Microsoft’s Wlsample tool for Windows Vista

Microsoft included a tool called “wlsample.exe” with the Windows Software Development Kit (SDK) for Windows Server 2008. This program allows a penetration tester to connect to a network without generating a saved profile. Microsoft has released source code for this...

nm2lp (NetMon to LibPcap)

While the NetMon UI has powerful features for analyzing packet captures, few attack tools include the ability to natively read from the NetMon stored capture file format. In order to leverage tools such as Aircrack-ng, coWPAtty and Cain for wireless analysis, the...

VistaRFMON

Monitor mode is a valued feature for both the wireless penetration tester and security analyst. It allows the penetration tester to disconnect from a network and capture all frames in the network with full IEEE 802.11 headers and associated detail. By cycling through...

Wlan2eth

Wlan2eth is a simple tool to convert packet captures in 802.11 format to Ethernet format. Lots of tools can only understand Ethernet link types, so I wrote this tool to convert captures to a format that they can understand. For each packet in an input 802.11 capture...

ssh_decoder.rb

Josh Wright has an article on decrypting SSH sessions based on the 2008 Debian OpenSSH vulnerability, with helpful hints on how to do it, and some patches to publicly available tools to make them work even better....

WeaponizedFlash.as

Kevin Johnson and Mike Poor released this weaponized flash action script, as part of their “Friendly Traitor: Our software wants to kill us” presentation series. GitHub https://github.com/inguardians/WeaponizedFlash