ToolWar | Information Security (InfoSec) Tools: Fuzzing

WebSlayer (Brute Forcing Web Applications) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjB-Km_jr9rLE0PT8dWcX5nBk3Vg169tYvpjuYXyHIlJIjQjQiVszr8nD96mwiNPVRW85LZcoW5X_mMyw2crhTWikoBQ8v4OiWpaaZvhMCSAk5UzTLY5r67QXW9yjWBoUkY_WEAQKAphe81/s1600/webslayer-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="OWASP WebSlayer :: ToolWar" border="0" height="318" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjB-Km_jr9rLE0PT8dWcX5nBk3Vg169tYvpjuYXyHIlJIjQjQiVszr8nD96mwiNPVRW85LZcoW5X_mMyw2crhTWikoBQ8v4OiWpaaZvhMCSAk5UzTLY5r67QXW9yjWBoUkY_WEAQKAphe81/s1600/webslayer-1.png" title="OWASP WebSlayer :: ToolWar" width="400" /></a></div>
<div style="text-align: justify;">
<b>WebSlayer</b> is a tool designed for brute forcing Web  Applications, it can be used for finding  resources not linked  (directories, servlets, scripts,files, etc), brute force GET and POST  parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc.  The tools has a payload generator and an easy and powerful results  analyzer. </div>
<div style="text-align: justify;">
You can perform attacks like: </div>
<ul style="text-align: justify;">
<li>Predictable resource locator, recursion supported (Discovery) </li>
</ul>
<ul style="text-align: justify;">
<li>Login forms brute force </li>
</ul>
<ul style="text-align: justify;">
<li>Session brute force </li>
</ul>
<ul style="text-align: justify;">
<li>Parameter brute force </li>
</ul>
<ul style="text-align: justify;">
<li>Parameter fuzzing  and injection (XSS, SQL) </li>
</ul>
<ul style="text-align: justify;">
<li>Basic and Ntml authentication brute forcing </li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Ce413RcYuGI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: center;">
</div>
<br />
<b>Download Here ::</b> 
<a href="https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/webslayer/WebSlayer-Beta.msi" target="_blank">WebSlayer Beta</a><b><br /></b><br />
<b>Official Website :: </b>http://www.edge-security.com/webslayer.php </div>

WebSlayer (Brute Forcing Web Applications) :: Tools

WebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servl...

OWASP Amass - Subdomain Enumeration/Scanner : Tool

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMkkEOynUt7XrCQ08ZO7DXwHrtiOnQ6KzkLBUGr1ORjHVElgEpZ9YVI12g5k_1CWCHXdVc6OtERaG_LVt1zaJauILNLAlL8-xYEHP_XzhiMuaTTQvj24MNCzzlTviXcpeJyIidAxA-V08e/s1600/Amass.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="OWASP Amass Subdomain Scanner" border="0" data-original-height="327" data-original-width="647" height="202" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMkkEOynUt7XrCQ08ZO7DXwHrtiOnQ6KzkLBUGr1ORjHVElgEpZ9YVI12g5k_1CWCHXdVc6OtERaG_LVt1zaJauILNLAlL8-xYEHP_XzhiMuaTTQvj24MNCzzlTviXcpeJyIidAxA-V08e/s400/Amass.JPG" title="OWASP Amass Subdomain Scanner" width="400" /></a></div>
<br />
<div style="text-align: justify;">
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.</div>
<b><br />
</b> <b>Information Gathering Techniques Used:</b><br />
<br />
<div style="text-align: justify;">
1] DNS: Basic enumeration, Brute forcing (upon request), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (upon request)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
2] Scraping: Ask, Baidu, Bing, CommonCrawl, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
3] Certificates: Active pulls (upon request), Censys, CertDB, CertSpotter, Crtsh, Entrust</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
4] APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, DNSDB, HackerTarget, Mnemonic, NetworksDB, PassiveTotal, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
5] Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback</div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Video Tutorial:</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/mEQnVkSG19M/0.jpg" frameborder="0" height="330" src="https://www.youtube.com/embed/mEQnVkSG19M?feature=player_embedded" width="100%"></iframe></div>
<h3 style="text-align: justify;">
 </h3>
<h3 style="text-align: justify;">
Documentation:  </h3>
<div style="text-align: justify;">
1] <a href="https://github.com/OWASP/Amass/blob/master/doc/install.md" target="_blank">Installation Guide </a></div>
<div style="text-align: justify;">
2] <a href="https://github.com/OWASP/Amass/blob/master/doc/user_guide.md" target="_blank">User's Manual/How to Use</a></div>
<h3 style="text-align: justify;">
Download:</h3>
<div style="text-align: justify;">
Amass is available for various platforms like Linux, Windows, MacOS etc.</div>
<div style="text-align: justify;">
1] <a href="https://github.com/OWASP/Amass" target="_blank">Download Link</a></div>
<div style="text-align: justify;">
2] <a href="https://github.com/OWASP/Amass/releases" target="_blank">Precompiled Binary</a> (Windows, MacOS, Linux)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Official Page:</b> <a href="https://github.com/OWASP/Amass" target="_blank">OWASP Amass</a></div>

OWASP Amass - Subdomain Enumeration/Scanner : Tool

The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and p...

FireEye Commando VM : Distribution

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s1600/CVM+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="commando vm fireeye" border="0" data-original-height="750" data-original-width="974" height="246" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s320/CVM+logo.png" title="commando vm fireeye" width="320" /></a></div>
<div style="text-align: justify;">
CommandoVM - a fully customized, Windows-based security <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">distribution</a> for penetration testing and red teaming. </div>
<div style="text-align: justify;">
Penetration testers commonly use their own variants of Windows 
machines when assessing Active Directory environments. Commando VM was 
designed specifically to be the go-to platform for performing these 
internal penetration tests. The benefits of using a Windows machine 
include native support for Windows and Active Directory, using your VM 
as a staging area for C2 frameworks, browsing shares more easily (and 
interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.</div>
<div style="text-align: justify;">
Commando VM uses Boxstarter, Chocolatey, and MyGet packages
 to install all of the software, and delivers many tools and utilities 
to support penetration testing. This list includes more than 140 tools, 
including:</div>
<ul style="list-style-position: inside; text-align: justify;">
<li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li>
<li><a href="http://www.toolwar.com/2013/09/wireshark-tools.html" target="_blank">Wireshark</a></li>
<li>Covenant</li>
<li>Python</li>
<li>Go</li>
<li>Remote Server Administration Tools</li>
<li><a href="http://www.toolwar.com/2013/09/sysinternals.html" target="_blank">Sysinternals</a></li>
<li>Mimikatz</li>
<li><a href="http://www.toolwar.com/2013/09/burp-suite-tools.html" target="_blank">Burp-Suite</a></li>
<li>x64dbg</li>
<li>Hashcat</li>
</ul>
<div style="text-align: justify;">
With such versatility, Commando VM aims to be the de facto <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a>machine for every penetration tester and red teamer. For the blue 
teamers reading this, don’t worry, we’ve got full blue team support as 
well! The versatile tool sets included in Commando VM provide blue teams
 with the tools necessary to audit their networks and improve their 
detection capabilities. With a library of offensive tools, it makes it 
easy for blue teams to keep up with offensive tooling and attack trends.</div>
<div style="text-align: justify;">
<br /></div>
<h4>
Requirements</h4>
<ul>
<li>Windows 7 Service Pack 1 or Windows 10</li>
<li>60 GB Hard Drive</li>
<li>2 GB RAM</li>
</ul>
<h3 style="text-align: justify;">
Installation Instruction: </h3>
<ol>
<li>Create and configure a new Windows Virtual Machine</li>
</ol>
<ul>
<li>Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain</li>
<li>Take a snapshot of your machine!</li>
<li>Download and copy <code>install.ps1</code> on your newly configured machine.</li>
<li>Open PowerShell as an Administrator</li>
<li>Enable script execution by running the following command:
<ul>
<li><code>Set-ExecutionPolicy Unrestricted</code></li>
</ul>
</li>
<li>Finally, execute the installer script as follows:
<ul>
<li><code>.\install.ps1</code></li>
<li>You can also pass your password as an argument: <code>.\install.ps1 -password <password></code></li>
</ul>
</li>
</ul>
<div style="text-align: justify;">
<b>Detailed Installation Instruction: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Click Here</a><b> </b></div>
<div style="text-align: justify;">
<b>Download: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Commando VM</a></div>
<div style="text-align: justify;">
<b>Official Website: </b><a href="https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html" rel="nofollow" target="_blank">FireEye</a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>

FireEye Commando VM : Distribution

CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers comm...

Sublist3r - Subdomain Enumeration / Scanner : Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX9xrud6fayQX7f2OmbYU-qjmsBfi35Y0IOMLeMSt1J-XnREvEI3TP99ySPRbENncML8CtP-8Nj8ppzVMR1nkfJWP_4ACocVhp1ZkHhCTFlQlNxlDPkC0htQNyVAN8KELdRTWwRfydGVt3/s1600/Sublist3r.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Sublist3r - Subdomain Enumeration" border="0" data-original-height="413" data-original-width="867" height="190" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX9xrud6fayQX7f2OmbYU-qjmsBfi35Y0IOMLeMSt1J-XnREvEI3TP99ySPRbENncML8CtP-8Nj8ppzVMR1nkfJWP_4ACocVhp1ZkHhCTFlQlNxlDPkC0htQNyVAN8KELdRTWwRfydGVt3/s400/Sublist3r.JPG" title="Sublist3r - Subdomain Scanner" width="400" /></a></div>
<div style="text-align: justify;">
Sublist3r is a python tool designed to enumerate subdomains of websites 
using OSINT. It helps penetration testers and bug hunters collect and 
gather subdomains for the domain they are targeting. Sublist3r 
enumerates subdomains using many search engines such as Google, Yahoo, 
Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using 
Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.</div>
<div style="text-align: justify;">
<br /></div>
<h2 style="text-align: justify;">
<span style="font-size: large;">Installation:</span></h2>
<blockquote class="tr_bq">
<pre><code>git clone https://github.com/aboul3la/Sublist3r.git</code></pre>
</blockquote>
<b><span style="font-size: small;">Dependencies:</span></b><br />
<blockquote class="tr_bq">
<pre><code>sudo pip install -r requirements.txt</code></pre>
</blockquote>
<b><span style="font-size: small;">How To Use:</span></b> <br />
<blockquote class="tr_bq">
<span style="font-size: large;"> </span><code>python sublist3r.py -v -d example.com</code></blockquote>
where -V : Verbose, -d : Domain<br />
<br />
<h3>
<b>Download:: </b> </h3>
Linux & Windows : <a href="https://github.com/aboul3la/Sublist3r" rel="nofollow" target="_blank">Sublis3r (Official Page)</a>

Sublist3r - Subdomain Enumeration / Scanner : Tools

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collec...

RAFT (Response Analysis and Further Testing Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="raft screenshot toolwar" border="0" height="234" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimx_ZNEI51-G8nYISMge30CIKHECpzubYpi9piek4_sk1Vx-fycO9fyXjDqnJonrPsM9JtQnHlVYfLJherJ3izDMfofh8e8Io_SK8VHPH0kXza5Dzz389c2CdCyGPhWSsUJwgEhDhOo7Fi/s320/raft+logo+toolwar.png" title="raft screenshot toolwar" width="320" /></div>
<div style="text-align: justify;">
<span style="font-family: Arial,Helvetica,sans-serif;"><b>RAFT</b> is a<i> Response Analysis and Further Testing Tool</i>. <b>RAFT</b> is a testing tool for the identification of vulnerabilities in 
web applications. <b>RAFT</b> is a suite of tools that utilize common shared 
elements to make testing and analysis easier. The tool provides 
visibility in to areas that other tools do not such as various client 
side storage.<b> RAFT</b> uses markup to create templates for fuzz testing. </span></div>
<div style="text-align: justify;">
<b><br /></b></div>
<div style="text-align: justify;">
<b>Download Here :: </b><a href="http://raft.googlecode.com/files/RAFT-3.0.1-win32-setup.exe" target="_blank">RAFT 3.0.1.exe</a></div>
<div style="text-align: justify;">
<b>Source ::</b> http://code.google.com/p/raft/</div>
</div>

RAFT (Response Analysis and Further Testing Tool) :: Tools

RAFT is a Response Analysis and Further Testing Tool . RAFT is a testing tool for the identification of vulnerabilities in web appli...

PHP Vulnerability Hunter :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<img alt="PHP Vulnerability Hunter" border="0" height="100" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG8un62G9aI66KfYY1jKVyVDkPxQhrDMFRtAWDZgKTmruDEGViZovWt_bflJZPkTCbSYaOmr8DJqXBgmmuJIMVMdAQ-3FgZomagEe0TatijEm9wWpy-1xtJThMKH18EiW2zCe6NYqEaB3l/s1600/PHP-Vulnerability-Hunter.jpg" title="PHP Vulnerability Hunter" width="400" /></div>
<div style="text-align: justify;">
<b>PHP Vulnerability Hunter</b> is an <b>whitebox fuzz testing tool</b> capable of 
detected several classes of vulnerabilities in PHP web applications.</div>
<div style="text-align: justify;">
While most web application fuzzers rely on the user to specify 
application inputs, PHP vulnerability hunter uses a combination of 
static and dynamic analysis to automatically map the target application.
 Because it works by instrumenting application, PHP Vulnerability Hunter
 can detect inputs that are not referenced in the forms of the rendered 
page.</div>
<div style="text-align: justify;">
PHP Vulnerability Hunter is aware of many different types of 
vulnerabilities found in PHP applications, from the most common such as 
cross-site scripting and local file inclusion to the lesser known, such 
as user controlled function invocation and class instantiation. <br />
<br />
<b>PHP Vulnerability Hunter</b> can detect the following classes of vulnerabilities:
</div>
<ul style="text-align: justify;">
<li>Arbitrary command execution</li>
<li>Arbitrary file read/write/change/rename/delete</li>
<li>Local file inclusion</li>
<li>Arbitrary PHP execution</li>
<li>SQL injection</li>
<li>User controlled function invocatino</li>
<li>User controlled class instantiation</li>
<li>Reflected cross-site scripting (XSS)</li>
<li>Open redirect</li>
<li>Full path disclosure</li>
</ul>
<div style="text-align: justify;">
<b>Download Here :: </b><a class="FileNameLink" href="https://phpvulnhunter.codeplex.com/downloads/get/690936" id="fileDownload0" tabindex="9">PHP Vulnerability Hunter 1.4.0.20 Unstable</a></div>
<div style="text-align: justify;">
<b>Source Website ::</b> https://phpvulnhunter.codeplex.com</div>
</div>

PHP Vulnerability Hunter :: Tools

PHP Vulnerability Hunter is an whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applicati...

Subscribe to: Posts ( Atom )