Nagios XI (System and Network Monitoring) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="Nagios Logo" border="0" height="139" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijPJbT23GqEsND51gYYV9dlritrv4VMN0Y_kXrjsPpMF35HF9jV7QqyVxhKZU5jyF825HFNPBEghQzSXXvo9xLLhE3Hc1ybP9g6HiYYyh2rdXCLL-4OPuEAaCQhLgw9nJ8CBXoG1BT6l5L/s1600/xi-logo-large.png" title="Nagios Logo" width="320" /></div><b>Nagios XI </b>is a system and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">network monitoring</a> application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method).</div><div style="text-align: justify;"><b>With Nagios you can:</b> </div><ul style="padding-left: 25px;"><li>Monitor your entire IT infrastructure</li> <li>Spot problems <i>before</i> they occur</li> <li>Know immediately when problems arise</li> <li>Share availability data with stakeholders</li> <li>Detect security breaches</li> <li>Plan and budget for IT upgrades</li> <li>Reduce downtime and business losses</li> </ul><div style="text-align: justify;"><br /> </div><h3 style="text-align: justify;">Tutorials ::</h3><div style="text-align: justify;"><b>Text Tutorials :: </b><a href="http://library.nagios.com/library/products/nagiosxi/tutorials/" target="_blank">Click Here </a> </div><div style="text-align: justify;"><b>Documentation :: </b><a href="http://library.nagios.com/library/products/nagiosxi/documentation" target="_blank">Click Here</a> </div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/mXUxXV17Nd4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"> </div><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Windows | Linux  :: </b><a href="http://library.nagios.com/library/products/nagiosxi/downloads/main" target="_blank">Nagios XI</a><b> </b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://www.nagios.org/">http://www.nagios.org/</a></div>

Nagios XI (System and Network Monitoring) :: Tools

Nagios XI is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad ...

Read more »

Argus (Auditing Network Activity) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="Argus Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB9EePKFj7bOOAmUlulpXxUps3bKmylywSIIPNjOKR95TlmXfzBpotmDPvTpombemgv5gs8g-qGAFLcjAB8y7S0iSCjatcaY9LTAFt-OoP0EOMiONWPCNZ_119wIkga4ZTRn1ILz9jhpfa/s1600/ArgusOptimizationCycle.gif" title="Argus Logo" /></div> <div style="text-align: justify;"> <b>Argus</b> is a fixed-model Real Time Flow <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">Monitor</a> designed to track and report on the status and performance of all network transactions seen in a data <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.</div> <div style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> <b>Argus </b>is composed of an advanced comprehensive network flow data generator, the<b> Argus</b> sensor, which processes packets (either capture files or live <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> data) and generates detailed network flow status reports of all the flows in the packet stream. Argus captures much of the packet dynamics and semantics of each flow, with a great deal of data reduction, so you can store, process, inspect and <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyze</a> large amounts of network data efficiently. <b>Argus</b> provides reachability, availability, connectivity, duration, rate, load, good-put, loss, jitter, retransmission, and delay metrics for all network flows, and captures most attributes that are available from the packet contents, such as L2 addresses, tunnel identifiers (MPLS, GRE, ESP, etc...), <a href="http://www.toolwar.com/search/label/IDS" target="_blank">protocol ids</a>, SAP's, hop-count, options, L4 transport identification (RTP, RTCP detection), host flow control indications, etc...</div> <div class="plaintext" style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> Argus is used by many sites to generate network activity reports for every network transaction on their networks. The network audit data that <b>Argus</b> generates is great for <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a>, operations and performance management. The data is used for network forensics, non-repudiation, network asset and service inventory, behavioral baselining of server and client relationships, detecting covert channels, and analyzing Zero day events.</div> <div class="plaintext" style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> Argus is an Open Source project, currently running on <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X,</a> <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, Solaris, FreeBSD, OpenBSD, NetBSD, AIX, IRIX, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (under Cygwin) and OpenWrt, and has been ported to many hardware accelerated platforms, such as Bivio, Pluribus, Arista, and Tilera. The software should be portable to many other environments with littleor no modifications. Performance is such that auditing an entire enterprise's Internet activity can be accomplished using modest computing resources.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>How To :: </b><a href="http://www.qosient.com/argus/howto.shtml" target="_blank">Click Here</a><b><br /></b></div> <b>Wiki :: </b><a href="http://nsmwiki.org/index.php?title=Argus" target="_blank">Click Here</a><br /> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux ::  </b><a href="http://qosient.com/argus/src/argus-3.0.6.1.tar.gz" target="_blank">Argus v3.0.6.1</a><b> | </b><a href="http://qosient.com/argus/src/argus-clients-3.0.6.2.tar.gz" target="_blank">Argus v3.0.6.1 Client</a><b> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.qosient.com/argus/">http://www.qosient.com/argus/</a><b><br /></b></div> <div style="text-align: justify;"> <br /></div>

Argus (Auditing Network Activity) :: Tools

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions s...

Read more »

Fiddler (Web Debugger Proxy) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoMGV0ZYokZLN2EHLK6qkK_j46ll8DxX5tNAWsuTWrfhCFoHDzxx4SUQFYGKOWgGNkc3p12cIAU1IWKWCKRo16-Ffc1JXOnqM6M60CPkbbxgDqnRKDKo0SJjH0htwNuFreOKr16MRNlihG/s1600/Fiddler+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="251" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoMGV0ZYokZLN2EHLK6qkK_j46ll8DxX5tNAWsuTWrfhCFoHDzxx4SUQFYGKOWgGNkc3p12cIAU1IWKWCKRo16-Ffc1JXOnqM6M60CPkbbxgDqnRKDKo0SJjH0htwNuFreOKr16MRNlihG/s1600/Fiddler+logo.png" width="400" /></a></div> <div style="text-align: justify;"> <b>Fiddler</b> is a <b>Web Debugging Proxy</b> which logs all HTTP(S) traffic between your computer and the Internet. <b>Fiddler</b> allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.</div> <ul style="text-align: justify;"> <li><b>HTTP/HTTPS Traffic Recording :: </b>Fiddler is a free <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> <a href="http://www.toolwar.com/search/label/Debugger" target="_blank">debugging</a> proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more.</li> <li><b>Web Session Manipulation ::</b> Easily manipulate and edit web sessions. All you need to do is set a breakpoints to pause the processing of the session and permit alteration of the request/response. You can also compose your own HTTP requests to run through <b>Fiddler</b>.</li> <li><b>Web Debugging :: </b>Debug traffic from PC, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac</a> or <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux systems</a> and <a href="http://www.toolwar.com/search/label/Mobile" target="_blank">mobile devices</a>. Ensure the proper cookies, headers and cache directives are transferred between the client and server. Supports any framework, including .NET, Java, Ruby, etc.</li> <li><b> Security Testing :: </b>Use <b>Fiddler</b> for <a href="http://www.toolwar.com/search/label/Security" target="_blank">security testing</a> your web applications -- decrypt HTTPS traffic, and display and modify requests using a man-in-the-middle decryption technique. Configure Fiddler to decrypt all traffic, or only specific sessions.</li> <li><b>Performance Testing :: </b>Fiddler lets you see the “total page weight,” HTTP caching and compression at a glance. Isolate performance bottlenecks with rules like “Flag any uncompressed responses larger than 25kb.”</li> <li><b>Customizing Fiddler :: </b>Benefit from a rich extensibility model, ranging from simple FiddlerScript to powerful Extensions which can be developed using any .NET language.  </li> <li><div class="sfContentBlock"> <b>Simulate Real User Load Using Fiddler Captures ::</b> Fiddler is an excellent tool for understanding the performance of your website, but how does your performance change when lots of users are hitting the site? Check out Telerik Test Studio powered by Fiddler to get an in-depth understanding of how your site performance degrades as the number of users increases.</div> </li> </ul> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/gujBKFGwjd4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://www.telerik.com/docs/default-source/fiddler/fiddler4setup.exe?sfvrsn=2" target="_blank">Fiddler v4.4.6.2</a> (.exe) <b> </b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.telerik.com/download/fiddler">http://www.telerik.com/download/fiddler</a></div>

Fiddler (Web Debugger Proxy) :: Tools

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect...

Read more »

Foremost (File Carving) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkN2Ugs8yPIpW9bdhSCRtfTQisB-mmEgSeRyCTN_07YHLjIom3zkuOAPeUS8z8s7WHAT-qFoxrqYH6hrVHV9q-40PTsRzLLn9SMc0DbYBMNR944nbfhqU8fPWiPYTWV_PcywGGNhbEMS8/s1600/foremost+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="foremost screenshot" border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkN2Ugs8yPIpW9bdhSCRtfTQisB-mmEgSeRyCTN_07YHLjIom3zkuOAPeUS8z8s7WHAT-qFoxrqYH6hrVHV9q-40PTsRzLLn9SMc0DbYBMNR944nbfhqU8fPWiPYTWV_PcywGGNhbEMS8/s400/foremost+screenshot.jpg" title="foremost screenshot" width="400" /></a></div> <br /> <b>Foremost</b> is a <b><i>console program to recover files</i></b> based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. <b> Foremost</b> can work on image files, such as those generated by dd, Safeback, <a href="http://www.toolwar.com/2013/09/encase-forensics-v7-tools.html" target="_blank">Encase</a>, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command line</a> switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery. </div> <div style="text-align: justify;"> <br /> <h3> Tutorial ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9AkY-IefI4Q?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> </h3> </div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Linux ::</b> <a href="http://foremost.sourceforge.net/pkg/foremost-1.5.7.tar.gz" target="_blank">Foremost 1.5.7 (.tar.gz)</a><br /> <b>Official Website :: </b><a href="http://foremost.sourceforge.net/" target="_blank">http://foremost.sourceforge.net/ </a></div>

Foremost (File Carving) :: Tools

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is common...

Read more »

Immunity Canvas (Vulnerability Exploitation) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqwXRB2JW_wTRBZeFsPrNZqP7KK7Xyn3JC7nG4SvaFbLePxH0hRCMjN9Qmahzts9eQvlEvfqI-ZtbOgvXHS6d2EBgXNSHvEgPXs_l3QYQyy_cg2IrSmwwJThp4ddWSXS5oV4GoJEOJbLUo/s1600/img-canvas.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Immunity Canvas" border="0" height="171" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqwXRB2JW_wTRBZeFsPrNZqP7KK7Xyn3JC7nG4SvaFbLePxH0hRCMjN9Qmahzts9eQvlEvfqI-ZtbOgvXHS6d2EBgXNSHvEgPXs_l3QYQyy_cg2IrSmwwJThp4ddWSXS5oV4GoJEOJbLUo/s1600/img-canvas.gif" title="Immunity Canvas" width="400" /></a></div> <b>Immunity Canvas</b> is a commercial <b>vulnerability exploitation tool </b>from Dave Aitel's ImmunitySec. It includes more than 370 exploits and is less expensive than Core Impact or the commercial versions of <a href="http://www.toolwar.com/2013/09/metasploit-framework.html" target="_blank">Metasploit</a>. It comes with full source code, and occasionally even includes zero-day exploits.<b> </b><br /> <b>Immunity's CANVAS</b> makes available hundreds of exploits, an automated <a href="http://www.toolwar.com/search/label/Exploitation" target="_blank">exploitation</a> system, and a comprehensive, reliable exploit development framework to <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration</a> testers and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> professionals worldwide. To see CANVAS in action please see our movies. For users new to CANVAS or experienced users looking to get just a little more out of CANVAS we have <a href="http://www.toolwar.com/search/label/PDF" target="_blank">PDF</a> based tutorials available for download.</div> <div style="text-align: justify;">   </div> <div style="text-align: justify;"> <b>Supported Platforms and Installations</b><br /> - <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (requires Python & PyGTK)<br /> - <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a><br /> - <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MacOSX</a> (requires PyGTK)<br /> - All other <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> environments such as mobile phones and commercial Unixes (command line version only supported, GUI may also be available)</div> <div style="text-align: justify;"> <b>Architecture</b><br /> - CANVAS' completely open design allows a team to adapt CANVAS to their environment and needs. </div> <div style="text-align: justify;"> <b>Documentation</b><br /> - all documentation is delivered in the form of demonstration movies<br /> - exploit modules have additional information windows</div> <div style="text-align: justify;"> <b> Exploits</b><br /> - currently over 490 exploits, an average of 4 exploits added every monthly release<br /> - Immunity carefully selects vulnerabilities for inclusion as CANVAS exploits. Top priorities are high-value vulnerabilities such as remote, pre-authentication, and new vulnerabilities in mainstream software.<br /> - Exploits span all common platforms and applications</div> <div style="text-align: justify;"> <b> Payload Options</b><br /> - to provide maximum reliability, exploits always attempt to reuse socket<br /> - if socket reuse is not suitable, connect-back is used<br /> - subsequent MOSDEF session allows arbitrary code execution, and provides a listener shell for common actions (file management, screenshots, etc)<br /> - bouncing and split-bouncing automatically available via MOSDEF<br /> - adjustable covertness level</div> <div style="text-align: justify;"> <b> Exploit Delivery</b><br /> - regular monthly updates made available via <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a><br /> - exploit modules and CANVAS engine are updated simultaneously<br /> - customers reminded of monthly updates via email</div> <div style="text-align: justify;"> <b> Exploit Creation Time</b><br /> - exploits included in next release as soon as they are stable</div> <div style="text-align: justify;"> <b> Effectiveness of Exploits</b><br /> - all exploits fully QA'd prior to release<br /> - exploits demonstrated via flash movies<br /> - exploit development team available via direct email for support</div> <div style="text-align: justify;"> <b> Ability to make Custom Exploits</b><br /> - unique MOSDEF development environment allows rapid exploit development</div> <div style="text-align: justify;"> <b> Product Support and Maintenance</b><br /> - subscriptions include email and phone support M-F 9am - 5pm EST, directly with development team<br /> - minimum monthly updates</div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> Tutorials ::</h3> <ol> <li><a href="http://www.immunitysec.com/documentation/tutorials/Windows_Install.pdf">Detailed Windows Installation Instructions</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/canvas101-part1.pdf">CANVAS 101 (Part 1)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/canvas101-part2.pdf">CANVAS 101 (Part 2)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/HCN-Part1.pdf">HCN Rootkit (Part 1)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/ties-that-binder-dot-py.pdf">The Ties That Binder.py</a></li> </ol> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FAz-Bek4RfU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <ol></ol> </div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux | Mac | Windows :: Contact Here ::</b> sales@immunityinc.com <b> </b><br /> <b>Official Website ::</b> <a href="https://www.immunitysec.com/products-canvas.shtml">https://www.immunitysec.com/products-canvas.shtml</a></div>

Immunity Canvas (Vulnerability Exploitation) :: Tools

Immunity Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 370 exploits an...

Read more »

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

<div style="text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Cisco Torch" border="0" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" title="Cisco Torch" width="640" /></a></div> <div style="text-align: justify;"> <b>Cisco Torch</b> is a <b>mass scanning, fingerprinting, and exploitation tool</b> was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the <a href="http://www.toolwar.com/search/label/Tools">tools</a> availalbe on the market could not meet our needs. <br />The main feature that makes<b> Cisco-torch</b> different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum <a href="http://www.toolwar.com/search/label/Scanner">scanning</a> efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered. </div> <br /><h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux :: </b><a href="http://www.arhont.com/en/wp-content/uploads/2010/01/cisco-torch-0.4b.tar.gz" target="_blank">Cisco-Torch v0.4b</a> (.tar.bz2)<b> | Language ::</b> Perl<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website :: </b> <a href="http://www.arhont.com/en/category/resources/tools-utilities/">http://www.arhont.com/en/category/resources/tools-utilities/</a></div>

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

Cisco Torch is a mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hac...

Read more »

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="nmap scanner logo" border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPn1QPXq_tY_zK1uLIjY-6fyXimOMxgo3rq52s-03wGFIiM3FEUXb1R_uZpS2QvMEucVny6EK7w0eYYGJ5JKDgUtasnKL7WqkAIA5QMKqB05XXAv_va-hOLNd2wlIHxv1cUDpxCVa4kxbF/s1600/nmap.jpg" title="nmap scanner logo" width="400" /></div> </div> <div style="text-align: justify;"> <b>Nmap ("Network Mapper")</b> is a free and open source (license) utility for <b>network discovery and security auditing.</b> Many systems and network administrators also find it useful for tasks such as <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> inventory, managing service upgrade schedules, and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and results viewer <b>(Zenmap)</b>, a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis tool</a> (Nping).<br /> <br /> <b>Nmap</b> was named “<a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.<br /> <br /> <b>Nmap is::</b></div> <ul style="text-align: justify;"> <li>    Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">firewalls</a>, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), <b>OS detection</b>, version detection, ping sweeps, and more. See the documentation page.</li> <li>    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.</li> <li>    Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.</li> <li>    Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.</li> <li>    Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.</li> <li>    Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.</li> <li>    Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.</li> <li>    Acclaimed: <b>Nmap</b> has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.</li> <li>    Popular: Thousands of people download <b>Nmap</b> every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities. </li> </ul> <h3> Tutorials ::</h3> <b>Tutorial (Max OS X) :: </b><a href="http://nmap.org/book/inst-macosx.html#inst-macosx-source">Click Here</a><br /> <b>Tutorial (Windows) :: </b><a href="http://nmap.org/book/inst-windows.html#inst-win-source">Click Here</a> <b><br /> </b><br /> <b>Tutorial (Linux) ::</b> <a href="http://nmap.org/book/inst-source.html">Click Here</a><br /> <b>Installation :: </b><a href="http://nmap.org/book/install.html" target="_blank">Click Here</a>   <br /> <b>Tutorials From Basics :: </b><a href="http://nmap.org/bennieston-tutorial/">Click Here </a><br /> <b>Video Tutorial :: </b><br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RJxF7puQFXI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b> </b> <br /> <h3> Download ::</h3> <h3> </h3> <b>Download ZenMap (GUI of Nmap) :: </b><a href="http://nmap.org/zenmap/">Click Here</a><b> </b><br /> <b>Windows :: </b><a href="http://nmap.org/dist/nmap-6.40-setup.exe">Nmap-Latest</a> (.exe) <b> </b><br /> <b>Linux :: </b><a href="http://nmap.org/dist/nmap-6.40.tar.bz2">Nmap Latest</a> (.tar.bz2)<b> </b><br /> <b>Mac :: </b><a href="http://nmap.org/dist/nmap-6.40-2.dmg">Nmap Latest</a> (.dmg)<b> </b> <b>  </b><br /> <b>Official Website ::</b> <a href="http://nmap.org/">http://nmap.org/</a> <br /> <div style="text-align: justify;"> </div>

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many syste...

Read more »

SAINT 8 (Security Auditing Suite) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="SAINT LOGO" border="0" height="107" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7ITNbIsTcKUwW4ShEmmGIi_tc3r93_yUAm8uaCmmHsBBhYfr3EemJ8Cqkmicl1Fhpd9D3UxPy_DS7kuqAJEVvVADbttEn7PYmcWl3xA3gQEQWKeMojScYzNb7yO1L08sAs_4K6kEYXHm/s1600/SAINT.jpg" title="SAINT LOGO" width="200" /></div> <b>SAINT 8</b> is a <b>fully-integrated security tool suite</b> that combines <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability scanning</a>, with <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>, social engineering tools and configuration assessments. Use the combined power of these tools to identify vulnerabilities on <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices, operating systems, desktop applications, <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web applications</a>, databases, and more; run packaged penetration tests through pre-configured policies, run vulnerability-specific exploits for target-directed investigation; execute social engineering through packaged exploit Tools; and execute platform-specific configuration auditing, using NIST’s SCAP standards and protocols.  <b>SAINT 8 </b>then provides a robust set of <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> and reporting features to perform ad hoc analytics, view strategic level results across 1 or many assessments, and then build reports from pre-defined templates, compliance reports or build your own custom reports from over 150 customizable settings. <b>SAINT's</b> current repository includes over 4,200 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> checks and 900+ exploits - which span over 48,000 Common Vulnerability Exposures (CVEs), plus numerous vulnerabilities that do not currently have a CVE assigned. Vulnerability checks and exploit development is a daily activity, that includes delivery of new checks twice a week, through an automated plug-in. This agentless scanning solution can be delivered via a cloud-based version <b> (WebSAINT Pro 8)</b>, deployed standalone, shared as a server-based solution, or as a multi-<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> architecture for large enterprise or load balanced scanning.</div> <br /> <h3> Tutorials ::</h3> <b>Video Tutorial :: </b><a href="http://www.youtube.com/watch?v=ibW6gLNYrf8" target="_blank">Click Here </a><br /> <b>Exploit Tools List :: </b><a href="http://www.saintcorporation.com/solutions/exploitTools.html" target="_blank">Click Here</a><b></b><br /> <br /> <h3> Download :: </h3> <b>Windows :: </b><a href="https://www.saintcorporation.com/resources/requestEvaluation.html" target="_blank">Request a Evaluation Copy</a><b> </b><br /> <b>Official Website :: </b><a href="https://www.saintcorporation.com/products/SAINT8.html">https://www.saintcorporation.com/products/SAINT8.html</a><br /> <b>Submitted By :: </b>SAINT Corporation <br /> <div style="text-align: justify;"> <br /></div>

SAINT 8 (Security Auditing Suite) :: Framework

SAINT 8 is a fully-integrated security tool suite that combines vulnerability scanning , with penetration testing , social engineering ...

Read more »

FTester (Testing Firewall Filtering Policies and IDS Capabilities) :: Tools

<div style="text-align: justify;"> <div class="section"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2h4CgTrZX0VYiu63TmUAtbc4QAObotOLBVPALrQnQ8EFD3Xii02746KHPmYlcOy05O2996O4ZQkhmZ02DFzrpgLuSLR8wzAHvdVCdJO_f9rD6xOK9IV7pzIgiROpp2C_RJvsLGF0IkuR7/s1600/FTester+Screenshot.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="FTester Screenshot" border="0" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2h4CgTrZX0VYiu63TmUAtbc4QAObotOLBVPALrQnQ8EFD3Xii02746KHPmYlcOy05O2996O4ZQkhmZ02DFzrpgLuSLR8wzAHvdVCdJO_f9rD6xOK9IV7pzIgiROpp2C_RJvsLGF0IkuR7/s1600/FTester+Screenshot.JPG" title="FTester Screenshot" width="400" /></a></div> The <b>Firewall Tester (FTester)</b> is a tool designed for <b>testing firewall filtering policies and Intrusion Detection System (IDS) capabilities.</b><br /> The tool consists of two perl scripts, a <span id="goog_1392660018"></span><a href="http://www.toolwar.com/search/label/Packet">packet injector<span id="goog_1392660019"></span></a> (ftest) and a listening <a href="http://www.toolwar.com/search/label/Sniffer">sniffer</a> (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A comparison of the two produced log files (ftest.log and ftestd.log) outlines the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a <a href="http://www.toolwar.com/search/label/IDS">firewall</a>. Stateful inspection firewalls are handled with the 'connection spoofing' option. A script called freport is also available to automatically parse the log files.<br /> Using the tool is not a completely automated process, ftest.conf must be crafted for every different situation. Examples and rules are included in the attached configuration file.<br /> The <a href="http://www.toolwar.com/search/label/IDS">IDS (Intrusion Detection System)</a> testing feature can be used either with ftest only or with the additional support of ftestd for handling stateful inspection IDS, ftest can also use common IDS evasion techniques. The script can also process snort rule definition files.<br /> <h3> Features:</h3> <ul> <li>firewall testing</li> <li>IDS testing</li> <li>simulation of real tcp connections for stateful inspection firewalls and IDS</li> <li>TCP connection spoofing</li> <li>IP fragmentation / TCP segmentation</li> <li>IDS evasion techniques</li> </ul> <b>NOTE</b>: this tool is now outdated and is presented here for historical reasons, a complete rewrite with new features and IPv6 support is scheduled for sometime in the future.<br /> </div> </div> <div style="text-align: justify;"> <br /> <h3> Tutorials ::</h3> <b>Installation ::</b><br /> <div class="MsoNormal"> FTester components are PERL scripts. They can be executed on any platform with a recent version of PERL. Three perl modules -<span style="mso-spacerun: yes;">Ý </span>Net::RawIP, Net::PcapUtils, and NetPacket ñ are also required. These can be downloaded at the Comprehensive Perl Archive Network (<a href="http://www.cpan.org/" target="_new">CPAN</a>), and<span style="color: red;"> </span>you can install them using the CPAN shell. </div> <div class="MsoNormal"> Installation is quite simple. <span style="font-family: Courier;">Untar</span> the latest archive. Everything you need will be decompressed along with an example configuration file, documentation and a script called <span style="font-family: Courier;">freport</span> for comparing <span style="font-family: Courier;">ftest</span> and <span style="font-family: Courier;">ftestd</span> log files. Before using the package I recommend to read and fully understand all documentation.</div> <b>ManPage ::</b> <a href="http://www.inversepath.com/ftester_man.html" target="_blank">Click Here</a><br /> <b>Documentation :: </b><a href="http://dev.inversepath.com/ftester/README" target="_blank">Click Here</a><br /> <b>Published Paper ::</b> <a href="http://www.tisc-insight.com/newsletters/56.html" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://dev.inversepath.com/ftester/ftester-latest.tar.gz" target="_blank">FTester-Latest</a> (.tar.gz)<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.inversepath.com/ftester.html" target="_blank">http://www.inversepath.com/ftester.html</a></div>

FTester (Testing Firewall Filtering Policies and IDS Capabilities) :: Tools

The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (ID...

Read more »

Wafw00f (Web Application Firewall Detection) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEPFB63-uWGx3aIVZ5ZzxS1NkiNshLYe7Jic5FFeulXya-517a-PboH8hrWZkQpOl-mI9kSJMdQo1aByMhfdZITiQalnRB5h2HIgcbwvGtxg6nKUL_ePCsWTbosFDnmLr2IEwNhPzBYca9/s1600/wafw00f+screenshot.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="wafw00f screenshot" border="0" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEPFB63-uWGx3aIVZ5ZzxS1NkiNshLYe7Jic5FFeulXya-517a-PboH8hrWZkQpOl-mI9kSJMdQo1aByMhfdZITiQalnRB5h2HIgcbwvGtxg6nKUL_ePCsWTbosFDnmLr2IEwNhPzBYca9/s1600/wafw00f+screenshot.JPG" title="wafw00f screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Web Application Firewalls (WAFs) </b>can be detected through stimulus/response testing scenarios. Here is a short listing of possible detection methods: </div> <ul style="text-align: justify;"> <li><b>Cookies</b>: Some WAF products add their own cookie in the HTTP communication. </li> <li><b>Server Cloaking</b>: Altering URLs and Response Headers </li> <li><b>Response Codes</b>: Different error codes for hostile pages/parameters values </li> <li><b>Drop Action</b>: Sending a FIN/RST packet (technically could also be an IDS/IPS) </li> <li><b>Pre Built-In Rules</b>: Each WAF has different negative security signatures </li> </ul> <div style="text-align: justify;"> <b>WafW00f </b>is based on these assumptions to determine remote WAFs. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <pre>$ <b>python wafw00f.py http://www.aldeid.com</b> ^ ^ _ __ _ ____ _ __ _ _ ____ ///7/ /.' \ / __////7/ /,' \ ,' \ / __/ | V V // o // _/ | V V // 0 // 0 // _/ |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/ < ...' WAFW00F - Web Application Firewall Detection Tool By Sandro Gauci && Wendel G. Henrique Checking http://www.aldeid.com Generic Detection results: The site http://www.aldeid.com <span style="background: #ffff00; color: black;">seems to be behind a WAF </span> Reason: Blocking is being done at connection/packet level. Number of requests: 13</pre> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b></div> <pre>$ <b>cd /data/pentest/web/</b> $ <b>svn checkout <a class="external free" href="http://waffit.googlecode.com/svn/trunk/" rel="nofollow" target="_blank">http://waffit.googlecode.com/svn/trunk/</a> waffit-read-only</b></pre> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.aldeid.com/wiki/Wafw00f">http://www.aldeid.com/wiki/Wafw00f</a></div>

Wafw00f (Web Application Firewall Detection) :: Tools

Web Application Firewalls (WAFs) can be detected through stimulus/response testing scenarios. Here is a short listing of possible detec...

Read more »

Fragroute :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ7jo1_vjG2XgLQxevu8HSHLP5HXWK9U13ZtsPZ-8BjIWb42nfMZoi3lZP38PUekGaUY_b7EUj2OB5KGIYr97sJmVvd8ToD6esQTAUUuliELCScxrLNogl82uw6gc38sPZXclTroqB0vzd/s1600/fragroute.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="fragroute screenshot" border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ7jo1_vjG2XgLQxevu8HSHLP5HXWK9U13ZtsPZ-8BjIWb42nfMZoi3lZP38PUekGaUY_b7EUj2OB5KGIYr97sJmVvd8ToD6esQTAUUuliELCScxrLNogl82uw6gc38sPZXclTroqB0vzd/s1600/fragroute.JPG" title="fragroute screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Fragroute</b> intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. </div> <div style="text-align: justify;"> It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behaviour. </div> <div style="text-align: justify;"> This tool was written in good faith to aid in the testing of network intrusion detection systems, firewalls, and basic TCP/IP stack behaviour. Please do not abuse this software. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <b> Required libraries ::</b> <br /> <ul> <li>libdnet </li> <li>libpcap </li> <li>libevent (for non-Windows platforms) </li> </ul> <div style="text-align: justify;"> <b>Installation :: </b><a href="http://www.monkey.org/~dugsong/fragroute/INSTALL" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>ManPage :: </b><a href="http://www.monkey.org/~dugsong/fragroute/fragroute.8.txt" target="_blank">Click Here</a><br /> <b>Video Tutorial :: </b> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/k7viy_NN8f4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://www.monkey.org/~dugsong/fragroute/fragroute-1.2.tar.gz" target="_blank">Fragroute v1.2</a> (.tar.gz)</div> <div style="text-align: justify;"> <b>Official Website :: </b> <a href="http://www.monkey.org/~dugsong/fragroute/">http://www.monkey.org/~dugsong/fragroute/</a></div>

Fragroute :: Tools

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in...

Read more »

BlindElephant (Web Application Fingerprinting) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600/BlindElephant+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="287" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600/BlindElephant+logo.png" width="320" /></a></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> The <b>BlindElephant</b> is a <b>Web Application Fingerprinter</b> attempts to discover the version of a (known) <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> by comparing static files at known locations against precomputed <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a> for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatize. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Discussion and Forum :: </b><a href="http://www.qualys.com/blindelephant" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>Installation ::</b></div> <div style="text-align: justify;"> Installation is only required if you plan to use BlindElephant as a library. Make sure that your <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> installation has distutils, and then do: </div> <div style="text-align: justify;"> <span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code>cd blindelephant/src</code><code>sudo python setup.py install</code></span></span></div> <br /> <b>Example Usage (Command Line) :: </b><br /> setup.py will have placed BlindElephant.py in your /usr/local/bin dir. <br /> <pre style="border-left: 5px solid #ddd; padding: 10px;"><span style="font-family: "Courier New",Courier,monospace;">$ BlindElephant.py Usage: BlindElephant.py [options] url appName Options: -h, --help show this help message and exit -p PLUGINNAME, --pluginName=PLUGINNAME Fingerprint version of plugin (should apply to web app given in appname) -s, --skip Skip fingerprinting webpp, just fingerprint plugin -n NUMPROBES, --numProbes=NUMPROBES Number of files to fetch (more may increase accuracy). Default: 15 -w, --winnow If more than one version are returned, use winnowing to attempt to narrow it down (up to numProbes additional requests). -l, --list List supported webapps and plugins Use "guess" as app or plugin name to attempt to attempt to discover which supported apps/plugins are installed. $ python BlindElephant.py http://laws.qualys.com movabletype Loaded /usr/local/lib/python2.6/dist-packages/blindelephant/dbs/movabletype.pkl with 96 versions, 2229 differentiating paths, and 209 version groups. Starting BlindElephant fingerprint for version of movabletype at http://laws.qualys.com Fingerprinting resulted in: 4.22-en 4.22-en-COM 4.23-en 4.23-en-COM Best Guess: 4.23-en-COM</span> </pre> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-size: small;"><b>More Help :: </b><a href="http://sourceforge.net/p/blindelephant/code/HEAD/tree/trunk/" target="_blank">Click Here</a></span></span> </code></span></span></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: left;"> <b>Linux Command  :: </b><code>svn co https://blindelephant.svn.sourceforge.net/svnroot/blindelephant/trunk blindelephant</code></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://blindelephant.sourceforge.net/">http://blindelephant.sourceforge.net/</a></div>

BlindElephant (Web Application Fingerprinting) :: Tools

The BlindElephant is a Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing sta...

Read more »

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="IronWASP Screenshot" border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" title="IronWASP Screenshot" width="640" /></a></div> <b>IronWASP (Iron Web application Advanced Security testing Platform)</b> is an open source <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> for <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> application <a href="http://www.toolwar.com/search/label/Vulenrability" target="_blank">vulnerability</a> testing. It is designed to be customizable to the extent where users can create their own custom <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners</a> using it. Though an advanced user with <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners. </div> <div style="text-align: justify;"> <b>IronWASP</b> has a plugin system that supports Python and Ruby. The version of Python and Ruby used in <b>IronWASP</b> is IronPython and IronRuby which is syntactically similar to CPython and CRuby. However some of the standard libraries might not be available, instead plugin authors can make use of the powerful IronWASP API.  </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>IronWASP Blog : : </b><a href="http://blog.ironwasp.org/" target="_blank">Click Here </a></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/yUoPRnEf22I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="https://ironwasp.org/ironwasp.zip" target="_blank">IronWASP v0.9.7.5</a><b> </b>(.zip)</div> <div style="text-align: justify;"> <b>Linux :: </b></div> <div style="text-align: justify;"> <b><span style="font-family: "Courier New",Courier,monospace;">wget http://blog.anantshri.info/content/uploads/2013/01/ironwasp_installer.sh.txt -O ~/ironwasp_installer.sh && sh ~/ironwasp_installer.sh </span></b></div> <div style="text-align: justify;"> <b>Mac :: </b>IronWASP runs on Mac with <a href="http://www.codeweavers.com/products/">CrossOver</a>.</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://ironwasp.org/">http://ironwasp.org/</a></div>

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testin...

Read more »

ACE (Telephony Analysis) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWLRvwL7u17Q85XO9IPzEMIVsSg9m8CoZRlKLo-f6NhIRybAW0vQo3-YLRAXw_xVs3yOaaI3CQClkkVlDjbGbvYks6TS9rXYckfQzKMuMOSTC0JF9EmfHYq9swqpI1cBXSTCePFuQDtCaG/s1600/VoIP+Phones.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWLRvwL7u17Q85XO9IPzEMIVsSg9m8CoZRlKLo-f6NhIRybAW0vQo3-YLRAXw_xVs3yOaaI3CQClkkVlDjbGbvYks6TS9rXYckfQzKMuMOSTC0JF9EmfHYq9swqpI1cBXSTCePFuQDtCaG/s1600/VoIP+Phones.jpg" width="640" /></a></div> <div style="text-align: justify;"> <b>ACE (Automated Corporate Enumerator)</b> is a simple yet powerful <b><a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP</a> Corporate Directory enumeration tool</b> that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface. In the same way that the "corporate directory" feature of VoIP hardphones enables users to easily dial by name via their VoIP handsets, ACE was developed as a research idea born from <b>"VoIP Hopper"</b> to automate VoIP <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a> that can be targeted against names in an enterprise Directory. The concept is that in the future, attacks will be carried out against users based on their name, rather than targeting VoIP traffic against random RTP audio streams or IP addresses. ACE works by using DHCP, TFTP, and HTTP in order to download the VoIP corporate directory. It then outputs the directory to a text file, which can be used as input to other VoIP assessment tools. <b> ACE is a standalone utility,</b> but its functions are integrated into UCSniff.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Features ::</b></div> <div style="text-align: justify;"> ACE currently supports the VoIP corporate directory used in Cisco Unified IP Phones. It works in the following way:</div> <ul style="text-align: justify;"> <li>Spoofs CDP to get VVID</li> <li>Adds Voice VLAN Interface (VLAN Hop) - subsequent traffic is tagged with VVID</li> <li>Sends DHCP request tagged with VVID</li> <li>Decodes TFTP Server IP Address via DHCP Option 150</li> <li>Sends a TFTP request for IP Phone configuration file</li> <li>Parses file, learning Corporate Directory URL</li> <li>Sends an HTTP GET request for Directory</li> <li>Parses XML Data, writing directory users to a formatted text file</li> </ul> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Usages :: </b></div> <div style="text-align: justify;"> ACE can be used in one of two ways. First, it can auto-discover the TFTP Server IP Address via DHCP, or (second) the user can specify the TFTP Server IP address as a command line parameter of the tool. In either case, you must supply the MAC Address of the IP Phone with the -m option in order for the tool to correctly download the configuration file via TFTP.<br />ACE v1.0: Automated Corporate (Data) Enumerator<br />Usage: ace [-i interface] [ -m mac address ] [ -t tftp server ip address | -c cdp mode | -v voice vlan id | -r vlan interface | -d verbose mode ]<br /><br />-i (Mandatory) Interface for sniffing/sending packets<br />-m (Mandatory) MAC address of the victim IP phone<br />-t (Optional) tftp server ip address<br />-c (Optional) 0 CDP sniff mode, 1 CDP spoof mode<br />-v (Optional) Enter the voice vlan ID<br />-r (Optional) Removes the VLAN interface<br />-d (Optional) Verbose | debug mode<br /><br />Example Usages:<br />Usage requires MAC Address of IP Phone supplied with -m option<br />Usage: <span style="font-family: "Courier New",Courier,monospace;">ace -t -m</span><br /><br />Mode to automatically discover TFTP Server IP via DHCP Option 150 (-m)<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -m 00:1E:F7:28:9C:8e</span><br /><br />Mode to specify IP Address of TFTP Server<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -t 192.168.10.150 -m 00:1E:F7:28:9C:8e</span><br /><br />Mode to specify the Voice VLAN ID<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -v 96 -m 00:1E:F7:28:9C:8E</span><br /><br />Verbose mode<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -v 96 -m 00:1E:F7:28:9C:8E -d</span><br /><br />Mode to remove vlan interface<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -r eth0.96</span><br /><br />Mode to auto-discover voice vlan ID in the listening mode for CDP<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -c 0 -m 00:1E:F7:28:9C:8E</span><br /><br />Mode to auto-discover voice vlan ID in the spoofing mode for CDP<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -c 1 -m 00:1E:F7:28:9C:8E</span></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/ucsniff/files/ace/ace-1.10.tar.gz/download" target="_blank">ACE v1.10</a> (.tar.gz)<b><br /> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://ucsniff.sourceforge.net/ace.html">http://ucsniff.sourceforge.net/ace.html</a></div>

ACE (Telephony Analysis) :: Tools

ACE (Automated Corporate Enumerator) is a simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of ...

Read more »

Cisco Global Exploiter (CGE) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="CISCO Global Exploiter" border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" title="CISCO Global Exploiter" width="320" /></a></div> <div style="text-align: justify;"> <b>Cisco Global Exploiter (CGE)</b>, is an advanced, simple and fast <a href="http://www.toolwar.com/search/label/Security" target="_blank"> security</a> testing tool/ exploit engine, that is able to exploit 14 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank"> vulnerabilities</a> in disparate Cisco switches and routers.  CGE is <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line</a> driven <a href="http://www.toolwar.com/2013/09/perl-language.html" target="_blank">perl </a>script which has a simple and easy to use front-end.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> CGE can exploit the following 14 vulnerabilities:</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[1] - Cisco 677/678 Telnet Buffer Overflow Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[2] - Cisco IOS Router Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[3] - Cisco IOS HTTP Auth Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[4] - Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability[5] - Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[6] - Cisco 675 Web Administration Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[7] - Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[8] - Cisco IOS Software HTTP Request Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[9] - Cisco 514 UDP Flood Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[10] - CiscoSecure ACS for Windows NT Server Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[11] - Cisco Catalyst Memory Leak Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[12] - Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[13] - 0 Encoding IDS Bypass Vulnerability (UTF)</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[14] - Cisco IOS HTTP Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <br /></div> <h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> Tutorial :: </h3> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Installation:</b></div> <div style="text-align: justify;"> <span style="font-family: Courier New;">tar -zxvf cge-13.tar.gz</span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b><span style="font-family: Times New Roman;">Execution:</span></b></div> <div style="text-align: justify;"> <span style="font-family: Courier New; font-size: x-small;">perl cge.pl <target> <vulnerability number></span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Example output:</b></div> <div style="text-align: justify;"> <span style="font-size: x-small;"><span style="font-family: Courier New;">[root@hacker cge-13]# perl cge.pl 192.168.1.254 3</span><br /> <span style="font-family: Courier New;">Vulnerability successful exploited with [http://192.168.1.254/level/17/exec/....] ...</span></span></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> The above is trying to exploit <span style="font-family: Times New Roman;">the Cisco IOS HTTP Auth Vulnerability and hopefully using the nice link provided we should have basic access to the switch we are attacking, (not enable):</span></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">   </div> <h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> Download ::</h3> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> <b>Linux :: </b><a href="http://packetstormsecurity.org/0405-exploits/cge-13.tar.gz" target="_blank">Cisco Global Exploiter</a> (.tar.gz)<b><br /></b></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> <b>Official Website :: </b><a href="http://www.vulnerabilityassessment.co.uk/cge.htm">http://www.vulnerabilityassessment.co.uk/cge.htm</a></div>

Cisco Global Exploiter (CGE) :: Tools

Cisco Global Exploiter (CGE) , is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14...

Read more »

Simple Packet Sender- SRS (Packet Crafting) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BUKKw498tOZ31MifYW6bPLuJau7rdayfP5pA059VWTSs2bX9U8wBoL0uzzMGPCSIx2uJ2Zd0U3siY6mMaSIHGNiuByoH6wcWmPvKxDi_QhXGorMs_JAvn14nckZgM-3C0XybRLTQpiVN/s1600/tcp-ipv4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Simple Packet sender screenshot" border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BUKKw498tOZ31MifYW6bPLuJau7rdayfP5pA059VWTSs2bX9U8wBoL0uzzMGPCSIx2uJ2Zd0U3siY6mMaSIHGNiuByoH6wcWmPvKxDi_QhXGorMs_JAvn14nckZgM-3C0XybRLTQpiVN/s1600/tcp-ipv4.png" title="Simple Packet sender screenshot" width="320" /></a></div> <div style="text-align: justify;"> <b>Simple Packet Sender (SPS)</b> is a linux <b>packet crafting tool</b>. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. Written in C on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> with <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> built using GTK+ and released under GPLv3. Does not require pcap.</div> <h3 style="text-align: justify;"> <b>Features:</b></h3> <div style="text-align: justify;"> <a href="http://www.toolwar.com/search/label/Packet" target="_blank">Packet</a><a href="http://www.toolwar.com/search/label/Packet" target="_blank"> crafting</a> and sending one, multiple, or flooding IPv4 and IPv6 packets of type TCP, ICMP, or UDP (or cycle through all three). All values within ethernet frame can be modified arbitrarily. Supports IPv4 header options, TCP header options, and TCP, ICMP and UDP data as well, input from either: keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. IPv6 support includes: hop-by-hop, "first" and "last" destination, routing, authentication, and encapsulating security payload (ESP) extension headers. For those without access to a native IPv6 <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, IPv6 packets can be transmitted over IPv4 (6to4).</div> <div style="text-align: justify;"> Packet fragmentation for IPv4, IPv6, and 6to4. Assumed maximum transmission unit (MTU) can be changed if unusual fragment sizes are needed. IP addresses and port numbers can be randomized. A configurable traceroute function, which supports TCP, ICMP, and UDP packets with all the features mentioned above. View packets in hexadecimal/ASCII representation, in both unfragmented and fragmented forms. All packet settings can be saved to and loaded from file. IP and ASN delegation functions, including: country name/code search and reverse-search, autonomous system (AS) number search by country and reverse-search,  IPv4 and IPv6 address delegation search and reverse-search.</div> <div style="text-align: justify;"> ARP (IPv4) and Neighbor Discovery (IPv6) for querying a LAN for MAC addresses of local nodes.</div> <div style="text-align: justify;"> Retrieve MAC address and current MTU setting of any attached network interface. Domain name resolution and <a href="http://www.toolwar.com/search/label/Reverse" target="_blank">reverse</a> resolution.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorial ::</h3> <div style="text-align: justify;"> <b>Wiki ::</b> <a href="http://sourceforge.net/p/simplepacket/wiki/Home/" target="_blank">Click Here</a></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="https://sites.google.com/site/simplepacketsender/sps-4.2.tar.gz?attredirects=0" target="_blank">Simple Packet Sender</a> (.tar.gz)<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="https://sites.google.com/site/simplepacketsender/">https://sites.google.com/site/simplepacketsender/</a></div>

Simple Packet Sender- SRS (Packet Crafting) :: Tools

Simple Packet Sender (SPS) is a linux packet crafting tool . Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over I...

Read more »

Rootkit Hunter (Rootkit Scanner) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <b><img alt="rootkit hunter logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmAKcX4SzdyaNdf4DapqpG3d1wMIQl85Bf0MAAPmJDtEku0X-3BPe_s9_ozZkwyHMyJrfIXdORod7eI9TGZejFbegPFldu185F6m872hTfpFEgo8CPqIQPMyFm9ltA2FzzD6V9PhSLSoVP/s1600/Rkhunter.jpg" title="rootkit hunter logo" /></b></div> <b>Rootkit Hunter</b> is <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanning tool</a> to ensure you for about 99.9%* you're clean of nasty <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>. This tool <i>scans for <a href="http://www.toolwar.com/search/label/Rootkit" target="_blank">rootkits</a>, backdoors and local exploits</i> by running tests like:<br /> <br />     - MD5 <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> compare<br />     - Look for default files used by rootkits<br />     - Wrong file permissions for binaries<br />     - Look for suspected strings in LKM and KLD modules<br />     - Look for hidden files<br />     - Optional scan within plaintext and binary files<br /> <br /> <b>Rootkit Hunter</b> is released as GPL licensed project and free for everyone to use.* No, not really 99.9%.. It's just another security layer<br /> <br /> <b>System requirements:</b><br />     - Compatible operating system (see 'Supported operating systems')<br />     - Bourne Again Shell (BASH)<br /> <br /> <b>Supported operating systems ::</b><br /> - Most <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">Linux distributions</a><br /> - Most *BSD distributions</div> <div style="text-align: justify;"> <h3> Tutorial ::</h3> <b>Scanning Techniques :: </b><a href="http://www.rootkit.nl/articles/rootkit_scanning_techniques.html" target="_blank">Click Here</a><br /> <b>Documentations :: </b><a href="http://www.rootkit.nl/files/rootkit_documentation.html" target="_blank">Click Here</a><br /> <b>Video Tutorial ::</b>  <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5ngeBpeRros?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/rkhunter/files/latest/download" target="_blank">RootKit Hunter v1.4.0</a> (.tar.gz)<b> </b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.rootkit.nl/projects/rootkit_hunter.html">http://www.rootkit.nl/projects/rootkit_hunter.html</a></div>

Rootkit Hunter (Rootkit Scanner) :: Tools

Rootkit Hunter is scanning tool to ensure you for about 99.9%* you're clean of nasty tools . This tool scans for rootkits , backdoo...

Read more »

Lynis (Security and System Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s1600/lynis-screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="lynis screenshot" border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s320/lynis-screenshot.png" title="lynis screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Lynis</b> is a <b><i>Security and system auditing tool</i> </b>to harden <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> systems. <b>Lynis</b> is an <b>auditing tool </b>for Unix/Linux (specialists). It scans the <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> and available software and performs many individual <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> checks. It determines the hardening state of the machine and <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detects</a> security issues. Beside security related information it will also scan for general system information, installed packages and possible configuration errors. <b>Lynis</b> is a <a href="http://www.toolwar.com/search/label/Security" target="_blank">security tool</a> to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan it will provide the warnings and suggestions to help you improving the security defense of your systems.<br /> <br /> This software aims in assisting automated auditing, hardening, software patch management, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> and <a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a> scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (<a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> stick, cd/dvd).<br /> <br /> <b>Lynis </b>assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits.<br /> <br /> <b>Intended audience:</b><br /> Security specialists, penetration testers, system auditors, system/network managers.<br /> <br /> <b>Examples of audit tests:</b><br /> - Available authentication methods<br /> - Expired SSL certificates<br /> - Outdated software<br /> - User accounts without password<br /> - Incorrect file permissions<br /> - Configuration errors<br /> - Firewall auditing<br /> <br /> <b>Current state:</b><br /> Stable releases are available, development is active.<br /> <h3> Tutorials :: </h3> <b>Documentation :: </b><a href="http://www.rootkit.nl/files/lynis-documentation.html" target="_blank">Click Here</a> </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FgkC4k1kJaE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> <b>Download </b></h3> <b>Linux ::</b> <a href="http://cisofy.com/files/lynis-1.4.0.tar.gz" target="_blank">Llynis-1.4.0</a> (.tar.gz)</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.rootkit.nl/projects/lynis.html" target="_blank">http://www.rootkit.nl/projects/lynis.html </a></div> </div>

Lynis (Security and System Auditing) :: Tools

Lynis is a Security and system auditing tool to harden Linux systems. Lynis is an auditing tool for Unix/Linux (specialists). It sca...

Read more »

FruityWiFi (Wireless Auditing) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="FruityWiFi Screenshot" border="0" height="311" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1JHrHssrXvjVxrIiXhQ2a_6Nw0cQ6Io_oxLac-3nYxXA0ztQBVccfe8XxahD3MDwUa0nN_AyCnTwyNYqRew1esXzke6jIE0oEZJ9-UqWX7VbnNqecm1eywx_ksuFf4SRuUs0ISrTb68ij/s320/FruityWiFi+Screenshot.JPG" title="FruityWiFi Screenshot" width="320" /></div> <div style="text-align: justify;"> <b>FruityWifi</b> is a <i>wireless network auditing tool</i> based in the <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">wifi</a> Pineapple. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, <a href="http://www.toolwar.com/2013/09/kali-linux-toolwar.html" target="_blank">Kali Linux</a>, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi).</div> <h3 style="text-align: justify;"> Tutorial ::</h3> <div style="text-align: justify;"> <b> Wiki :: </b><a href="https://github.com/xtr4nge/FruityWifi/wiki" target="_blank">Click Here</a></div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Linux ::</b> <a href="https://github.com/xtr4nge/FruityWifi/archive/master.zip" target="_blank">FruityWiFi</a></div>

FruityWiFi (Wireless Auditing) :: Tools

FruityWifi is a wireless network auditing tool based in the wifi Pineapple. The application can be installed in any Debian based syst...

Read more »

Pytbull (IDS/IPS Testing) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;">  <img alt="pytbull ids mode" border="0" height="291" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBUJPMHKujz46n6sRck2NZDM075hEsNEerHmckZ-25awz2AFXTsWET-KZg7ngqkBZi0hpKmBHgm9_EwaLliZYrhmFPjNhRYcjqM3beHBHH4szekg9xDZKMPb1parSaCEd4KfgunPEj-e4f/s1600/pytbull-ids-mode.png" title="pytbull ids mode" width="400" /></div> <b>Pytbull</b> is an <b>Intrusion Detection/Prevention System (IDS/IPS) testing framework</b> for <i><a href="http://www.toolwar.com/2013/09/snort-tools_7.html" target="_blank">Snort</a> and Suricata.</i> We all know the greatness of these two projects. Even though it concentrates on Snort and Suricata, it can possibly be used to test the <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detection</a> and blocking capabilities of other <b><a href="http://www.toolwar.com/search/label/IDS" target="_blank">IDS</a>/<a href="http://www.toolwar.com/search/label/IPS" target="_blank">IPS</a></b> also. You can also use it to compare IDS/IPS, or compare their configuration modifications or to simply check/validate configurations. The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> is well equipped with about 300 tests grouped in 8 testing modules, such as:You've just set up your Intrusion Detection/Prevention System (IDS/IPS) and feel "Now I'm secure". But how can you be so sure? And how much do you trust your IDS/IPS?</div> <div style="text-align: justify;"> The only way to ensure your <b>IDS/IPS</b> detects and blocks unwanted traffic is to test it with specific payloads and <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, but this job can take hours or even days...</div> <div style="text-align: justify;"> Why all this pain? Here is where pytbull comes in!</div> <div style="text-align: justify;"> <b>Pytbull</b> is a <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> based flexible IDS/IPS <a href="http://www.toolwar.com/search/label/Testing" target="_blank">testing</a> framework shipped with more than 300 tests, grouped in 9 modules, covering a large scope of attacks (clientSideAttacks, testRules, badTraffic, fragmentedPackets, multipleFailedLogins, evasionTechniques, shellCodes, denialOfService, pcapReplay)</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_zS1f-F9niw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux ::</b> <a href="https://downloads.sourceforge.net/project/pytbull/pytbull-2.0.tar.bz2" target="_blank">Pytbull v2.0</a> (.tar.bz2)</div> <div style="text-align: justify;"> <b>Official Website :: </b>http://pytbull.sourceforge.net/ </div>

Pytbull (IDS/IPS Testing) :: Framework

  Pytbull is an Intrusion Detection/Prevention System (IDS/IPS) testing framework for Snort and Suricata. We all know the greatness o...

Read more »