The tools we've been chasing all those years

The security tools we chased together over the years.

Release: Zhe 2016-12-9 16:39 Category: Industry news Tags: hacking

Objective

Each period of time, will leave the memory of the Times-those years, we are chasing and passionate security tools, also is so.

In the age of asymmetric information, security tools are mostly spread within a small circle. The naïve Us (script boy), thought that the network is the lake, a perfect tool is your weapon-the road to see uneven roar, touched into the bright AH d.

Note: Because of the age, most of the tools have been stopped updating, and now can be found on the Internet may carry the back door, so this article does not provide

A D injection tool

Brief introduction

The first introduction is definitely a D injection tool. At that time, people were not very likely to use Sqlmap, or have never heard of. At that time, the most famous SQL injection detection tool is the D injection tool. In addition to the most basic injection detection, you can also inject the database table tables, fields and content. What's more, the D-injection tool also has a browser that accesses Google (which Google hasn't been blocked for years) and can see which domain names are injected and which are not. At the time of lack of information, a D injection tool in the hearts of the Chinese people as much as today's Metasploit.

Author

The author of a D injection tool is called a D, and the real name is unknown. Currently a D injection tool has stopped updating. A d is currently developing its own D-Shield firewall, and will usually dig holes.

Author Micro-Blog: http://weibo.com/d99net

Ming Boy

Brief introduction

The appearance of the Ming boy is more mysterious. It's said to have leaked it from the hacker's website. Ming Boy In addition to simple SQL injection detection and Google page injection point scanning, there are a variety of Webshell upload method (payload upload). In the past, the security of domestic web sites are generally, if Webshell can not upload the time, rely on the Ming boy to bypass the upload mechanism.

Author

It is said that the son of the author network name is called the Ming Boy, the real name is called Lin Xiaoming. The webmaster of Chinese hacker Bar (www.heikeba.com). As a result of the sale of online silver thief tool, Trojan virus and other hacker software, in 2007 by the public security organs arrested.

Chinese kitchen Knives

Brief introduction

If Metasploit is the representative tool of American hackers, then the Chinese kitchen knife is the pride of the people in mind. Remember when to go to the United States to school, the people there do not know the Chinese kitchen knife this tool. I gave them a demonstration at the time. A short back door, you can get the entire server permissions, and also be able to access the server directory, execute commands and other operations. The faces of the foreigners were completely wtf?!. There was only a full of pride in my heart. The official website of the chopper is http://www.maicaidao.com/, which is now closed.

Author

The author of the chopper, there are many sayings on the internet. Some say he is a retired veteran, some say he is a big hacker, hacked the Kuomintang server, and some people say he planted the back door in the tool, and even some people say he is one of 360 cloud Avira developers. So what do you think of it?

LCX

Brief introduction

LCX is one of the main tools to infiltrate or power the intranet. Once the other server 3389 port is closed, the first time to think of is LCX. Enter Webshell, upload lcx and cmd, and then cmd to open LCX for port forwarding, then turn on Remote Desktop Connection. Take a look at the familiar Windows Server interface, and don't mention how excited it is.

Author

Lion,huc (China Red Guest League), the founder of the real name is called Lin Yong. LCX is one of Lion's works. In 2011, Lion said he wanted to restructure Huc, but then he left. Some people say he ran to the stock, some people said he ran to open the company, even some people said he was pacified.

Lion's microblog: http://t.qq.com/coollion/.

Lion's QQ number: 21509

Royal Sword

Brief introduction

The sword is a website directory scanning tool. Previously through the SQL injection vulnerability to the Administrator account and password, the first time think of using the sword Scan the site, see if you can sweep to the back office address. To the back, the sword can not only scan the web directory, but also can search the same IP segment of the site, or C-segment of the site. The author made an update to the Royal Sword in 2014, and thereafter there was no thereafter.

Author

The author of the Royal Sword Scanner is called the Sword alone, and some people tell him to meet loneliness. QQ number is 343034656. It is said to be a member of the Tools security team. There is very little description of the author on the Internet, and we have no way to dig out more detailed information.

Streamer Scanning Device

Brief introduction

This tool can detect POP3, FTP, HTTP, SQL, SMTP, ipc$ and other vulnerabilities, and for a variety of vulnerabilities to design a different solution, can easily get the detected user password on the vulnerable system. At that time do LAN infiltration favorite with streamer. Junior High School, ran to the school room, streamer Open, the same network segment of the machine all scanned once. Teacher in the above lectures, we are in the following scan teacher computer various ports, can be happy!

Author

Have not heard of the streamer must have heard of the hacker small Banyan, once and lion together to participate in the Sino-US hacker War, from the name of the earthquake.

Web name: Little Banyan

Gender: Male

Date of birth: 1972

Marital Status: Married

Qualifications: Member of China CAD/CAM Association, senior Programmer

Representative works: Indiscriminate knives, streamer, snow, flow shadow.

Ice

Brief introduction

Now, due to the rapid development and improvement of the security industry, we can no longer see the large-scale Trojan horse transmission situation. At that time, 360 is just a number, little lion (rising poison PA) is still in charge, and the international anti-virus antivirus software is not ideal. At that time, casually on the site can be poisoned. In this case, the glacier was born. The glacier is a very good remote control software. This remote control software can not only generate backdoor procedures, but also real-time monitoring of broiler situation, such as the system version, whether online, whether there is a camera, IP address, physical address and so on. At that time, the 1433-port vulnerability has not been fully repaired. Everyone is free to use the glacier with the 1433-port scanner to automatically grab broilers. The glacier began with only 1.0 versions, and after a large number of people, several versions were developed, but the authors eventually stopped updating the ice-horse because of the huge impact. The glaciers at the time were very influential at home, and today's MSF has a fight.

Author

Screen name: Glacier, Trojan Glacier

Real name: Huangxin

Law school: Xidian University

Work: Network security site "security Focus"

Gender: Male

99, although the Trojan has been used in the middle of hackers, but most of the foreign Bo and bus and other Trojans, for some new novice hackers, understand the use of these software and skilled use of these software has undoubtedly become the "road to hackers" on the biggest problem, in addition these Trojans can be captured by anti-virus software , so that most domestic hackers do not want to use Trojans. While most of the domestic hackers are struggling to find a new foreign trojan, a Chinese own written Trojan quietly born, it is a glacier. At the beginning of the birth of the glacier with the localization and temporary anti-virus software can prevent the characteristics of quickly become the most widely used Trojan hackers. Glaciers should not belong to the ranks of the Trojan, according to the glacier author Huangxin said, he wrote the glacier is entirely on his own interest and the encouragement of netizens, initially just want to write a convenient remote control software, did not want to even into a China spread the most widely used hacker software.

Netfuke

Brief introduction

Netfuke is a previously well-known ARP spoofing tool. In the past if a site is very difficult to get down, the first idea is to the site server, C or the side of the site to the invasion to the right, and then to engage in an ARP spoofing. Earlier in the year, the URL of the firewall is not as popular and perfect as it is now, ARP spoofing is divided into minutes of things. At that time this tool is also commonly used to pack B weapon!

Author

The author tries to search for the tool author's information in Google's massive document, but without a single harvest.

Pangolin

Brief introduction

Before D, the pangolin (pangolin) Injection tool should be the first automated injection tool in Chinese history. This tool is available in a number of national languages. The Pangolin injection tool can not only get the basic information of the database, but also get the system version number of the server, database administrator name and other information.

Author

White Hat Zhao Wu everyone should be very unfamiliar, yes, he is the developer of Pangolin. Zhao Wu's network name is called Zwell. Currently working in Beijing White Hat Technology Co., Ltd. In fact, the pangolin injection tool has been updated, but it is no longer open to the outside.

Zhao Wu's Weibo: http://weibo.com/u/2033280760

Tangshan tastes not strong

Brief introduction

Before the virus antivirus software mainly rely on the signature to kill. At that time, which company's virus signature library full, which company's antivirus software on cow B. At that time what cloud Avira, behavior Avira also stay in the ideological stage. So at that time to grow a Trojan is very simple, change the characteristics of the virus can be. Tangshan flavor is not strong is a Windows under the file signature to adapt the tool. Use this tool to generate dozens of different signature versions of a virus, and then scan it again with antivirus software. A few of the remaining virus samples are "Poison King", basically has bypassed the anti-virus software signature Avira technology. Software is not really found, I only vaguely remember the software icon is a panda.

Author

Tangshan is not rich in the author is called Tangshan smell is not strong. It's 34 years old, has two baby daughters, and has stopped updating the tool for a long time. I will not paste his contact information here, but also wish the author a happy family!

Havij (carrot) SQL injection Tool

Brief introduction

Havij is a foreign charge of the SQL injection tool, but by the domestic users to break (Bao) solution (JU). The functionality of this tool is somewhat similar to the pangolin. In addition to the database information, some basic server system information is available.

Author

Havij's author is said to be gaurangthakor, but some people say that Gaurangthakor is only responsible for the release of Havij update information, here we can not verify. But what shocked me is that Havij is still being updated so far. It has now been updated to version 2016, and has become a free release.

WinSock Expert

Brief introduction

In those years, Burpsuit was just a fantasy. When it comes to grabbing a bag, the first thing that comes to mind is the Winsock Expert. More than 200 KB of software, but can clearly catch HTTP packets. For us at that time, the WinSock Expert is an artifact!

Author

The author of WinSock expert should be a foreigner, who is responsible for the Chinese and the finishing of the latter. It's just a very small tool and doesn't update it, nor does it describe the author. Here can only thank the author's silent pay.

Eval Bug-specific version

Early contact with the safety circle of the tool should be very familiar with, it is the basic prototype of Chinese kitchen knives. Control and manage the entire Web server through a simple word back door.

Author

The author of this tool is called the worm, netizens call him Cnxhack, is a member of the tools team, bug This version is based on the original author Lake2 (ERHU) developed version 1.0 modified, has stopped the update of the tool, the original author's mailbox number is [email protected].

Cain

Brief introduction

No Cain, no intranet. At that time, if you encounter the host network is the WINODWS system, the first time to think of is cain! It is very powerful, can network sniffing, network spoofing, crack encryption password, decode the scrambled password, display password box, display cache password and Analysis routing protocol, and even listen to others in the intranet to use VoIP to make calls. At that time, can dominate the hacker world of tools, in addition to Cain, no other!

Author

Cain's author is an Italian security engineer, named Massimiliano Montoro. The man also founded the oxid.it. He has detailed information about himself on the Linkdein.

Cyber Assassin

Brief introduction

The function and Cain of cyber assassins are somewhat similar. It can easily search out the shared host on the LAN, then scan the shared resources of shared machine, and guess the shared password, and its sniffer function can intercept the password of POP3, FTP and Telnet service used in LAN. The only update to the current tool is in 2015, the Network Assassin version 2.0.

Author

Speaking of Chen Weishan, probably everyone is not familiar with, but most people have heard of the day line this ID. Chen Weishan's network ID is called the day line. He engaged in the information security industry earlier, probably in 1996 years or so, belongs to the first generation of hackers in the domestic community, at that time we are still womb inside. He was the first to work in China Telecom, there are many rich experience in Internet entrepreneurship. The first Internet security Company in Shenzhen was established in 2000 with partners. At present, he is the founder of Tian-Ying education, mainly devoted to education industry.

Grey Dove

Brief introduction

In addition to supporting the forward connection, the software also supports reverse connection, that is, the client can automatically request the server connection, in addition to the camera control function. Jinshan software company in 2007 has accused the Gray pigeon is "a manufacturing virus, trafficking virus, virus training as one of the black industry chain", "harm more than 10 times times the panda burn Incense", and set out the position of the comprehensive suppression of gray pigeons. Grey Pigeon Studios Discontinued version updates, registered services, and closed the official website during the year. Common Ash pigeon-free techniques are: Shell compression, add flowers, modify the signature, modify the program entry point. There is also a free-to-kill version of the gray pigeons on the internet, and constantly updated. Because most do not kill the assembly processing, so the killing of its clients is more difficult, most anti-virus software can not recognize it as a virus.

Author

The author of the Grey Dove is Ge Jun. Say that the gray pigeon is a virus, to say it is a good remote control software, this thing still have to start with. In 1982, Ge Jun was born in Anqing, Anhui Province, an ordinary peasant family. As a child, academic performance is not good, but since the first exposure to computer games, it is infatuated with the computer. The back of his father is no help, learning is not good can not go to school, then how to do? To learn computer, then Ge Jun's father made a very wise decision, for the Ge Jun newspaper a computer training course. At that time, computer training courses also can not pay you what, almost is to open the machine, open the web and the like. A teacher told Ge Jun that you are now learning computer knowledge is only some application of things, if you want to really understand the computer, computer control, it must be good to learn programming. Ge Jun begged his father to buy a computer, of course, the last Ge Jun father agreed. Then Ge Jun on to buy a lot of programming books to start learning. Slowly, the programming foundation also has, but Ge Jun found the school's computer is always in the virus, the Curiosity Drive lets Ge Jun write the first own computer virus----------------------------- Ge Jun didn't think so much at the time, just to think of it as a remote control software, the results posted on the Internet and many people use it as a virus. At that time the domestic anti-virus software manufacturers are not happy, said I want to treat you as a virus. Ge Jun Heart estimated there thousands grass mud horse flew over, thought the Labor and management website are open, ready to sell software, you have my things as a virus killing? This time the gray Dove program comes with signature changes, flower instructions and other kill-free technology. Security manufacturers A look at the technology fight, then how to do? Find the media. After extensive media exposure, gray pigeons stopped updating and the site was closed. Until 2013, the Grey Pigeon related (TM) trademark was registered by Weifang Gray Dove Security Engineering Co., Ltd., which aims to develop grey pigeons into a reasonable and regular remote control software. The official website of the Grey Pigeon is http://www.hgzvip.net and is currently available for normal access.

End

There are many popular safety tools, such as white gold 1433 chicken tools, digging chickens and so on, this article can only be considered as a catalyst.

Some of the stories haven't been finished yet.

Those feelings in the years have been difficult to distinguish between true and false

Now there are no flowers in the weeds

Fortunately, I had your spring and winter and summer.

They're old, aren't they?

Fortunately, I was with them.

And then the "hacker", some have already married to enjoy the family, some have embarked on the peak of life, some in prison looking at this life ... in a sense, it is the security tools they write, it is today China's booming information security industry. Even if they leave this circle, the sentiment has been preserved forever in the tool, hidden in a corner of the internet.

The hacker sites that we've been together for years http://www.cnblogs.com/test404

The tools we've been chasing all those years