncp format at a size of 20MB each in the specified directory ./
STEP 7 ( Concatenating the Logs ) :
/Since you are capturing a lot of logs you will need to concatenate them into once file ./
/To do this go to Logging and click on CONCATENATE LOGS/
/Choose all the files that have been saved in your specified folder and Concatenate them ./
Now you will have one .ncf file .
STEP 8 (Converting .ncf to .cap ) :
/Now that you have one file with all the packets you need to Convert it into .cap file for AIRCRACK to crack ./
/Click on File->Log Viewer->Load Commview Logs-> Choose the .ncf file/
/Now File->Export->Wireshark/TCP dump format ./
Aircrack Part :
Now for the Second Part WEP Cracking in Windows this is very simple .
Just open the Aircrack Folder->Bin->Aircrack-ng GUI.exe
Choose the .cap file and voila.....the password will be cracked within a few hours .
Feel free to ask any doubts!
Useful 50 Commands For Windows Users

Useful 50 Commands For Windows Users

Hi Guy's ,I'm gonna show you useful Command Prompt Commands where every user should know.These commands can be useful when you want certain programs need to be run.

See the below useful commands used in Command Prompt.

Top 50 Run Commands for Window 7/10