[ImageCacheViewer] View images in the cache of your Web browser

ImageCacheViewer is a simple tool that scans the cache of your Web browser (Internet Explorer, Firefox, or Chrome), and lists the images displayed in the Web sites that you recently visited. 

For every cached image file, the following information is displayed: URL of the image, Web browser that was used to visit the page, image type, date/time of the image, browsing time, and file size. 

When selecting a cache item in the upper pane of ImageCacheViewer, the image is displayed in the lower pane, and you can copy the image to the clipboard by pressing Ctrl+M.

System Requirements And Limitations

• This utility works in any version of Windows, starting from Windows XP and up to Windows 8. Both 32-bit and 64-bit systems are supported.
• The following Web browsers are supported: Internet Explorer, Mozilla Firefox, SeaMonkey, and Google Chrome.
• ImageCacheViewer won't work if you configure your Web browser to clear the cache after closing it.
• It's recommended to close all windows of your Web browser before using ImageCacheViewer, to ensure that all cache files are saved to the disk.

Start Using ImageCacheViewer

ImageCacheViewer doesn't require any installation process or additional DLL files. In order to start using it, simply run the executable file - ImageCacheViewer.exe

After running ImageCacheViewer, it begins to scan the cache of your Web browser, and displays all cached images from Web sites you visited in the last day. If you want to get images from other days, you can remove or change the last 1-day filter from the 'Advanced Options' window (F9).

After the scanning process is finished, you can also watch the image in the lower pane of ImageCacheViewer, by selecting the desired item in the upper pane.

If from some reason ImageCacheViewer fails to detect the cache of your Web browser properly, you can go to 'Advanced Options' window (F9), and choose the desired cache folders to scan for each Web browser.

Download ImageCacheViewer

[Sandcat Browser 4.4] The fastest web browser combined with the fastest scripting language packed with features for pen-testers

Sandcat Browser is the fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support.

Some of its unique features include:

• Live HTTP Headers — built-in live headers with a dedicated cache per tab and support for preview extensions
• Sandcat Console — an extensible command line console; Allows you to easily run custom commands and scripts in a loaded page
• Resources tab — allows you to view the page resources, such as JavaScript files and other web files.
• Page Menu extensions — allows you to view details about a page and more.
• Pen-Tester Tools — Sandcat comes with a multitude of pen-test oriented extensions. This includes a Fuzzer, a Script Runner, HTTP & XHR Editors, Request Loader, Request Replay capabilities and more.

Features inherited from Chromium include:

• Multi-Process Architecture — each tab is its own process
• Developer Tools — in addition to the Chromium Developer Tools, Sandcat comes with a Source Code Editor and its own JavaScript and Lua consoles.

Download Sandcat Browser 4.4

Tor Browser Bundle 3.5

The 2.x stable series of the Tor Browser Bundle has officially been deprecated, and all users are encouraged to upgrade to the 3.5 series.

Packages are now available from the Tor download page as well

as the Tor Package archive.

For now, the Pluggable Transports-capable TBB is still a separate package, maintained by David Fifield.

For people already using TBB 3.5rc1, the changes are not substantial, and are included below.

However, for users of TBB 2.x and 3.0, this release includes important security updates to Firefox. All users are strongly encouraged to update immediately, as we will not be making further releases in the 2.x or 3.0 series.

In terms of user-facing changes from TBB 2.x, the 3.x series primarily features the replacement of Vidalia with a Firefox-based Tor controller called Tor Launcher. This has resulted in a vast decrease in startup times, and a vast increase in usability. We have also begun work on an FAQ page to handle common questions arising from this transition -- where Vidalia went, how to disable JavaScript, how to check signatures, etc.

The complete changelog for the 3.x series describes the changes since 2.x.

The set of changes since the 3.5rc1 release is:

• All Platforms
• Update Tor to 0.2.4.19
• Update Tor Launcher to 0.2.4.2
  • Bug 10382: Fix a Tor Launcher hang on TBB exit
• Update Torbutton to 1.6.5.2
• Misc: Switch update download URL back to download-easy    

Download Tor Browser Bundle 3.5

[WhiteHat Aviator] The Web’s most secure and private browser

A few weeks have passed and we’ve had an overwhelmingly positive response from the community for the Aviator Beta. As you can probably expect, the vast majority of comments we received were around building a Windows version or a Linux version. But in the mean time, we wanted to make sure we continued iterating on some of the bugs that have floated in. Aviator version 1.2 has the following changes:

• Fixed gate keeper – unidentified developer code signing issue
• Fixed crash issue with Mac version 10.6
• Fixed plugins installation issue (correcting an error in the User Agent)
• Fixed broken images while adding new user in settings page
• Fixed typo issue in the Protected mode message popup
• Permissions fixed to be safer and less permissive

Download WhiteHat Aviator

[Browser Password Decryptor v5.5] Software to instantly recover website login passwords stored by popular web browsers

Browser Password Decryptor is the FREE software to instantly recover website login passwords stored by popular web browsers.

Currently it can recover saved login passwords from following browsers.

Firefox Internet Explorer Google Chrome Google Chrome Canary/SXS CoolNovo Browser Opera Browser Apple Safari Comodo Dragon Browser SeaMonkey Browser Flock Browser

For command-line version, check out our new tool - Browser Password Dump. Features: Instantly decrypt and recover stored encrypted passwords from popular web browsers. Right Click Context Menu to quickly copy the password Recover password of any length and complexity. Automatically discovers all supported Applications and recovers all the stored passwords. Sort feature to arrange the recovered passwords in various order to make it easier to search through 100's of entries. Save the recovered password list to HTML/XML/Text file Easier and faster to use with its enhanced user friendly GUI interface. Support for local Installation and uninstallation of the software.    Download Browser Password Decryptor v5.5

[Syhunt Sandcat Browser v4.1] A Penetration-oriented browser (extented to Web Application Assessment)

Sandcat Browser 4 brings unique features that are useful for pen-testers and web developers. Sandcat is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support.

Features

• Live HTTP Headers — built-in live headers with a dedicated cache per tab and support for preview extensions
• Sandcat Console — an extensible command line console; Allows you to easily run custom commands and scripts in a loaded page
• Resources tab — allows you to view the page resources, such as JavaScript files and other web files.
• Page Menu extensions — allows you to view details about a page and more.
• Pen-Tester Tools — Sandcat comes with a multitude of pen-test oriented extensions. This includes a Fuzzer, a Script Runner, HTTP & XHR Editors, Request Loader, Request Replay capabilities and more.

Pentesting tools

• Cookies and Cache Viewers
• JavaScript Executor extension — allows you to load and run external JavaScript files
• Lua Executor extension — allows you to load and run external Lua scripts
• Page Menu extensions — allows you to view the page headers, cookies, whois information and more
• Request Editor extension with request loading capabilities
• Request Editor (Low-Level version)
• Request Viewer — allows you to view details about a request or replay a request.
• Ruby Console extension
• Sandcat Tasks (Extensions that run as isolated processes):
  • Fuzzer extensions with multiple modes and support for filters
  • CGI Scanner extension
  • HTTP Brute Force
• Script Runner extension — can execute scripts in a variety of languages
• Tor Button extension — Anonymity for standard browsing
• XHR Editor
• Various Encoders/Decoders, new Sandcat Console commands, security related search engine options, and more

Web application hacking is based on QuickInject

QuickInject is an extensive toolkit for manual web application security assessment. QuickInject allows to tailor injection requests that you can send or load using Sandcat, and can be used for performing a number of different operations, such as URL and POST Data Manipulation, Filter Evasion, as well as Referer and User-Agent Spoofing, and HTTP Header Manipulation. In addition to the capability to build requests, QuickInject can also be used to execute JavaScript in a loaded page. The first release of QuickInject is focused on File Inclusion, XSS and SQL Injection and comes with the following options:

• SQL Injection functions
  • Filter Evasion – Database-Specific String Escape (CHAR & CHR). Conversion of strings to quoted strings, conversion of spaces to comment tags or new lines
  • Filter Evasion (MySQL-Specific) – String Concatenation, Percent Obfuscation & Integer Representation (eg: ’26′ becomes ‘ceil(pi()*pi())*(!!!pi()+true)+ceil(@@version)’, a technique presented by Johannes Dahse).
  • UNION Statement Maker
  • Quick insertion of common injections covering DB2, Informix, Ingres, MySQL, MSSQL, Oracle & PostgreSQL
• File Inclusion functions
  • One-Click Log Poisoning
  • Quick Shell Upload code generator
  • PHP String Escape (chr)
• Cross-Site Scripting (XSS) functions
  • Filter Evasion – JavaScript String Escape (String.fromCharCode), CSS Escape
  • Various handy alert statements for testing for XSS vulnerabilities.
• Hash functions
  • MD5 Hash Crackers – Built-in (offline) and online MD5 hash crackers
  • Hash Generators – MD5, SHA-1, SHA-2 (224, 256, 384 & 512), GOST, HAVAL (various), MD2, MD4, RIPEMD (128, 160, 256 & 320), Salsa10, Salsa20, Snefru (128 & 256), Tiger (various) & WHIRLPOOL
• Encoders/Decoders
  • URL Encoder/Decoder
  • Hex Encoder/Decoder – Converts a string or integer to hexadecimal or vice-versa (multiple output formats supported).
  • Base64 Encoder/Decoder
  • CharCode Converter – Converts a string to charcodes (eg: ‘abc’ becomes ’97,98,99′) or vice-versa.
  • IP Obfuscator – Converts an IP to dword, hex or octal.
  • JavaScript Encoders – Such as JJEncode by Yosuke HASEGAWA
• HTML functions
  • HTML Escape/Unescape
  • HTML Entity Encoder/Decoder – Decimal and hexadecimal HTML entity encoders & decoders
  • JavaScript String Escape
• Text Manipulation functions – Uppercase, Lowercase, Swap Case, Title Case, Reverse, Shuffle, Strip Slashes, Strip Spaces, Add Slashes, Char Separator
• Time-Based Blind Injection code – Covering MySQL, MSSQL, Oracle, PostgreSQL, Server-Side JavaScript & MongoDB
• CRC Calculators – CRC16, CRC32, CRC32b, and more.
• Classical Ciphers – ROT13 & ROT[N]
• Checksum Calculators – Adler-32 & Fletcher
• Buffer Overflow String Creator
• Random String & Number Generation functions
• URL Splitter
• Useful Strings – Math, character sets and more.

Download Syhunt Sandcat Browser v4.1

[Browser Password Dump] Tool to instantly recover your lost password from all the popular web browsers

Browser Password Dump is the free command-line tool to instantly recover your lost password from all the popular web browsers.

Currently it can recover stored web login passwords from following browsers.

• Firefox
• Internet Explorer
• Google Chrome
• Chrome Canary/SXS
• CoolNovo Browser
• Opera Browser
• Apple Safari
• Flock Browser
• SeaMonkey Browser
• Comodo Dragon Browser

It automatically discovers installed applications on your system and recovers all the stored web login passwords within seconds.

Download Browser Password Dump v1.0

[Browser Password Decryptor v5.0] Browser Password Recovery Tool

Browser Password Decryptor is the FREE software to instantly recover website login passwords stored by popular web browsers.

Currently it can recover saved login passwords from following browsers.

Firefox Internet Explorer Google Chrome Google Chrome Canary/SXS CoolNovo Browser Opera Browser Apple Safari Comodo Dragon Browser SeaMonkey Browser Flock Browser

It has both GUI interface as well as command line version making it more useful for Penetration testers and Forensic investigators. Download Browser Password Decryptor v5.0

[HconSTF Pentest Browser] Open Source Penetration Testing / Ethical Hacking Framework

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

Download HconSTF Pentest Browser v0.5