exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 123

Files from van Hauser

American Fuzzy Lop plus plus 4.05c

Posted Jan 6, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 3 updates to afl-fuzz, one update to afl-showmap/afl-cmin, unicorn_mode updated, updated rust custom mutator dependencies and LibAFL custom mutator, and several minor bugfixes. Some libraries stopped working on macOS.

tags | tool, fuzzer

systems | unix

SHA-256 | 5a2a7e94690771e2d80d2b30a72352e16bcc14f2cfff6d6fc1fd67f0ce2a9d3b

Download | Favorite | View

American Fuzzy Lop plus plus 4.04c

Posted Oct 11, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Fixed gramatron and grammar_mutator build scripts. Enhancements to the afl-persistent-config and afl-system-config scripts. Forced writing all stats on exit for afl-fuzz. Make gcc_mode (afl-gcc-fast) work with gcc down to version 3.6 for afl-cc. Fixed 10x speed degradation in v4.03c and added qemu_mode/fastexit helper library for qemu_mode. Enabled tricore arch and updated Capstone version in Rust bindings for unicorn_mode. AFL runtime will always pass inputs via shared memory, when possible, ignoring the command line in llvm-mode.

tags | tool, fuzzer

systems | unix

SHA-256 | 979ae35bc9a06f5283240955762ac69ea91f36a519ec6521b4ee48d2bcea53c2

Download | Favorite | View

American Fuzzy Lop plus plus 4.03c

Posted Sep 21, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 2 changes to afl-fuzz. 6 changes to afl-cc. 1 change to qemu_mode. 3 changes to unicorn_mode. A handful of other changes as well.

tags | tool, fuzzer

systems | unix

SHA-256 | 22b6f9a7627fe44c2fef014a485af2e8dbb971d22884e9ed86c9286b93ccbd1e

Download | Favorite | View

Hydra Network Logon Cracker 9.4

Posted Sep 8, 2022

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian. Small fix for weird RTSP servers. Added "2=" optional parameter to http-post-form module to tell hydra that a "302" HTTP return code means success. Replaced wait3 with waitpid for better compatibility.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | c906e2dd959da7ea192861bc4bccddfed9bc1799826f7600255f57160fd765f8

Download | Favorite | View

American Fuzzy Lop plus plus 4.02c

Posted Aug 8, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: In afl-cc, an important fix was added for the default pcguard mode when LLVM IR vector selects are produced. frida_mode now works on Android. A few additional bug fixes.

tags | tool, fuzzer

systems | unix

SHA-256 | 55bf55c23ad3af98ba8b098c490b16c7d59a4f5cf7ca284cdbc46d065973c862

Download | Favorite | View

American Fuzzy Lop plus plus 4.01c

Posted Jun 28, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: New custom_mutator libafl with token fuzzing. A dozen changes made to afl-fuzz, four changes to afl-cc, and a few additional updates to other functionality.

tags | tool, fuzzer

systems | unix

SHA-256 | 4a0b42a62272c8f07cfba8f5f2fc43a5c072a30d0dbee47732bb2f06ecd7e44f

Download | Favorite | View

Hydra Network Logon Cracker 9.3

Posted Feb 3, 2022

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added support for Xcode compilation and new module cobaltstrike. Fixed ssh to support -M or ip/rangeix, rdp to detect empty passwords, http-form to no send empty headers, http on non-default ports when using with a proxy for vnc/cisco/, support IPv6 addresses in -M, and more.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 3977221a7eb176cd100298c6d47939999a920a628868ae1aceed408a21e04013

Download | Favorite | View

American Fuzzy Lop plus plus 4.00c

Posted Jan 27, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changesincluding a complete documentation restructuring, changes to unicorn_mode, afl-fuzz, and more.

tags | tool, fuzzer

systems | unix

SHA-256 | f427294ed674e37d34a1b756a2190de17937e046ef21abb3ae37bba018a760f1

Download | Favorite | View

American Fuzzy Lop plus plus 3.14c

Posted Jul 19, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changes applied across afl-fuzz, frida_mode, afl-cc, and other functionality.

tags | tool, fuzzer

systems | unix

SHA-256 | 36552e3aac5c390dfec4f75d0dd60dc802c3e97b8baf042aa1edb6529dba0766

Download | Favorite | View

American Fuzzy Lop plus plus 3.13c

Posted Jun 1, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: frida_mode added. Created a fuzzing dictionary. Updated the grammar custom mutator to the newest version. Dozens of changes applied across afl-fuzz and afl-cc.

tags | tool, fuzzer

systems | unix

SHA-256 | 7b0d5b17acb38c19878865b91a26ec718fa0ef53363473240c7cfbdbed356f7f

Download | Favorite | View

American Fuzzy Lop plus plus 3.12c

Posted Mar 24, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Improvements to afl-fuzz, afl-cc, qemu_mode, and unicorn_mode. Added DEFAULT_PERMISSION to config.h for all files created with 0600 setting.

tags | tool, fuzzer

systems | unix

SHA-256 | 0240d34a2f99d157063e31d0c2d2801a68bc015e09187d9cc197637ec8fda635

Download | Favorite | View

American Fuzzy Lop plus plus 3.11c

Posted Mar 16, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Improvements to afl-fuzz, afl-cc, qemu_mode, and afl-cmin.

tags | tool, fuzzer

systems | unix

SHA-256 | dafe8bf08096a9dd5c5307cc38439fa9ac3b5ead595b261dd9e01ddefd2fed0a

Download | Favorite | View

Hydra Network Logon Cracker 9.2

Posted Mar 15, 2021

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fix for http-post-form optional parameters. Enabled gcc 10 support for xhydra. IPv6 support for Host: header for http based modules. Various other updates.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 1a28f064763f9144f8ec574416a56ef51c0ab1ae2276e35a89ceed4f594ec5d2

Download | Favorite | View

jpeg-xl 0.3.1 Memory Corruption

Posted Mar 3, 2021

Authored by van Hauser

jpeg-xl versions 0.3.1 and below were found to be susceptible to multiple memory corruption vulnerabilities.

tags | advisory, vulnerability

advisories | CVE-2021-27804

SHA-256 | 88a2e8c35473583ff227ac25aed5b91871c704470af0151b0497a97f74173d3b

Download | Favorite | View

American Fuzzy Lop plus plus 3.10c

Posted Mar 1, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Mac OS ARM64 support. Android support fixed and updated. Over a dozen other updates and improvements.

tags | tool, fuzzer

systems | unix

SHA-256 | 162148cb689565aa3facf63edacf85555fe2403151a0c65479ee9303639bb7f8

Download | Favorite | View

American Fuzzy Lop plus plus 3.0c

Posted Dec 15, 2020

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of updates and improvements.

tags | tool, fuzzer

systems | unix

SHA-256 | 75a2cd6c9e14d4160defcf4899c6d654eba9ae1aad2b2c850bb165c84ee763bb

Download | Favorite | View

THC-IPv6 Attack Tool 3.8

Posted Dec 1, 2020

Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: This release fixes several bugs.

tags | tool, protocol

systems | unix

SHA-256 | b60be61a8b0a944a66e3b719704b4c03c1bc2c22f32d5d21e99e434c82a9d769

Download | Favorite | View

American Fuzzy Lop plus plus 2.68c

Posted Nov 19, 2020

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Added the GSoC excellent afl++ grammar mutator by Shengtuo. A few QOL changes for Apple and its outdated gmake. Various other updates and improvements.

tags | tool, fuzzer

systems | unix

SHA-256 | 862e155c97737770baa26ffedf324a7fa255b757c85b0c9a6f312264f2ca29c5

Download | Favorite | View

Hydra Network Logon Cracker 9.1

Posted Jul 29, 2020

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Enabled gcc 10 support for xhydra. Fixed crash in MD5 auth for rtsp. New module for smb2 which also supports smb3. Various other updates.

tags | tool, web, cracker, imap

systems | cisco, unix

SHA-256 | ce08a5148c0ae5ff4b0a4af2f7f15c5946bc939a57eae1bbb6dda19f34410273

Download | Favorite | View

Hydra Network Logon Cracker 9.0

Posted May 17, 2019

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Revamped rdp module to use FreeRDP library. Added memcached module. Added mongodb module. Various other updates.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 56672e253c128abaa6fb19e77f6f59ba6a93762a9ba435505a009ef6d58e8d0e

Download | Favorite | View

Hydra Network Logon Cracker 8.9.1

Posted Feb 27, 2019

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Clarification for rdp error message. CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 7c615622d9d22a65b007e545f2d85da06c422a042f720bd6c5578a1844dec40e

Download | Favorite | View

THC-IPv6 Attack Tool 3.6

Posted Jan 9, 2019

Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Added error check for openssl BN_ functions (thanks to lc3412). Added support for global destinations for dump_dhcp6. Added new connect6 tool. Various updates and bug fixes.

tags | tool, protocol

systems | unix

SHA-256 | ac3570564999e55c8e8d7aea8b67c398a3b7059f6d03235ab851af9497c38e68

Download | Favorite | View

THC-IPv6 Attack Tool 3.4

Posted Jan 9, 2018

Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Added new function to thc-ipv6-lib. Added RA guard bypass attack. Various updates and bug fixes.

tags | tool, protocol

systems | unix

SHA-256 | ca43866f0090ffc6f4fe3af166ed1eb705e8a4f418b8644a4e288a486971d90c

Download | Favorite | View

Hydra Network Logon Cracker 8.6

Posted Jul 22, 2017

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added radmin2 module by catatonic prime. SMB module now checks if SMBv1 is supported by the server and if signing is required. http-form module now supports URLs up to 6000 bytes. Various other updates.

tags | tool, web, cracker, imap

systems | cisco, unix

SHA-256 | bba5cc534430055871650418688d8bd274553666faeff961389712559b5bfd4e

Download | Favorite | View

Hydra Network Logon Cracker 8.5

Posted May 4, 2017

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New command line option. Changed the format of the restore file to detect cross platform copies. Various bug fixes.

tags | tool, web, cracker, imap

systems | cisco, unix

SHA-256 | 557ab284f877aa6c8a26f7491c0373a84836593e5e0ca141b327035e7937dd6d

Download | Favorite | View