Welcome to Tarasco Security
Welcome to Tarasco
security. This website is managed by Andres Tarascó
and Miguel Tarascó Acuña
and our goal is to collect some of the security related tools that we have been
developing in the last years. These proof of concept tools and exploits were posted in the past in several places like Haxorcitos
These tools have been developed by us, and most of them include source code but
others are freeware (or we just lost the source code due to hard drive failure).
You are allowed to use this software at your own risk, mostly for security reviews, information
gathering or forensics.
If you want to check our advisories, tools and exploits
, please click into the tools section
or go to the exploit codes
section to view our our published exploit codes
As soon as we can, we will continue developing new features to our software, and
publishing some other interesting stuff, like lockpicking researchs ;-).
Updates and latest news:
+ Did you know Acrylic Wifi
?. Our team have developed several WiFi products that supports monitor mode capture under windows: a Free WiFi scanner and Channel Scanner
(Acrylic WiFi Free), advanced wifi analyzer
for troubleshooting wlan networks (Acrylic WiFi professional) and site survey wifi software and coverage analysis
(Acrylic WiFi Heatmaps). Risk assessment and pentration test versions will be available in the next months.
: Open Wireless Security Assessment methodology was developed by our team and is already released. Most content is still untraslated. Help us to improve owisam.
+ Follow us on Twitter
+ Updated Fhscan releases at Google Code
(Oct 2009 -updated).
+ FindPassword modification to allow to extract Novell passwords from winlogon memory (Oct 2009 -updated).
+ Fhscan Proxy - Our new tool for Web pentesting.
+ New version of Fast HTTP Vulnerability Scanner (FHScan).
+ New version (v1.2) of HTTP library (HTTPCORE).
+ Published Smbrelay3 attack tool for NTLM protocol.
+ Fscan HTTP Proxy developed. Improved Fscan core API
+ Fscan v1.0 project and Fscan HTTP Core API published
+ At this time Doxygen documentation for some applications have been added
+ Srvcheck version 3 published. This version allows scanning and attack methods