lolox: Windows

Showing posts with label Windows. Show all posts

Monday, January 23, 2017

Mozilla Firefox 51.0 Final + Portable

Title: Mozilla Firefox 51.0 Final + Portable
Author: KaranPC
Published: January 24, 2017 at 12:12AM
Source: KaranPC
Read More: Click Here

Freemake Video Converter Gold 4.1.9.73 + Portable

Title: Freemake Video Converter Gold 4.1.9.73 + Portable
Author: KaranPC
Published: January 24, 2017 at 12:15AM
Source: KaranPC
Read More: Click Here

Audials One 2017.0.30793.9300 [Latest]

Title: Audials One 2017.0.30793.9300 [Latest]
Author: KaranPC
Published: January 24, 2017 at 12:07AM
Source: KaranPC
Read More: Click Here

Core FTP Pro 2.2 Build 1887 [Latest]

Title: Core FTP Pro 2.2 Build 1887 [Latest]
Author: KaranPC
Published: January 23, 2017 at 06:11PM
Source: KaranPC
Read More: Click Here

Password Finder 8.0.0.31 + Portable [Latest]

Title: Password Finder 8.0.0.31 + Portable [Latest]
Author: KaranPC
Published: January 23, 2017 at 06:05PM
Source: KaranPC
Read More: Click Here

GOM Audio 2.2.6.0 Final + Portable

Title: GOM Audio 2.2.6.0 Final + Portable
Author: KaranPC
Published: January 23, 2017 at 05:46PM
Source: KaranPC
Read More: Click Here

MetaProducts Offline Explorer Enterprise 7.4.4560

Title: MetaProducts Offline Explorer Enterprise 7.4.4560
Author: KaranPC
Published: January 23, 2017 at 05:40PM
Source: KaranPC
Read More: Click Here

Capture One Pro 10.0.1 Build 23 [Latest]

Title: Capture One Pro 10.0.1 Build 23 [Latest]
Author: KaranPC
Published: January 23, 2017 at 05:33PM
Source: KaranPC
Read More: Click Here

Friday, December 9, 2016

Cortana for Android Revamped in UK; Update Coming to iOS Soon

Cortana, Microsoft's voice-based virtual assistant despite being highly skilled, has never received the kind of attention from users that Apple's Siri and Google Now, and Google Assistant enjoy.

In a move, which seems to aim at shaking things up a little, the Redmond-based company has now introduced a new UI design for its Android and iOS mobile apps with its latest update.

As of now, the company has only updated the Cortana app on Android but says that the iOS app will be updated "in coming weeks." Interestingly, the Cortana for Android and iOS updates have changed the primary colour on the mobile apps from blue to purple. Considering that Microsoft's virtual assistant had Blue as its primary colour since its launch, the company is seemingly trying to provide it with a fresh look. Apart from the change in primary colour the company has introduced several new changes to the UI to provide them with a "simplified look", as per the company.

"It's not just the look we've updated. The Cortana app is now faster so you can get what you need more quickly on the go," Microsoft said in its blog post.

Apart from the design changes, the company has also announced that the Cortana mobile apps for Android and iOS will now be made available in the UK as well. They were formerly only accessible in the US and China when launched in December last year.

The Cortana apps for Android and iOS allow users to set reminders, which are updated across platforms and help users remember their appointments. If users are unable to attend a call, the voice-based virtual assistant also sends back text to inform the contact that user is currently busy and will call back later. The Hey Cortana feature, similar to Ok Google, is only available on the Android platform.

The Cortana Android and iOS apps are coming to the UK currently. No details on further compatibility.

Download Cortana from the Google Play Store

Source: Windows Blog

Follow Me on Twitter>>>> @iamBhavish
And like us on Facebook>>> The Gud1

Sunday, June 2, 2013

[John the Ripper v1.8.0] Fast Password Cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.

John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.

Changelog v1.8.0

Revised the incremental mode to let the current character counts grow for each character position independently, with the aim to improve efficiency in terms of successful guesses per candidate passwords tested.
Revised the pre-defined incremental modes, as well as external mode filters that are used to generate .chr files.
Added makechr, a script to (re-)generate .chr files.
Enhanced the status reporting to include four distinct speed metrics (g/s, p/s, c/s, and C/s).
Added the “–fork=N” and “–node=MIN[-MAX]/TOTAL” options for trivial parallel and distributed processing.
In the external mode compiler, treat character literals as unsigned.
Renamed many of the formats.
Updated the documentation.
Relaxed the license for many source files to cut-down BSD.
Relaxed the license for John the Ripper as a whole from GPLv2 (exact version) to GPLv2 or newer with optional OpenSSL and unRAR exceptions.
Assorted other changes have been made.

Download John the Ripper v1.8.0

[Hashcat v0.45] Advanced Password Recovery

* changes v0.44 -> v0.45:

Release with some new algorithms:

AIX smd5
AIX ssha1, ssha256, ssha512
GOST R 34.11-94

We managed also to fix some bugs and implement some additional feature requests

Full changelog:

type: feature

file: hashcat-cli
desc: show status screen also when all hashes were recovered AND add start/stop time too

type: feature
file: hashcat-cli
desc: added -m 6300 = AIX {smd5}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6400 = AIX {ssha256}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6500 = AIX {ssha512}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6700 = AIX {ssha1}
cred: philsmd

type: feature
file: hashcat-cli
desc: added -m 6900 = GOST R 34.11-94
cred: Xanadrel

type: feature
file: hashcat-cli
desc: dropped predefined charsets ?h, ?F, ?G and ?R
trac: #55

type: feature
file: hashcat-cli
desc: added a collection of language-specific charset-files for use with masks
trac: #55

type: feature
file: hashcat-cli
desc: changed the E rule to lowercase all input before processing, its more intuitive
trac: #110

type: feature
file: rules
desc: added a more more complex leetspeak rules file from unix-ninja
trac: #112

type: feature
file: hashcat-cli
desc: changed outfile opts to line up with OCL style
trac: #120

type: feature
file: hashcat-cli
desc: --remove in combination w/ external salts should output plain hash files only (no salt)
trac: #153

type: bug
file: hashcat-cli
desc: fix progress line in status screen when all hashes were recovered

type: bug
file: hashcat-cli
desc: fix for some possible memory overflow problems

type: bug
file: hashcat-cli
desc: an external salt sort failure caused some hashes not to be checked against the digests
trac: #74

type: bug
file: hashcat-cli
desc: fixed a null-pointer dereference that can lead to a segmentation fault
trac: #104

type: bug
file: hashcat-cli
desc: fixed a bug if hashlist contains words with ascii character code >= 0x80
trac: #108

Download Hashcat v0.45

[Suricata 1.4.2] Next Generation Intrusion Detection and Prevention Engine

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of Mod Security fame for the OISF. This integrates and provides very advanced processing of HTTP streams for Suricata. The HTP library is required by the engine, but may also be used independently in a range of applications and tools.

Improvements

No longer force "nocase" to be used on http_host
Invalidate rule if uppercase content is used for http_host w/o nocase
Warn user if bpf is used in af-packet IPS mode
Better test for available libjansson version

Fixes

Fixed accuracy issues with relative pcre matching (#784)
Improved accuracy of file_data keyword (#788)
Invalidate negative depth (#770)
Fix http host parsing for IPv6 addresses (#761)
Fix fast.log formatting issues (#773)
Fixed deadlock in flowvar set code for http buffers (#801)
Various signature ordering improvements
Minor stream engine fix

Download Suricata 1.4.2

[Veil v1.2] A Payload Generator to Bypass Antivirus

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.

Veil was designed to run on Kali Linux, but should function on any system capable of executing python scripts. Simply call Veil from the command line, and follow the menu to generate a payload. Upon creating the payload, veil will ask if you would like the payload file to be converted into an executable by Pyinstaller or Py2Exe.

If using Pyinstaller, Veil will convert your payload into an executable within Kali.

If using Py2Exe, Veil will create three files:

payload.py - The payload file
setup.py - Required file for Py2Exe
runme.bat - Batch script for compiling the payload into a Windows executable

Move all three files onto your Windows machine with Python installed. All three files should be placed in the root of the directory Python was installed to (likely C:\Python27). Run the batch script to convert the Python script into an executable format.

Place the executable file on your target machine through any means necessary and don't get caught!

Download Veil v1.2

Wednesday, May 29, 2013

[Sandcat Browser 4.0] The fastest web browser with many useful security and developer oriented tools

Sandcat Browser, The fastest web browser with many useful security and developer oriented tools updated to version 4.0 with the fastest scripting language packed with features for pen-testers.

Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a dramatically improved user experience on several fronts.

Sandcat 4 adds several new pen-tester extensions as part of the new incarnation of its Pen-Tester Tools extension pack. This includes: a Request Loader, a XHR Editor, a XHR Fuzzer, a CGI Scanner, a HTTP Brute Force extension, enhanced request editors, enhanced script runners, and more.

New versions comes with a revamped and enhanced Live Headers. You can now view not only the request headers and response headers but the response of HTTP requests and XHR calls. The captured requests can be viewed, exported to and imported from individual files via its Live Headers bar.

It adds the ability to save the full request details of captured requests as part of a Sandcat Live Headers export file. Also Sandcat 4 comes with an enhanced version of the Sandcat Console, and it is now possible not only to add custom commands, but to create custom consoles.

You can read full change log.

Download Sandcat Browser 4.0

Monday, May 27, 2013

[Aircrack-ng 1.2 Beta 1] 802.11 WEP and WPA-PSK keys cracking tool

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Changelog summary

Compilation fixes on all supported OSes.
Makefile improvement and fixes.
A lot of fixes and improvements on all tools and documentation.
Fixed licensing issues.
Added a few new tools and scripts (including distributed cracking tool).
Fixed endianness and QoS issues.

Detailed changelog

* Airmon-ng: Added chipset information for ar9170usb, wl, rt2800usb, ar9271, wl12xx, RT3070STA, ath9k_htc, r871x_usb_drv, ath5k, carl9170 and various Intel drivers.
* Airmon-ng: Fixed chipset information ipw2200.
* Airmon-ng: Fixed output for r8187 driver.
* Airmon-ng: Improved chipset information for a few drivers.
* Airmon-ng: Support for displaying information about ath9k.
* Airmon-ng: Added 'check kill' to automatically kill services that could interfere.
* Airmon-ng: Fixed issues with Intel chipsets detection.
* Airmon-ng: Updated iw download link.
* Airmon-ng: Better mac80211 handling
* Airmon-ng: Added detection for WiLink TI driver, rtl819xU, iwlwifi.
* Airmon-zc: Improved version of Airmon-ng with more detailled information.
* Airdecap-ng: Fixed decoding QoS frames (Closes: #667 and #858).
* Airgraph-ng: Use Aircrack-ng Makefile instead of its own.
* Airbase-ng: Fixed bug using clients list.
* Airbase-ng: Fixed issue with QoS (ticket #760).
* Airbase-ng: Fixed sending beacons with null SSID.
* Airbase-ng: Allow non ASCII ESSID
* Airodump-ng: Fixed buffer overflow (ticket #728).
* Airodump-ng: Fixed channel parsing.
* Airodump-ng: Fixed FreeBSD battery reading.
* Airodump-ng: Renamed "Packets" column to "Frames" ("Packets" was not correct).
* Airodump-ng: Fixed XML bugs when outputting NetXML: ESSID containing '&' or chinese characters, when multiple encryption are used.
* Airodump-ng: Add alternative paths for Airodump-ng OUI file.
* Airodump-ng: Added GPSd 2.92+ support (JSON).
* Airodump-ng: Add option --manufacturer to display manufacturer column on airodump-ng.
* Airodump-ng: Add feature to show APs uptime (--uptime) based on the timestamp.
* Airodump-ng-OUI-update: Fixed OUI URL and allow CURL redirect (ticket #829).
* Airdrop-ng: removed .py from file names.
* Airdrop-ng: Fixed bug in installer.
* Airdrop-ng: Fixed OUI lookup.
* Airdrop-ng: Fixed bug when several BSSID have the same ESSID.
* Airdrop-ng: Doesn't constantly parse anymore, wait 5 seconds each time it parses.
* Airdrop-ng: Fixed crash when failing to get channel or when rules file didn't exist.
* Airdrop-ng: Fixed to use lorcon.py/lorcon2 libs.
* Airdrop-ng: Updated README.
* Airdrop-ng: Fixed error preventing update to work.
* Versuck-ng: New script to do the same thing as the kismet autowep plugin from the CLI.
* Aircrack-ng: Fixed counter display error when cracking WPA.
* Aircrack-ng: Added output of the WPA handshake to EWSA project file.
* Aircrack-ng: Added output of the WPA handshake to oclhashcat+ project file.
* Aircrack-ng: Added benchmark option, -S.
* Aircrack-ng: Fixed -u option.
* Aircrack-ng: PIC fix for hardened systems from Francisco Blas Izquierdo Riera (klondike)
* Aircrack-ng: Allow dictionaries larger than 2Gb.
* Aircrack-ng: Give a better message when there's an error with the dictionary.
* Aircrack-ng: Prevent a buffer overflow from happening (Wojciech Waga).
* Aireplay-ng: Added migration mode attack from Leandro Meiners and Diego Sor from Core Security (BlackHat Las Vegas 2010)
* Aireplay-ng, Airodump-ng: Added option to ignore issue with -1 channel.
* Airserv-ng: Fixed crash when clients disconnect.
* Besside-ng-crawler: Added EAPOL Crawler.
* Airdecloak-ng: Fixed bug when using pcap files with PPI headers.
* dcrack: Distributed cracking server/client
* wifi-detect.sh: reference script for testing wifi card detection using iwconfig vs ls /sys/class/net
* WPA Clean: Tool to merge and clean WPA capture files.
* Wireless Panda: C# Library to parse Airodump-ng output files (and added example project).
* OSdep (Linux): Setting fixed bitrates on mac80211 2.6.31 and up.
* OSdep (Linux): Added support for nl80211 thanks to impulse32. Use 'make libnl=true' to add netlink support (Ticket #1004).
* Manpages: Improvement and fixes for Airgraph-ng, Airodump-ng, packetforge-ng, Aircrack-ng
* Manpages: Fixed various spelling issues and single quote issues.
* Makefiles: Added tests for the different tools.
* Makefiles: Various fixes and improvements.
* Makefiles: Added support for libgrypt instead of OpenSSL via parameter.
* Patches: Added a few patches.
* Removed useless script: patchchk.
* Finally fixed licensing issues.
* Fixed endianness issues in most of the tools.
* Fixed cppcheck errors (Ticket #957).
* Fixed various compilation issues on Linux and Cygwin, GNU/Hurd, Darwin (OSX) and Sparc.
* Fixed compilation on recent gcc versions on Linux, Cygwin.
* Added instructions for Travis CI: Free Hosted Continuous Integration Platform for the Open Source Community.
* Added Readme.Md for GitHub. Aircrack-ng subversion repository is synced on GitHub: http://github.com/aircrack-ng/aircrack-ng
* Various other small bug fixes.

Download Aircrack-ng 1.2 beta 1

Thursday, May 23, 2013

[jSQL Injection v0.4] Java tool for automatic database injection

jSQL Injection is a lightweight application used to find database information from a distant server.

jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).

Version 0.4 features:

GET, POST, header, cookie methods
Normal, error based, blind, time based algorithms
Automatic best algorithm selection
Multi-thread control (start/pause/resume/stop)
Progression bars
Shows URL calls
Simple evasion
Proxy setting
Distant file reading
Webshell deposit
Terminal for webshell commands
Configuration backup
Update checker
Admin page checker
Brute forcer (md5 mysql...)
Coder (encode decode base64 hex md5...)
Supports MySQL

Download jSQL Injection v0.4

[Wireshark v1.10.0 RC2] The world’s foremost network protocol analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Changelog v1.10.0 RC 2

Wireshark 1.10.0rc2 has been released. Installers for Windows, OS X, and source code are now available. This is the first release candidate for Wireshark 1.10.0.

New and Updated Features

The following features are new (or have been significantly updated) since version 1.8:

Wireshark on 32- and 64-bit Windows supports automatic updates.
The packet bytes view is faster.
You can now display a list of resolved host names in “hosts” format within Wireshark.
The wireless toolbar has been updated.
Wireshark on Linux does a better job of detecting interface addition and removal.
It is now possible to compare two fields in a display filter (for example: udp.srcport != udp.dstport). The two fields must be of the same type for this to work.
The Windows installers ship with WinPcap 4.1.3, which supports Windows 8.
USB type and product name support has been improved.
All Bluetooth profiles and protocols are now supported.
Wireshark now calculates HTTP response times and presents the result in a new field in the HTTP response. Links from the request’s frame to the response’s frame and vice-versa are also added.
The main welcome screen and status bar now display file sizes using strict SI prefixes instead of old-style binary prefixes.
Capinfos now prints human-readable statistics with SI suffixes by default.
It is now possible to open a referenced packet (such as the matched request or response packet) in a new window.
Tshark can now display only the hex/ascii packet data without requiring that the packet summary and/or packet details are also displayed. If you want the old behavior, use -Px instead of just -x.
Wireshark can be compiled using GTK+ 3.
The Wireshark application icon, capture toolbar icons, and other icons have been updated.
Tshark’s filtering and multi-pass analysis have been reworked for consistency and in order to support dependent frame calculations during reassembly. See the man page descriptions for -2, -R, and -Y.
Tshark’s -G fields2 and -G fields3 options have been eliminated. The -G fields option now includes the 2 extra fields that -G fields3 previously provided, and the blurb information has been relegated to the last column since in many cases it is blank anyway.
Wireshark dropped the left-handed settings from the preferences. This is still configurable via the GTK settings (add “gtk-scrolled-window-placement = top-right” in the config file, which might be called /.gtkrc-2.0 or /.config/gtk-3.0/settings.ini).
Wireshark now ships with two global configuration files: Bluetooth, which contains coloring rules for Bluetooth and Classic, which contains the old-style coloring rules.

Full changelog: here

Download Wireshark v1.10.0 RC2

[SQLi Dorking] script en perl para búsqueda de SQLi

sqliDorking.pl es un script en Perl de Crozz Cyborg que busca páginas vulnerables a inyecciones SQL usando dorks de Google o Bing. También acepta lista de dominios.

Uso: sqliDorking.pl [-d/-bd ] -p [-l Links.txt] [-f Logs.txt]

Opciones:
-gd : Google Dork
-bd : Bing Dork
-l : Archivo con links para analizar
-p : Numero de paginas para buscar
-f : Archivo donde se guardaran los logs

Ejemplos de uso:
sqliDorking.pl -gd inurl:product.php?id= -p 3 -f VulneSQL.txt
sqliDorking.pl -l links.txt -f VulneSQL.txt
sqliDorking.pl -bd inurl:product.php?id= -p 3
sqliDorking.pl -l links.txt

Descargar SQLi Dorking

Monday, May 20, 2013

[Wireshark v1.8.7] The world’s foremost network protocol analyzer

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Changelog v1.8.7

What’s New

Bug Fixes

The following vulnerabilities have been fixed.

wnpa-sec-2013-23The RELOAD dissector could go into an infinite loop. Discovered by Evan Jensen. (Bug 8364, (Bug 8546) Versions affected: 1.8.0 to 1.8.6.
CVE-2013-2486
CVE-2013-2487
wnpa-sec-2013-24The GTPv2 dissector could crash. (Bug 8493) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-25The ASN.1 BER dissector could crash. (Bug 8599) Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14.
wnpa-sec-2013-26The PPP CCP dissector could crash. (Bug 8638) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-27The DCP ETSI dissector could crash. Discovered by Evan Jensen. (Bug 8231, bug 8540, bug 8541) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-28The MPEG DSM-CC dissector could crash. (Bug 8481) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-29The Websocket dissector could crash. Discovered by Moshe Kaplan. (Bug 8448, Bug 8499) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-30The MySQL dissector could go into an infinite loop. Discovered by Moshe Kaplan. (Bug 8458) Versions affected: 1.8.0 to 1.8.6.
wnpa-sec-2013-31The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan. (Bug 8464) Versions affected: 1.8.0 to 1.8.6.

The following bugs have been fixed:

The Windows installer and uninstaller does a better job of detecting running executables.
Library mismatch when compiling on a system with an older Wireshark version. (Bug 6011)
SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. (Bug 7359)
A console window is never opened. (Bug 7755)
GSM_MAP show malformed Packets when two IMSI. (Bug 7882)
Fix include and libs search path when cross compiling. (Bug 7926)
PER dissector crash. (Bug 8197)
pcap-ng: name resolution block is not written to file on save. (Bug 8317)
Incorrect RTP statistics (Lost Packets indication not ok). (Bug 8321)
Decoding of GSM MAP E164 Digits. (Bug 8450)
Silent installer and uninstaller not silent. (Bug 8451)
Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to placate recent autotools. (Bug 8452)
Wifi details are not stored in the Decryption Key Management dialog (post 1.8.x). (Bug 8446)
IO Graph should not be limited to 100k points (NUM_IO_ITEMS). (Bug 8460)
geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit field truncated to 23 bits. (Bug 8532)
IRC message with multiple params causes malformed packet exception. (Bug 8548)
Part of Ping Reply Message in ICMPv6 Reply Message is marked as “Malformed Packet”. (Bug 8554)
MP2T wiretap heuristic overriding ERF. (Bug 8556)
Cannot read content of Ran Information Application Error Rim Container. (Bug 8559)
Endian error and IP:Port error when decoding BT-DHT response message. (Bug 8572)
“ACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY” should be “ACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY”. (Bug 8575)
wireshark crashes while displaying I/O Graph. (Bug 8583)
GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded) incorrectly. (Bug 8596)
DTLS 1.2 uses wrong PRF. (Bug 8608)
RTP DTMF digits are no longer displayed in VoIP graph analysis. (Bug 8610)
Universal port not accepted in RSA Keys List window. (Bug 8618)
Wireshark Dissector bug with HSRP Version 2. (Bug 8622)
LISP control packet incorrectly identified as LISP data based when UDP source port is 4341. (Bug 8627)
Bad tcp checksum not detected. (Bug 8629)
AMR Frame Type uses wrong Value String. (Bug 8681)

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

AMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave, IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP, SIP, SSL/TLS, TCP, UA3G

New and Updated Capture File Support

Endace ERF, NetScreen snoop.

Full Changelog: here

Download Wireshark v1.8.7

Wednesday, May 15, 2013

[DEP Process Scanner] Tool to scan and show all the DEP enabled Processes

DEP Process Scanner is the free command-line tool to scan and show all the DEP enabled Processes.

Data Execution Prevention (DEP) is a security feature introduced since Windows XP SP2 onwards and designed to prevent an application executing code from a non-executable memory regions such as Stack or Data region. It is primarily intended to mitigate the successful execution of buffer overflow based exploits.

DEP runs in two modes: hardware-enforced DEP for CPUs that can mark memory pages as nonexecutable, and software-enforced DEP with limited protection for CPUs that do not have hardware support.

DEP Process Scanner currently detects only Software-enforced DEP and helps you to find Processes which have (Software based) DEP enabled/disabled.

Here is the list of things you can do with this tool,

Show all DEP enabled Processes
Show all Non-DEP or DEP disabled Processes
Check the DEP status of Process with the ID
Check the DEP status of Process with the name

Being a command-line tool makes it easy for automation. Also it can be handy tool for developers and researchers.

It is available in both 32-bit & 64-bit versions and works on all platforms starting from Windows XP to Windows 8.

Download DEP Process Scanner v1.0