Archive for the ‘Tools’ Category

Image result for python logo

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them.
Most of the listed tools are written in Python, others are just Python bindings for existing C libraries, i.e. they make those libraries easily usable from Python programs.
Some of the more aggressive tools (pentest frameworks, bluetooth smashers, web application vulnerability scanners, war-dialers, etc.) are left out. This list is clearly meant to help whitehats, and for now I prefer to err on the safe side.

Network

  • ScapyScapy3k: send, sniff and dissect and forge network packets. Usable interactively or as a library
  • pypcapPcapy and pylibpcap: several different Python bindings for libpcap
  • libdnet: low-level networking routines, including interface lookup and Ethernet frame transmission
  • dpkt: fast, simple packet creation/parsing, with definitions for the basic TCP/IP protocols
  • Impacket: craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB
  • pynids: libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection
  • Dirtbags py-pcap: read pcap files without libpcap
  • flowgrep: grep through packet payloads using regular expressions
  • Knock Subdomain Scan, enumerate subdomains on a target domain through a wordlist
  • SubBrute, fast subdomain enumeration tool
  • Mallory, extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly
  • Pytbull: flexible IDS/IPS testing framework (shipped with more than 300 tests)
  • Spoodle: A mass subdomain + poodle vulnerability scanner
  • SMBMap: enumerate Samba share drives across an entire domain

Debugging and reverse engineering

  • Paimei: reverse engineering framework, includes PyDBG, PIDA, pGRAPH
  • Immunity Debugger: scriptable GUI and command line debugger
  • mona.py: PyCommand for Immunity Debugger that replaces and improves on pvefindaddr
  • IDAPython: IDA Pro plugin that integrates the Python programming language, allowing scripts to run in IDA Pro
  • PyEMU: fully scriptable IA-32 emulator, useful for malware analysis
  • pefile: read and work with Portable Executable (aka PE) files
  • pydasm: Python interface to the libdasm x86 disassembling library
  • PyDbgEng: Python wrapper for the Microsoft Windows Debugging Engine
  • uhooker: intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory
  • diStorm: disassembler library for AMD64, licensed under the BSD license
  • python-ptrace: debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python
  • vdb / vtrace: vtrace is a cross-platform process debugging API implemented in python, and vdb is a debugger which uses it
  • Androguard: reverse engineering and analysis of Android applications
  • Capstone: lightweight multi-platform, multi-architecture disassembly framework with Python bindings
  • Keystone: lightweight multi-platform, multi-architecture assembler framework with Python bindings
  • PyBFD: Python interface to the GNU Binary File Descriptor (BFD) library
  • CHIPSEC: framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components.

Fuzzing

  • afl-python: enables American fuzzy lop fork server and instrumentation for pure-Python code
  • Sulley: fuzzer development and fuzz testing framework consisting of multiple extensible components
  • Peach Fuzzing Platform: extensible fuzzing framework for generation and mutation based fuzzing (v2 was written in Python)
  • antiparser: fuzz testing and fault injection API
  • TAOF, (The Art of Fuzzing) including ProxyFuzz, a man-in-the-middle non-deterministic network fuzzer
  • untidy: general purpose XML fuzzer
  • Powerfuzzer: highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer)
  • SMUDGE
  • Mistress: probe file formats on the fly and protocols with malformed data, based on pre-defined patterns
  • Fuzzbox: multi-codec media fuzzer
  • Forensic Fuzzing Tools: generate fuzzed files, fuzzed file systems, and file systems containing fuzzed files in order to test the robustness of forensics tools and examination systems
  • Windows IPC Fuzzing Tools: tools used to fuzz applications that use Windows Interprocess Communication mechanisms
  • WSBang: perform automated security testing of SOAP based web services
  • Construct: library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner
  • fuzzer.py (feliam): simple fuzzer by Felipe Andres Manzano
  • Fusil: Python library used to write fuzzing programs

Web

  • Requests: elegant and simple HTTP library, built for human beings
  • HTTPie: human-friendly cURL-like command line HTTP client
  • ProxMon: processes proxy logs and reports discovered issues
  • WSMap: find web service endpoints and discovery files
  • Twill: browse the Web from a command-line interface. Supports automated Web testing
  • Ghost.py: webkit web client written in Python
  • Windmill: web testing tool designed to let you painlessly automate and debug your web application
  • FunkLoad: functional and load web tester
  • spynner: Programmatic web browsing module for Python with Javascript/AJAX support
  • python-spidermonkey: bridge to the Mozilla SpiderMonkey JavaScript engine; allows for the evaluation and calling of Javascript scripts and functions
  • mitmproxy: SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly
  • pathod / pathoc: pathological daemon/client for tormenting HTTP clients and servers

Forensics

  • Volatility: extract digital artifacts from volatile memory (RAM) samples
  • Rekall: memory analysis framework developed by Google
  • LibForensics: library for developing digital forensics applications
  • TrIDLib, identify file types from their binary signatures. Now includes Python binding
  • aft: Android forensic toolkit

Malware analysis

  • pyew: command line hexadecimal editor and disassembler, mainly to analyze malware
  • Exefilter: filter file formats in e-mails, web pages or files. Detects many common file formats and can remove active content
  • pyClamAV: add virus detection capabilities to your Python software
  • jsunpack-n, generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plug-in vulnerabilities
  • yara-python: identify and classify malware samples
  • phoneyc: pure Python honeyclient implementation
  • CapTipper: analyse, explore and revive HTTP malicious traffic from PCAP file

PDF

  • peepdf: Python tool to analyse and explore PDF files to find out if they can be harmful
  • Didier Stevens’ PDF tools: analyse, identify and create PDF files (includes PDFiDpdf-parser and make-pdf and mPDF)
  • Opaf: Open PDF Analysis Framework. Converts PDF to an XML tree that can be analyzed and modified.
  • Origapy: Python wrapper for the Origami Ruby module which sanitizes PDF files
  • pyPDF2: pure Python PDF toolkit: extract info, spilt, merge, crop, encrypt, decrypt…
  • PDFMiner: extract text from PDF files
  • python-poppler-qt4: Python binding for the Poppler PDF library, including Qt4 support

Misc

  • InlineEgg: toolbox of classes for writing small assembly programs in Python
  • Exomind: framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, search engines and instant messaging
  • RevHosts: enumerate virtual hosts for a given IP address
  • simplejson: JSON encoder/decoder, e.g. to use Google’s AJAX API
  • PyMangle: command line tool and a python library used to create word lists for use with other penetration testing tools
  • Hachoir: view and edit a binary stream field by field
  • py-mangle: command line tool and a python library used to create word lists for use with other penetration testing tools
  • wmiexec.py: execute Powershell commands quickly and easily via WMI
  • Pentestly: Python and Powershell internal penetration testing framework

Other useful libraries and tools

  • IPython: enhanced interactive Python shell with many features for object introspection, system shell access, and its own special command system
  • Beautiful Soup: HTML parser optimized for screen-scraping
  • matplotlib: make 2D plots of arrays
  • Mayavi: 3D scientific data visualization and plotting
  • RTGraph3D: create dynamic graphs in 3D
  • Twisted: event-driven networking engine
  • Suds: lightweight SOAP client for consuming Web Services
  • M2Crypto: most complete OpenSSL wrapper
  • NetworkX: graph library (edges, nodes)
  • Pandas: library providing high-performance, easy-to-use data structures and data analysis tools
  • pyparsing: general parsing module
  • lxml: most feature-rich and easy-to-use library for working with XML and HTML in the Python language
  • Whoosh: fast, featureful full-text indexing and searching library implemented in pure Python
  • Pexpect: control and automate other programs, similar to Don Libes `Expect` system
  • Sikuli, visual technology to search and automate GUIs using screenshots. Scriptable in Jython
  • PyQt and PySide: Python bindings for the Qt application framework and GUI library

Books

 

christmas TV
Now that the first Steam Machine prototypes have shipped out, Valve has released its Steam OS into the wild.

You can download Steam OS here, and it’s advisable that you carefully read the Steam OS FAQbefore diving in.

SteamOS is a fork (derivative) of Debian GNU/Linux. The first version (SteamOS 1.0) is called ‘alchemist’ and it is based on the Debian ‘wheezy’ (stable 7.1) distribution.

SteamOS is designed to run Steam and Steam games. It also provides a desktop mode which can run regular Linux applications.  SteamOS currently provides a limited set of packages, but many Debian wheezy packages work fine on SteamOS, says Valve.

Steam OS can only run Linux games, so your Windows-only library is out. However, Valve is working on a system which will allow Windows games to be streamed from your Windows machine to the your Steam OS machine.

SteamOS Hardware Requirements:

  • Intel or AMD 64-bit capable processor
  • 4GB or more memory
  • 500GB or larger disk
  • NVIDIA graphics card (AMD and Intel graphics support coming soon)
  • UEFI boot support
  • USB port for installation

 

How do I install SteamOS?

There are two different installation methods for SteamOS. The recommended method is the Default Installation method, which is a pre-configured image-based install using CloneZilla. The other method uses Debian Installer, which allows for customization after an automated install step. Please choose one of those methods below.

WARNING: Both installation methods will erase all content on the target computer

Default Installation

You will need to create a SteamOS System Restore USB stick to perform this install. The image provided here requires at least a 1TB disk.

Download the default SteamOS beta installation

Format a 4GB or larger USB stick with the FAT32 filesystem. Use “SYSRESTORE” as the partition name.

Unzip the contents of SYSRESTORE.zip to this USB stick to create the System Restore USB stick.

Put the System Restore USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (Usually something like F8, F11 or F12 will bring up the BIOS boot menu).

Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”. If there is no UEFI entry, you may need to enable UEFI support in your BIOS setup.

Select “Restore Entire Disk” from the GRUB menu.

When it is complete it will shutdown. Power on the machine to boot into your freshly re-imaged SteamOS.

Custom Installation

The second method is based on the Debian Installer. It requires multiple configuration steps:

Download the custom SteamOS beta installation

Unzip the SteamOS.zip file to a blank, FAT32-formatted USB stick.

Put the USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (Usually something like F8, F11, or F12 will bring up the BIOS boot menu).

Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”. If there is no UEFI entry, you may need to enable UEFI support in your BIOS setup.

Selected “Automated install” from the menu.

The rest of the installation is unattended and will repartition the drive and install SteamOS.

tv Snort

Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Official Release Note of Snort 2.9.1:- 

  • Protocol aware reassembly support for HTTP and DCE/RPC pre-processors. Updates to Stream5 allowing Snort to more intelligently inspect HTTP and DCE/RPC requests and responses. See README.stream5 subsection related to Protocol Aware Flushing (PAF).
  • SIP pre-processor to identify SIP call channels and provide rule access via new rule option keywords. Also includes new pre-processor rules for anomalies in the SIP communications. See the Snort Manual and README.sip for details.
  • POP3 & IMAP pre-processors to decode email attachments in Base64, Quoted Printable, and uuencode formats, and updates to SMTP pre-processor for decoding email attachments encoded as Quoted Printable and uuencode formats. See the Snort Manual, README.pop, README.imap, and README.SMTP for details.
  • Support for reading large pcap files.
  • Logging of HTTP URL (host and filename), SMTP attachment filenames and email recipients to unified2 when Snort generates events on related traffic.
  • IP Reputation pre-processor, allowing Snort to blacklist or whitelist packets based on their IP addresses. This pre-processor is still in an experimental state, so please report any issues to the Snort team. See README. Reputation for more information.

To download Snort Click Here

tv crime2

1. Nmap
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap homepage.

2. Wireshark
Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. Wireshark homepage.

3. Metasploit Community edition
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners. This helps prioritize remediation and eliminate false positives, providing true security risk intelligence. Metasploit community edition homepage.

4. Nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Nikto2 homepage.

5. John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. John the Ripper homepage.

6. ettercap
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ettercap homepage.

7. NexPose Community edition
The Nexpose Community Edition is a free, single-user vulnerability management solution. Nexpose Community Edition is powered by the same scan engine as Nexpose Enterprise and offers many of the same features. Nexpose homepage.

8. Ncat
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses. ncat homepage.

9. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. kismet homepage.

10. w3af
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. w3af homepage.

11. hping
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. hping homepage.

12. burpsuite
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. BurpSuite homepage.

13. THC-Hydra
A very fast network logon cracker which support many different services.  hydra homepage.

14. sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. sqlmap homepage.

15. webscarab
WebScarab has a large amount of functionality, and as such can be quite intimidating to the new user. But, for the simplest case, intercepting and modifying requests and responses between a browser and HTTP/S server, there is not a lot that needs to be learned. WebScarab homepage.

TV watching

What is a virtual private network (VPN)

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization’s network.

That’s all well and good but what do you really want a VPN for; looking at Facebook from school, downloading torrents from a site that your ISP has blocked, to watch streaming sites from a foreign county or just to stop big brother from spying on you.
So having said that below is a list of the top 19 free VPN services (would have been 20 but one site was down)

 

 

1) Free VPN by WSC

The Free VPN service protects web surfing session on your home Internet network as well as on Public Internet networks (both wired and wireless). Free VPN enables you to access all web content freely and securely. Free VPN supports Windows 7/Vista/XP (both 32 bit and 64 bit)

Free VPN Features

  • Access blocked websites from within a corporate environment
  • Watch Hulu.com, Pandora.com, ABC.com, BBC.co.uk Abroad
  • Use VoIP software like Skype if it’s blocked.
  • Protect yourself from snoopers at Wi-Fi hotspots, hotels, airports, corporate offices and ISP hubs.
  • Hide your IP address for your privacy online.

Download – thefreevpn to access blocked websites.

2) Hotspot Shield

Hotspot Shield is yet another free VPN service available that ensures your privacy and security online. If you want to install Hotspot Shield on your iPhone then visit here for more information on how to configure free VPN on iPhone. It works on both wireless and wired connections providing unlimited Bandwidth. Supports Windows 7/Vista/XP, Mac OS, Snow Leopard.

Features of Hotspot Shield

  • Secure your web session, data, online shopping, and personal information online with HTTPS encryption.
  • Protect yourself from identity theft online.
  • Hide your IP address for your privacy online.
  • Access all content privately without censorship; bypass firewalls.
  • Protect yourself from snoopers at Wi-Fi hotspots, hotels, airports, corporate offices.

Download – Hotspot Shield to protect your identity online

3) AlwaysVPN

AlwaysVPN creates an encrypted link between your computer and AlwaysVPN servers and then forwards all of your internet traffic through this link.

AlwaysVPN Features

  • Prevent local eavesdroppers from listening in on your web communication.
  • Bypass restrictive firewalls.
  • Allows you to Access US only web content like Hulu, ABC and other video networks that were blocked previously.
  • Bypass Government firewalls or web content filtering.

4) Tor VPN

Tor is free software that protects your online privacy, business activities and relationships. Torbutton blocks browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe’s PDF plugin, and others that can be manipulated by hackers into revealing your IP address and thereby stealing confidential information. Using Tor might disable Youtube. If you want to view videos at Youtube, you can reconfigure Torbutton to allow it. Supports Windows Mac OS and Linux.

Download Tor to protect your online privacy

5) ItsHidden

Most free VPN service on the Internet like Tor provides limited bandwidth or usage restriction. ItsHidden.com is the ultimate FREE surfing privacy service on the Internet that provides you over 5 GB of dedicated bandwidth to its users. ItsHidden works on BitTorrent (BT) traffic (both upload and download transfer) making it useful for users whose torrent traffic been choked by their ISP, or users who need to hide themselves for anti-piracy organizations from sharing copyrighted content. There is no software required and ItsHidden.com works on all Platforms including Windows, Mac, Linux, IPhone etc

Features of ItsHidden

  • ItsHidden.com is fast and reliable with over 5 gigabits of dedicated bandwidth.
  • Instant access & no software is needed
  • Total privacy, no records of your surfing are kept by us
  • 128-bit secure connection to ensure privacy over all networks

Sign up for ItsHidden VPN service.

6) UltraSurf

UltraSurf is a popular tool to protect Internet privacy with anonymous surfing and browsing. The tool hides or mask the IP addresses and locations, clean browsing history, cookies & more to hide your identity online. With Ultrasurf you can also browse any website freely, that were blocked before. Support Windows only.

Download UltraSurf 9.8. Firefox users need to download the Firefox add-on besides the software

7) NotMyIP

NotMyIP is free online privacy protection software that hides your real online identity from cyber thieves by masking your IP address, which might reveal sensitive information. Not my IP lets you access blocked websites, allows you to vote and comment on forums you were banned before, and further more to prevent other people (organizations) to follow you online by providing you different proxies from all over the world.

Download Not My IP – Free Online Protection Tool.

8) Freenet

Freenet is free tool that allows you to share files, browse, publish, and chat on forums, without fear of censorship anonymously. Freenet when used in “darknet” mode, where users only connect to their friends, is very difficult to detect. Communications by Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to determine who is requesting the information and what its content is. Supports Windows, Mac OS, Linux

Download Freenet for Windows, Mac OS and Linux

9) Freegate

Freegate is an anti-censorship tool that enables internet users from mainland China, Iran, Syria, Tunisia, Turkey and United Arab Emirates, to view blocked websites and content by their governments. The tool uses multiple open proxies allowing users to penetrate firewalls used to block web sites. Freegate works by tapping into an anti-censorship backbone, DynaWeb, DIT’s P2P-like proxy network system and FirePhoenix used most widely to get around China’s Great Firewall. Supports Windows OS only.

Download – Freegate to penetrate China’s Great Firewall

10) GPass

GPass is a highly advanced software that encrypts online data, hide IP address, and sidestep content filtering and monitoring using a number of secure channels to connect to the Internet and break through the Internet blockade. It encrypts the data sent on the internet, keeping your content safe. The tool allows accessing blocked websites by penetrating into the firewalls and bypassing network censorship. GPass supports streaming audio/video, email, instant messaging, download managers, as well as web surfing. Supports Windows.

Download GPass for Windows

11) JonDo

The JonDo anonymous proxy software protects your Internet access against observation from ISPs, websites and even against the anonymous proxy servers and their operators. Blogger can use it for publishing their views anonymously in order to avoid punishment, disadvantages at work.Supports Windows, Mac OS, Linux

Download JonDo for Windows Mac & Linux

12) UltraVPN

UltraVPN is a client/server SSL VPN solution based on OpenVPN. It encrypts and anonymizes your network connection.

UltraVPN Features

  • Watch streaming websites like hulu.com or favorite-tvshows.com
  • Access blocked websites from within a corporate environment
  • Connect or log in into MSN if it’s blocked
  • Use VoIP software like Skype if it’s blocked
  • Protect your email and browsing privacy

Download UltraVPN for Windows

13) GNUnet

GNUnet is a secure peer-to-peer networking tool that uses a service on top of the networking layer allowing anonymous file-sharing. The tool uses link-encrypted connections with stable bandwidth utilization to communicate between peers. GNUnet uses a simple, excess-based economic model to allocate resources.

Download GNUnet for Windows, Mac & Linux

14) Alonweb

VPN service offers to preserve anonymity on the web and encrypt the transferred data. VPN provides a secure connection, hides your real IP address and encrypts the transferred data (correspondence, passwords, sent files). Just register yourself for free anonymous web surfing. Free VPN service from Alonweb offers its users connection via two servers: Netherlands and Panama with some limitations (not for premium users) like – Only 1Gb of data traffic per month is available, maximum HTTP request size is 2Mb, heavy traffic consuming protocols and games are blocked.

Register yourself on Alonweb for free VPN

15) Your Freedom

Your Freedom VPN service that bypass restrictive firewalls, filter web proxies and hides network or IP address. Once installed you can easily penetrate into a firewall or a filtering web proxy and access blocked web pages. The tool allows you to stay anonymous, as your IP address is not logged with every access to someone’s web page. Nearly all applications work with Your Freedom, but make sure to have an Internet access entirely. It also allow you to play many online games like World of Warcraft, Second Life, Lineage 2, Final Fantasy XI, EVE Online and many more through web proxies. Supports Windows and Mac

Download Your Freedom to bypass firewalls & Filter web proxies

16) CyberGhost

CyberGhost conceals your IP address and completely protects your data transmissions from eavesdroppers. With 128-bit AES encryption, you can surf anonymously. Supports Windows OS only.

Download CyberGhost to surf anonymously

17) Loki Network Project

It is free VPN service and SSL based free VPN server to protect your private data like IP address, e-mail/FTP/HTTP passwords, web-sites visited, uploaded/downloaded files and etc. It also bypasses internet access limitations, if any. Public Loki VPN Service also protects data from being intercepted by various network sniffers in your LAN segment and safely bypass traffic interception and analyses on corporate, ISP or even country level firewall. Supports Windows only.

Download Loki Network Project to bypass any limitations in visiting web-sites or any other Internet services

18) Comdo EasyVPN

Free VPN software, Comodo EasyVPN uses 128 bit encryption providing you complete security right on top of Internet. EasyVPN allows you to create your own private ‘network-within-the-Internet’ that only the contacts you invite are able to view and use.

Features of Comodo EasyVPN

  • Access your PC from anywhereEasyVPN makes it simple to gain control of any machine in your network.
  • Security by Comodo – EasyVPN allows you to create your own private ‘network-within-the-Internet’ that only the contacts you invite are able to view and use.
  • Remote File and Printer Sharing – Creating an EasyVPN network allows you to exchange files and folders and even print to your local printer from any remote location.

Download Comodo EasyVPN 32 bit version | 64 bit version

19) Wippien

Wippien allows you to access your friends’ shares, printers, services, desktop, even ping them by providing an IP address. Wippien uses WeOnlyDo wodVPN component to establish P2P between peers, and then redirects all traffic from Virtual Network Adapter through wodVPN to remote side.

Download Wippien

botty

Click to enlarge

tv crime2Security researchers from Webroot, have spotted a new updated version of DIY (do it yourself) botnet kit Coded in Visual Basic Script 6.0, available for sale at selected underground communities. DIY is a very user-friendly tools allowing anyone an easy entry into the world of cybercrime, and securing their revenue streams thanks to the active advertisements of these tools across closed cybercrime friendly Web communities. The bot has a built-in pharming feature, a bit of an outdated approach for stealing accounting data compared to modern crimeware releases, but still highly effective on hosts where the user isn’t aware of how the process actually works.

Writing better CSS is something all web designers and developers should strive for, and thankfully there are some useful tools out there to help do just that. For this post, we’ve rounded up a collection of new tools to help you with your CSS. From learning new CSS3 properties, to making your code more efficient, there’s bound to be a few tools here you will find useful.

CSS3 Patterns Gallery

CSS3 Patterns Gallery lets you browse various CSS3 patterns as thumbnails or fullscreen and grab the code so you can use them on your own site.

PrefixMyCSS

PrefixMyCSS helps you save time by letting you write your properties one way. Paste in your code, pres the Prefix button and it adds all of the necessary vendor prefixes for you.

Layer Styles

Layer Styles is a HTML5 app for creating CSS3 in a intuitive way. The interface will remind you a lot of Photoshop.

Sencha Animator

Sencha Animator is a desktop app to create CSS3 animations for WebKit browsers and touchscreen mobile devices. Create rich experiences for today’s most popular devices.

The Web Font Combinator

The Web Font Combinator was created in order to preview web font combinations. There have been various printed collections of font examples that the reader can combine in order to see how a header and body font work together.

CSS Pivot

CSS Pivot lets you add CSS styles to any website, and share the result with a short link. You can also invite others to submit improvements for your website.

CSS Lint

CSS Lint is a tool to help point out problems with your CSS code. It does basic syntax checking as well as applying a set of rules to the code that look for problematic patterns or signs of inefficiency.

CSS Prism

CSS Prism lets you enter the URL of any site so you can view an modify its color spectrum.