SubBrute (Subdomain Bruteforcer) :: Tools

<p style="text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir8Vkrnp22NNcwJ4TRgPi1YAm_XJvNmKenaVQ0w98RW2yv5rqslLJflOiKfr0HEHmjopBvu_-nmjjxc3eYsn0w8kMP6PHuX9xMhvRigmyxoBDd-bwTEbnjX-H_haEpL0DfBWjSX9-CfDA/s1600/SubBrute.jpg" style="margin-left: 1em; margin-right: 1em;"><img alt="subbrute subdomain bruteforce" border="0" data-original-height="900" data-original-width="1600" height="225" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir8Vkrnp22NNcwJ4TRgPi1YAm_XJvNmKenaVQ0w98RW2yv5rqslLJflOiKfr0HEHmjopBvu_-nmjjxc3eYsn0w8kMP6PHuX9xMhvRigmyxoBDd-bwTEbnjX-H_haEpL0DfBWjSX9-CfDA/w400-h225-rw/SubBrute.jpg" title="subbrute subdomain bruteforce" width="400" /> </a></p><p style="text-align: justify;">SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target's name servers.</p><p><span style="font-size: medium;"><b>I<span>nstallation & Use:</span></b> </span></p><p>No install required for Windows, just cd into the 'windows' folder:</p> <ul><li>subbrute.exe google.com</li></ul> <p>Easy to install: You just need and python2.7 or python3. This tool should work under any operating system: bsd, osx, windows, linux...</p> <p>(On a side note giving a makefile root always bothers me, it would be a great way to install a backdoor...)</p> <p>Under Ubuntu/Debian all you need is:</p> <ul><li>sudo apt-get install python-dnspython</li></ul> <p>On other operating systems you may have to install dnspython manually:</p> <p>Easy to use:</p> <ul><li>./subbrute.py google.com</li></ul> <p>Tests multiple domains:</p> <ul><li>./subbrute.py google.com gmail.com blogger.com</li></ul> <p>or a newline delimited list of domains:</p> <ul><li>./subbrute.py -t list.txt</li></ul> <p>Also keep in mind that subdomains can have subdomains (example: _xmpp-server._tcp.gmail.com):</p> <ul><li> <p>./subbrute.py gmail.com > gmail.out</p> </li><li> <p>./subbrute.py -t gmail.out</p> </li></ul><p style="text-align: justify;"><b><span style="font-size: small;">Download: <a href="https://github.com/TheRook/subbrute" target="_blank">Subbrute v1.2.1</a><br /></span></b></p>

SubBrute (Subdomain Bruteforcer) :: Tools

    SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of th...

Read more »

Echo Mirage 3.1 :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifvB-lq7ocGqBXR7di9weB76khloj25f-AdTfIHjMhY1mlB5EDYxX5kz5DJnyRjhDaI2IfKRsb65SReUbaFQn-CqfpIec1dx1biJwetM3rFPQHtE5dLix-SIWXUaIbKm9jlayP2-4whOkm/s1600/Echo+Mirage.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Download Echo Mirage" border="0" height="219" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifvB-lq7ocGqBXR7di9weB76khloj25f-AdTfIHjMhY1mlB5EDYxX5kz5DJnyRjhDaI2IfKRsb65SReUbaFQn-CqfpIec1dx1biJwetM3rFPQHtE5dLix-SIWXUaIbKm9jlayP2-4whOkm/s320-rw/Echo+Mirage.jpg" title="Echo Mirage 3.1 from ToolWar" width="320" /></a></div> <div style="text-align: justify;"> <b>Echo Mirage</b> is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function calls so that data transmitted and received by local applications can be observed and modified.<br /><br />Windows encryption and OpenSSL functions are also hooked so that plain text of data being sent and received over an encrypted session is also available.<br /><br />Traffic can be intercepted in real-time, or manipulated with regular expressions and action scripts.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> Note: Echo Mirage is no longer available from author. Here is the archived copy of it. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>License: </b>Freeware<b> </b></div> <div style="text-align: justify;"> <b>Download:: </b><a href="http://woodmann.com/collaborative/tools/images/Bin_Echo_Mirage_2014-1-11_17.28_EchoMirage-3.1.rar" rel="nofollow" target="_blank">Echo Mirage 3.1</a> (.exe) </div> <div style="text-align: justify;"> <br /></div>

Echo Mirage 3.1 :: Tools

Echo Mirage is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function call...

Read more »

Suricata (IDS/IPS Engine) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="suricata logo" border="0" height="265" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBA8R1kVvwx8gIls0T9zJesWG83diVGoQDvpgQ64t30hKH72d_JYtyh6xI7vCSI20ZvkEvN3A3va6GdCt1J0dGvzTFshoa1K338lSeSq1we3BTEUrhBpV9mg7FY32RNfglod3Y94UbDU91/s1600-rw/suricata.png" title="suricata logo" width="320" /></div> <b>The Suricata Engine</b> is an <b>Open Source Next Generation Intrusion Detection and Prevention Engine.</b> This engine is not intended to just replace or emulate the existing <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> in the industry, but will bring new ideas and technologies to the field.<br /> <br /> <b>OISF</b> is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members.<br /> <br /> The <b>Suricata </b>Engine and the HTP Library are available to use under the GPLv2.<br /> <br /> The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of Mod <a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> fame for the OISF. This integrates and provides very advanced processing of HTTP streams for <b>Suricata</b>. The HTP library is required by the engine, but may also be used independently in a range of applications and tools.</div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> Tutorial ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/A8e3y2DRiWg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> </div> </div> <div style="text-align: justify;"> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/-CDGwRm2ue8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Unix, Linux & Mac :: </b><a href="https://redmine.openinfosecfoundation.org/attachments/download/971/Suricata-1.4.7-1-32bit.msi" target="_blank">Suricata v1.4.7</a> (.tar.gz)<b> </b></div> <div style="text-align: justify;"> <b>Windows :: </b><a href="https://redmine.openinfosecfoundation.org/attachments/download/971/Suricata-1.4.7-1-32bit.msi" target="_blank">Suricata v1.4.7.1</a> (.msi)</div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.openinfosecfoundation.org/index.php/download-suricata">http://www.openinfosecfoundation.org/index.php/download-suricata</a></div>

Suricata (IDS/IPS Engine) :: Tools

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just re...

Read more »

EtherApe (Graphical Network Monitor) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9-e6IMfm4L4BPvg8xBw_1z3S4tjBYqsZ0F40EyiJ_0oUmUbu8GJcn7a0xXie8ubZmErEnq-syvMbFgasiJG8trgldY0-0DMZs6LaVP-hTmlN6qvezeaFjLZzXZnbZt-F_d9hXYuUH-VN-/s1600/etherape_intro2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="etherape screenshot" border="0" height="246" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9-e6IMfm4L4BPvg8xBw_1z3S4tjBYqsZ0F40EyiJ_0oUmUbu8GJcn7a0xXie8ubZmErEnq-syvMbFgasiJG8trgldY0-0DMZs6LaVP-hTmlN6qvezeaFjLZzXZnbZt-F_d9hXYuUH-VN-/s1600-rw/etherape_intro2.png" title="etherape screenshot" width="400" /></a></div> <b>EtherApe</b> is a <b>graphical network monitor for Unix</b> modeled after <i>etherman</i>. Featuring link layer, IP and TCP modes, it displays <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> activity graphically. Hosts and links change in size with traffic. Color coded <a href="http://www.toolwar.com/search/label/Protocol" target="_blank">protocols</a> display.<br /> It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN devices, plus several encapsulation formats. It can filter traffic to be shown, and can read <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packets</a> from a file as well as live from the network. Node statistics can be exported.</div> <div style="text-align: justify;"> <b>As of version 0.9.13, EtherApe as these features, in no particular order: </b><br /> <ul> <li><span style="background-color: white;">Network traffic is displayed graphically. The more "talkative" a node is, the bigger its representation. </span></li> <li><span style="background-color: white;">Node and link color shows the most used protocol. </span></li> <li><span style="background-color: white;">User may select what level of the protocol stack to concentrate on. </span></li> <li><span style="background-color: white;">You may either look at traffic within your network, end to end IP, or even port to port TCP. </span></li> <li><span style="background-color: white;">Data can be captured "off the wire" from a live network connection, or read from a tcpdump capture file. </span></li> <li><span style="background-color: white;">Live data can be read from ethernet, FDDI, PPP, SLIP and WLAN interfaces, plus several other incapsulated formats (e.g. Linux cooked, PPI).</span></li> <li><span style="background-color: white;">The following frame and packet types are currently supported: ETH_II, 802.2, 803.3, IP, IPv6, ARP, X25L3, REVARP, ATALK, AARP, IPX, VINES, TRAIN, LOOP, VLAN, ICMP, IGMP, GGP, IPIP, TCP, EGP, PUP, UDP, IDP, TP, ROUTING, RSVP, GRE, ESP, AH, EON, VINES, EIGRP, OSPF, ENCAP, PIM, IPCOMP, VRRP; and most TCP and UDP services, like TELNET, FTP, HTTP, POP3, NNTP, NETBIOS, IRC, DOMAIN, SNMP, etc. </span></li> <li><span style="background-color: white;">Data display can be refined using a network filter using pcap syntax.</span></li> <li><span style="background-color: white;">Display averaging and node persistence times are fully configurable. </span></li> <li><span style="background-color: white;">Name resolution is done using standard libc functions, thus supporting DNS, hosts file, etc. </span></li> <li><span style="background-color: white;">Clicking on a node/link opens a detail dialog showing protocol breakdown and other traffic statistics. </span></li> <li><span style="background-color: white;">Protocol summary dialog shows global traffic statistics by protocol.</span></li> <li><span style="background-color: white;">Node summary dialog shows traffic statistics by node.</span></li> <li><span style="background-color: white;">Node statistics export to XML file.</span></li> <li><span style="background-color: white;">A single node can be centered on the display.</span></li> <li><span style="background-color: white;">Scrollkeeper/rarian-compatible manual integrated with yelp.</span></li> </ul> </div> <h3 style="text-align: justify;"> Tutorial ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3S95lWky9CU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/etherape/files/latest/download?source=files" target="_blank">Etherape v0.9.11</a> (.tar.gz)</div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://etherape.sourceforge.net/">http://etherape.sourceforge.net/</a></div>

EtherApe (Graphical Network Monitor) :: Tools

EtherApe is a graphical network monitor for Unix modeled after etherman . Featuring link layer, IP and TCP modes, it displays network ...

Read more »

Distributed Network Attack (DNA) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Distributed Network Attack (DNA)" border="0" height="356" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgN1ZMHUWsjTC9Dt1gSGHwIb7uX_fVP2wEVefcDrl4xAEhFWtrS40MMQJeHNbsyJpHPAyBuMo5re53V-mtj7tDVo_foJL2k5V5G6MGzC34betwn72UCVNwMKUzShO9IwPYFmaiSd_gp0vu3/s1600-rw/Distributed+Network+Attack+(DNA).jpg" title="Distributed Network Attack (DNA)" width="640" /></div> <b>Distributed Network Attack (DNA)</b> is a new approach to <i>recovering password protected files</i>. In the past, recoveries have been limited to the processing power of one machine. <b>Distributed Network Attack (DNA)</b> uses the power of machines across the <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> or across the world to decrypt <a href="http://www.toolwar.com/search/label/Password" target="_blank">passwords</a>. The DNA Server is installed in a central location where machines running the <b>Distributed Network Attack (DNA)</b> Client can access it over the network. DNA Manager coordinates the attack, assigning small portions of the key search to machines distributed throughout the network. The DNA Client will run in the background, only taking unused processor time. <b>Distributed Network Attack (DNA)</b> is used in many different environments to provide specific, <b>password <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">cracking</a></b> related functions. <b><i>For example</i></b>, law enforcement and corporate <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> professionals can use <b>PRTK and DNA</b> in <i>computer <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic</a> investigations</i> to access password-protected files. IT administrators can use <b>DNA</b> to recover system passwords, while individual users can use PRTK and DNA to recover lost passwords to personal files. These two products provide access to passwords for a large number of popular software applications. <b>DNA</b> uses multiple machines across the network or across the world to conduct key space and dictionary <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a>. In many cases, this makes use of time those computers would normally be idle, saving the cost of additional hardware. Many organizations find that the cost of additional hardware is justified for a secure, dedicated password recovery lab. </div> <div style="text-align: justify;"> <br /> <div class="ui-tabs-panel ui-widget-content ui-corner-bottom" id="dna-features"> <div class="featurewrapper"> <div class="FeatureRow"> <b>Distributed Network Attack® (DNA®) Features ::</b><br /> <ul class="square"> <li>Leverage graphic processing units on Microsoft Windows machines with CUDA-enabled GPUs.</li> <li>Easy to read Statistics and Graphs</li> <li>Add user dictionaries</li> <li>Optimization for password attacks for specific <a href="http://www.toolwar.com/search/label/Language" target="_blank">languages</a></li> <li>Customize user dictionaries</li> <li>Stealth client installation functionality</li> <li>Automatic Client update when updating the DNA Server</li> <li>Control which clients work on certain jobs</li> </ul> </div> </div> </div> <b>DNA® Worker Minimum Requirements :: </b><br /> <ul class="square"> <li>Operating System:</li> </ul> <ul class="square"><ul class="square"> <li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>® XP/2000</li> <li>Macintosh OSX 10.3.9/10.4.x</li> <li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> Red Hat/Fedora Core 4</li> <li>Solaris</li> </ul> </ul> <ul class="square"> <li>Processor:</li> </ul> <ul class="square"><ul class="square"> <li>Intel Pentium® III/P4/AMD Athlon™</li> <li>Power PC G4/G5</li> <li>Sparc</li> </ul> </ul> <ul class="square"> <li>RAM: 1 Gb</li> <li>Hard Disk Space: 40 Gb</li> </ul> </div> <h3> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EJxrRbrf12I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/ghaOJoJ08cw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://marketing.accessdata.com/acton/attachment/4390/u-001a/0/-/-/-/-/" target="_blank">Distributed Network Attack (DNA) version 7.0.0 (.iso)</a></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.accessdata.com/">http://www.accessdata.com/</a> </div>

Distributed Network Attack (DNA) :: Framework

Distributed Network Attack (DNA) is a new approach to recovering password protected files . In the past, recoveries have been limi...

Read more »

Juli (MITM) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="MITM Attack Security" border="0" height="305" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO8ISFmjA0ekD7MPO8ICWGwpqxp0xB5sjipk9sIvcZyXydEZ4YA3TdPy0DID6206FpnsQF94cYahJVQlvRI8mFhifxNHnoqQe8lRrQSzD1Nb0FulPIAmHltwTkMP-pCvxsLo32-8Gk8M3K/s1600-rw/Parasite-Attack-MITM.jpg" title="MITM Attack Security" width="640" /></div> <br /> A simple automated perl script for MiTM ( man-in-the-middle ) attacks. <br /> <h4> </h4> <h4> Requirements:</h4> <ul class="task-list"> <li>Linux ( I tested it on Ubuntu 14.04 LTS )</li> <li>Perl</li> <li>sslstrip <a href="https://github.com/moxie0/sslstrip">https://github.com/moxie0/sslstrip</a> </li> <li>arpsoof ( from dsniff can be found here <a href="http://www.monkey.org/%7Edugsong/dsniff/">http://www.monkey.org/~dugsong/dsniff/</a> )</li> </ul> <h4> Usage:</h4> Script must be runned as a root user<br /> <ul class="task-list"> <li> sudo juli.pl interface targetip</li> </ul> <b>Download:</b><br /> <b>Linux: <a href="https://github.com/em616/Juli" target="_blank">Juli.pl</a></b>

Juli (MITM) :: Tools

A simple automated perl script for MiTM ( man-in-the-middle ) attacks. Requirements: Linux ( I tested it on Ubuntu 14.04 LTS ) Per...

Read more »

Orbot (Tor for Android Devices) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="orbot logo" border="0" height="312" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5RYmrfY-dbfDYpMMg0kD6ucxTAaijL-WLejZZ5J8cNhrGhCl0Y07Wnk3u8L2K65SE63V51dEeDhwL_hVod55CRBWkisVhoF5PHttLmmDBqNtI-0OLlkc9RkbWIcFGN0qHryBxqCyEOEI-/s640-rw/orbot+logo.png" title="orbot logo" width="640" /></div> <div style="text-align: justify;"> <b>Orbot</b> is a <b>free proxy app</b> that empowers other apps to use the <i> internet more securely</i>. <b>Orbot</b> uses Tor to <a href="http://www.toolwar.com/search/label/Encryption" target="_blank">encrypt</a> your Internet traffic and then hides it by bouncing through a series of computers around the world. <a href="http://www.toolwar.com/search/label/Tor" target="_blank"><b>Tor</b></a> is <a href="http://www.toolwar.com/search/label/Free" target="_blank">free</a> software and an open <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a>.</div> <div style="text-align: justify;"> <b>Orbot</b> is the only app that creates a truly private internet connection. As the New York Times writes, “when a communication arrives from Tor, you can never know where or whom it’s from.” Tor won the 2012 Electronic Frontier Foundation (EFF) Pioneer Award.</div> <div style="text-align: justify;"> <br /> <b>ACCEPT NO SUBSTITUTES</b>: <b>Orbot</b> is the safest way to use the Internet on <a href="http://www.toolwar.com/search/label/Android" target="_blank">Android</a>. Period. <b>Orbot</b> bounces your encrypted traffic several times through computers around the world, instead of connecting you directly like <a href="http://www.toolwar.com/search/label/Proxy" target="_blank">VPNs and proxies</a>. This process takes a little longer, but the strongest privacy and identity protection available is worth the wait.</div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Dcf5sh99ze0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Android Play Store ::</b> <a href="https://market.android.com/details?id=org.torproject.android" target="_blank">Orbot</a> </div> <div style="text-align: justify;"> <b>Direct Download :: </b><a href="https://guardianproject.info/releases/orbot-latest.apk" target="_blank">Orbot.apk</a></div> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> </div> </div> <div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: left;"> <b>Official Website :: </b><a href="https://guardianproject.info/apps/orbot/">https://guardianproject.info/apps/orbot/</a></div> <div class="separator" style="clear: both; text-align: left;"> <b> </b></div> <b> </b></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div>

Orbot (Tor for Android Devices) :: Tools

Orbot is a free proxy app that empowers other apps to use the internet more securely . Orbot uses Tor to encrypt your Internet traff...

Read more »

Microsoft's Network Monitor (Capturing and Protocol Analysis of Network Traffic) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuFsGavVKjtg1dEaRPRUk32xdWIKamQW4Z316g0h_uszkMWNGQsKf4s1b6LprmWBYZ5WnOg38bBpcuJjEQQGQuK7HkywR3J1kJzcPIYR7FEZKbW1rI6kIMDrqpJjnmw7Kcbd8Aa_qiQehH/s1600/Microsoft+Network+Monitor+Sceenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Microsoft Network Monitor Screenshot" border="0" height="377" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuFsGavVKjtg1dEaRPRUk32xdWIKamQW4Z316g0h_uszkMWNGQsKf4s1b6LprmWBYZ5WnOg38bBpcuJjEQQGQuK7HkywR3J1kJzcPIYR7FEZKbW1rI6kIMDrqpJjnmw7Kcbd8Aa_qiQehH/s1600-rw/Microsoft+Network+Monitor+Sceenshot.jpg" title="Microsoft Network Monitor Screenshot" width="640" /></a></div> <div style="text-align: justify;"> <b>Microsoft's Network Monitor</b> is a tools that allow <b>capturing and protocol analysis of network traffic</b>. Network Monitor 3 is a <a href="http://www.toolwar.com/search/label/Protocol" target="_blank">protocol analyzer</a>. It enables you to capture, to view, and to analyze <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> data. You can use it to help troubleshoot problems with applications on the network. This article contains download and support information, installation notes, and general usage information about Network Monitor 3. Network Monitor 3.4 is the latest version.</div> <div style="text-align: justify;"> <b>Network Monitor 3 </b> is a complete overhaul of the earlier Network Monitor 2.<var>x</var> version. Some key features of Network Monitor 3 include the following:</div> <ul style="text-align: justify;"> <li>Script-based parser model with frequent updates </li> <li>Concurrent live capture sessions</li> <li>Support for Windows 7</li> <li>Support for 32-bit platforms and for 64-bit platforms </li> <li>Support for network conversations and process tracking</li> <li> API to access capture and parsing engine</li> <li> <a href="http://www.toolwar.com/search/label/Wireless" target="_blank">Wireless</a> Monitor Mode Capturing</li> </ul> <div class="toggle-area" style="display: block; text-align: justify;"> <div class="system-requirements"> <div class="supported-os"> <b>Supported Operating System ::</b></div> <div itemprop="operatingSystems"> <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> 7, Windows 8, Windows Server 2003 Service Pack 2, Windows Server 2003 Service Pack 2 x64 Edition, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 for Itanium-based Systems, Windows Server 2012, Windows Vista 64-bit Editions Service Pack 1, Windows Vista Service Pack 1, Windows XP 64-bit, Windows XP Service Pack 3 </div> <ul class="htmldetails other-requirements"> Hardware :: <ul> <li>1 GHz or greater CPU</li> <li>1 GB or greater <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a></li> <li>60 MB free hard disk space plus extra room for capture files</li> </ul> </ul> </div> </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Installation Instruction :: </b> </div> <div style="text-align: justify;"> The Network <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">Monitor</a> core engine has been decoupled from the parser set. To install the full <b>Network Monitor 3.4</b> product: </div> <ul style="text-align: justify;"> <li>Run the setup.exe for the platform you are installing.</li> <li>You will be prompted first to install the core engine. Follow the installation directions. Make sure you close existing instances of netmon.exe, nmcap.exe and any running NMAPI applications.</li> <li>Next you will be prompted to install the parser package. Follow the installation directions:</li> </ul> <div style="text-align: justify;"> <b> To uninstall the full Network Monitor 3.4 product ::</b></div> <ul style="text-align: justify;"> <li>Go to Add/Remove Programs in Control Panel</li> <li>Uninstall both <b>Microsoft Network Monitor 3.4</b> and Microsoft Network Monitor: Network Monitor Parsers 3.4</li> </ul> <b>Network Monitor Blog ::</b> <a href="http://go.microsoft.com/fwlink/?LinkID=92890" target="_blank">Click Here</a><br /> <b>Network Monitor Blog ::</b> <a href="http://go.microsoft.com/fwlink/?LinkID=151800" target="_blank">Click Here</a><br /> <br /> <b>Video Tutorial :: </b> <a href="http://www.youtube.com/watch?v=jsShLK5bhoY" target="_blank">Click Here</a><br /> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: <a href="https://www.microsoft.com/en-in/download/details.aspx?id=4865" target="_blank">Network Monitor 3.4</a> (x86 & x64)</b><a href="http://www.microsoft.com/en-us/download/details.aspx?id=4865" target="_blank"></a></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.microsoft.com/en-us/download/details.aspx?id=4865">http://www.microsoft.com/en-us/download/details.aspx?id=4865</a></div> <div style="text-align: justify;"> <br /></div> </div>

Microsoft's Network Monitor (Capturing and Protocol Analysis of Network Traffic) :: Tools

Microsoft's Network Monitor is a tools that allow capturing and protocol analysis of network traffic . Network Monitor 3 is a proto...

Read more »

WAIDPS (Wireless Auditing and IDS/IPS) :: Tools

<div class="MsoNormal" style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2brw15uNZM6cni3F7-EtWQHYhj-0aNTw7yRP5neqqvJNHGdMiVN1N_0W3-Viquk330eFmeUtUUvL8svfYNwbfTIeN9EHznj0wezjqVUp-xF_BlO8Gs1EjB_PoXg6gp8JdoTV0ztUiuyz/s1600/WAIDPS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="281" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2brw15uNZM6cni3F7-EtWQHYhj-0aNTw7yRP5neqqvJNHGdMiVN1N_0W3-Viquk330eFmeUtUUvL8svfYNwbfTIeN9EHznj0wezjqVUp-xF_BlO8Gs1EjB_PoXg6gp8JdoTV0ztUiuyz/s1600-rw/WAIDPS.png" width="400" /></a></div> <div class="separator" style="clear: both; text-align: center;"> </div> <span style="font-family: Arial;"><b>WAIDPS</b> (Wireless Auditing, Intrusion Detection and Prevention System) is an open source <b>wireless swissknife</b> written in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> and work on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> environment. This is a multipurpose tools designed for audit (<a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">WiFi</a> information in the surrounding and store in databases. This will be useful when it comes to auditing a <a href="http://www.toolwar.com/search/label/Network" target="_blank">network </a>if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment. </span></div> <div class="MsoNormal" style="text-align: justify;"> </div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;"><b>WAIDPS</b> may be useful to penetration testers, <a href="http://www.toolwar.com/search/label/Wireless" target="_blank">wireless</a> trainers, law enforcement agencies and those who is interested to know more about wireless auditing and protection. The primarily purpose for this script is to detect intrusion. Once wireless detect is found, it display on screen and also log to file on the attack. Additional features are added to current script where previous WIDS does not have are :</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">automatically save the attack packets into a file</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">interactive mode where users are allow to perform many functions</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">allow user to analyse captured packets</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">load previously saved pcap file or any other pcap file to be examine</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">customizing filters</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">customize detection threshold (sensitivity of IDS in detection)</span></div> <div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;"> </div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">At present, <b>WAIDPS</b> is able to detect the following wireless attacks and will subsequently add other detection found in the previous WIDS.</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Association / Authentication flooding</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect mass deauthentication which may indicate a possible WPA attack for handshake </span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WEP attack using the ARP request replay method</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WEP attack using chopchop method</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detection of Evil-Twin</span></div> <div class="MsoNormal" style="margin-left: 0.75in; text-align: justify; text-indent: -0.25in;"> <span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><span style="font-family: Arial;">Detection of Rogue Access Point</span></div> <div class="MsoNormal" style="text-align: justify;"> </div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">The whole structure of the <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">Wireless Auditing</a>, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">Intrusion Detection</a> & <a href="http://www.toolwar.com/search/label/IPS" target="_blank">Prevention System</a> will comprise of </span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">Harvesting WiFi Information         [Done]</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">Intrusion Detection                         [Done]</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">Intrusion Prevention                       [Done]</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">Auditing (Testing network)            [Done]</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">Other additional item include analyzing of packets, display of captured dump, display network barchart and much more.</span></div> <div class="MsoNormal" style="text-align: justify;"> </div> <div class="MsoNormal" style="text-align: justify;"> <b><span style="font-family: Arial;">Requirements</span></b></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">No special equipment is required to use this script as long as you have the following :</span></div> <div class="MsoNormal" style="text-align: justify;"> </div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   1. Root access (admin)</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">2. Wireless interface which is capable of monitoring and injection</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">3. Python 2.7 installed </span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">4. <a href="http://www.toolwar.com/2013/09/aircrack-ng-12-beta.html" target="_blank">Aircrack-NG suite</a>installed</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">5. TShark installed</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">6 TCPDump installed</span></div> <div class="MsoNormal" style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">7 Mergecap installed (for joining pcap files)</span></div> <div style="text-align: justify;"> <span style="font-family: Arial;">   </span><span style="font-family: Arial;">8 xterm  installed</span></div> <div style="text-align: justify;"> <div style="text-align: left;"> <br /></div> <div style="text-align: left;"> <b><span style="font-weight: normal;"><span style="font-family: Arial;"><b>Structure of WAIDS’ Display :: </b></span></span></b></div> <div class="MsoNormal"> <span style="font-family: Arial;">Before starting with the detail description of the whole application, WAIDPS display structures are separated in several parts. For better understanding, the structures are as below.</span></div> <div class="MsoNormal"> </div> <div class="MsoNormal"> <b><span style="font-family: Arial;">WiFi-Harvesting Module</span></b></div> <div class="MsoNormal"> <span style="font-family: Arial;">- Collecting/Storing of Access Points/Stations details and the relationship with each other. [<b>Access Points / Wireless Clients Listing</b>]</span></div> <span style="font-family: Arial;">- Displaying of unassociated station information and its probe </span></div> <div style="text-align: justify;"> <span style="font-family: Arial;">[<b>Unassociated Stations</b>]</span> <br /> <div class="MsoNormal"> <span style="font-family: Arial;">- Allowing user to enter MAC addresses / Names to be monitored </span></div> <div class="MsoNormal"> <span style="font-family: Arial;">[<b>Monitoring Panel</b>]</span></div> <span style="font-family: Arial;">- Association of stations to access point, station switch from one access point to another, station acting as both a wireless client and access point, etc </span></div> <div style="text-align: justify;"> <span style="font-family: Arial;">[<b>Association/Connection Alert</b>]</span> <br /> <div class="MsoNormal"> </div> <div class="MsoNormal"> <b><span style="font-family: Arial;">Intrusion Detection</span></b></div> <div class="MsoNormal"> <span style="font-family: Arial;">- Capture/Analyzing of packets </span></div> <div class="MsoNormal"> <span style="font-family: Arial;">- Displaying of Station/Access Point MAC addresses and detected suspicious data count [<b>Suspicious Activity Listing</b>]</span></div> <div class="MsoNormal"> <span style="font-family: Arial;">- Displaying of analysed WEP/WPA/WPS attack pattern and its detail [<b>Attack Detected</b>]</span></div> <div class="MsoNormal"> </div> </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Screenshots ::  </b><a href="http://syworks.blogspot.in/2014/04/waidps-wireless-auditing-intrusion.html" target="_blank">Click Here</a><br /> <b>Text & Image Tutorial :: </b><a href="http://syworks.blogspot.in/2014/04/waidps-wireless-auditing-intrusion.html" target="_blank">Click Here</a><br /> <b>Installation Tutorial::</b><br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/aGTQAWoeujA?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <span id="goog_894600077"></span><span id="goog_894600078"></span> </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>More Video Tutorials: </b> <a href="https://www.youtube.com/watch?v=s7kzQqOY3X0&index=2&list=PLrekpjW7JwW-T0CeXP8GwudtJmTJ6KZ8O" target="_blank">Click Here</a></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="https://github.com/SYWorks/waidps/archive/master.zip" target="_blank">WAIDPS</a><b> (.py)</b></div> <div style="text-align: justify;"> <b>Source ::</b> <a href="https://github.com/SYWorks/waidps" target="_blank">https://github.com/SYWorks/waidps</a> </div> <div style="text-align: justify;"> <b>Submitted By :: </b>SYChua</div>

WAIDPS (Wireless Auditing and IDS/IPS) :: Tools

WAIDPS (Wireless Auditing, Intrusion Detection and Prevention System) is an open source wireless swissknife written in Python and wo...

Read more »

NoGoToFail :: Network Traffic Security Testing Tool

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrZyKNhyphenhyphenNN1-cYypGXqoLUErO5y7F-od5ou1fO4m9ViAXljsDDnINyDGBvdk1SGRfYbZnVDNBvg_-b7pOI4JTOSKEGfSxfYai6pY0-f5hP_4TTJuvyLdgBbo3Ef4pUS5ylCqFhZZx2SvwW/s1600/NoGotofail+toolwar.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="272" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrZyKNhyphenhyphenNN1-cYypGXqoLUErO5y7F-od5ou1fO4m9ViAXljsDDnINyDGBvdk1SGRfYbZnVDNBvg_-b7pOI4JTOSKEGfSxfYai6pY0-f5hP_4TTJuvyLdgBbo3Ef4pUS5ylCqFhZZx2SvwW/s1600-rw/NoGotofail+toolwar.jpg" width="640" /></a></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Nogotofail</b> is a <b>network security testing tool</b> designed to help developers and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.</div> <div style="text-align: justify;"> <b>Google</b> is committed to increasing the use of TLS/SSL in all applications and services. But “HTTPS everywhere” is not enough; it also needs to be used correctly. Most platforms and devices have secure defaults, but some applications and libraries override the defaults for the worse, and in some instances we’ve seen platforms make mistakes as well. As applications get more complex, connect to more services, and use more third party libraries, it becomes easier to introduce these types of mistakes.<br />The Android Security Team has built a tool, called <b>nogotofail</b>, that provides an easy way to confirm that the devices or applications you are using are safe against known TLS/SSL vulnerabilities and misconfigurations. <b>Nogotofail</b> works for <a href="http://www.toolwar.com/search/label/Android" target="_blank">Android</a>, iOS, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, Chrome OS, OSX, in fact any device you use to connect to the Internet. There’s an easy-to-use client to configure the settings and get notifications on Android and Linux, as well as the attack engine itself which can be deployed as a router, VPN server, or proxy.<br />We’ve been using this tool ourselves for some time and have worked with many developers to improve the security of their apps. But we want the use of TLS/SSL to advance as quickly as possible. Today, we’re releasing it as an open source project, so anyone can test their applications, contribute new features, provide support for more platforms, and help improve the security of the Internet.</div> <h3 style="text-align: justify;"> <b>Download ::</b></h3> <div style="text-align: justify;"> <b>Python:</b> <a href="https://github.com/google/nogotofail/archive/dev.zip" target="_blank">nogotofail</a> (Github)</div> <div style="text-align: justify;"> <b>Official Website:</b> https://github.com/google/nogotofail</div>

NoGoToFail :: Network Traffic Security Testing Tool

Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connect...

Read more »

NIELD (Network Forensics) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="Network Forensics" border="0" height="300" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiv5UkdWZtYhJYA6juKwBWqbScPIAPAkUhoLvGVeVrnlB4umNPTnorlKGSInBzLSy5Faqe9YyG7bXA-bWiHYnBzqN5Tu9v9dATd-eeiHXBlHWrgZjE8-jsyhz7TnGf6q93Y-6Tm_4WPr1RJ/s400-rw/Network+Forensics.jpg" title="Network Forensics" width="400" /></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <b>NIELD (Network Interface Events Logging Daemon)</b> is a tool that receives notifications from the kernel through the netlink socket, and generates logs related to interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Installation :: </b><a href="http://nield.sourceforge.net/install.html" target="_blank">Click Here </a></div> <div style="text-align: justify;"> <b>Help :: </b><a href="http://nield.sourceforge.net/man.html" target="_blank">Click Here</a> </div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/nield/files/nield-0.4.0/nield-0.4.0.tar.gz/download" target="_blank">NIELD 0.4.0 (.tar.gz)</a></div> <div style="text-align: justify;"> <b>Source :: </b><a href="http://nield.sourceforge.net/index.html">http://nield.sourceforge.net/index.html</a></div>

NIELD (Network Forensics) :: Tools

NIELD (Network Interface Events Logging Daemon) is a tool that receives notifications from the kernel through the netlink socket, and...

Read more »

AIEngine (Artificial Intelligent Engine) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="AIEngine (Artificial Intelligent Engine)" border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjygwBGjzyQv3FxAMBFEPi4jiHrZl-rqa1pCdx-9Ypc4ofp70ziOSWVZj2iWVv2sA9Dx5YI-3q4in1P1E4PBAX0AQABh8-VVaoynf29hQswZ8nNPEuJ9z-vrteUA8KGJFyshyVafOArLC7F/s1600-rw/Artificial+Intelligent+Engine.jpg" title="AIEngine (Artificial Intelligent Engine)" /></div> <div style="text-align: justify;"> <b>AIEngine</b> is a next generation interactive/programmable packet inspection engine with capabilities of learning without any human intervention, NIDS functionality, DNS domain classification, network collector and many others.  <b><br /></b><br /> <b>AIEngine (Artificial Intelligent Engine)</b> is a <i><a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> inspection engine</i> with capabilities of learning without any human intervention. <b>AIEngine</b> helps <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>/security profesionals to <b>identify traffic</b> and develop signatures for use them on<b> </b><i>NIDS, <a href="http://www.toolwar.com/search/label/Firewalls" target="_blank">Firewalls</a>, Traffic classifiers</i> and so on.</div> <div style="text-align: justify;"> <b>AIEngine</b> is written in c++11 and Python, so by using the flexibility of <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>, AIEngine could be integrated easely with other functionalities and modules in a easy way.<br /> <h3> Features ::  </h3> </div> <ul> <li>- Counters for IP fragmentation packets.</li> <li>- Support for TLS1.2 on the SSLProtocol</li> <li>- Exposed the FrequencyGroup and the LearnerEngine on python.</li> <li>- Integrate with NetfilterPython or other packet systems.</li> <li>- Support for python 3.x versions (check INSTALL).</li> <li>- Sorts the outputs of the HTTP, SSL and DNS most used domains (aiengine binary).</li> <li>- Support for HTTP1.1 (URI Cache), all the flows will have all the paths taken by the user.</li> <li>- Shell support. The system have a interactive shell so the user can interact on realtime with the system.</li> </ul> <h3> Tutorial ::</h3> <b>Configuration :: </b><a href="https://bitbucket.org/camp0/aiengine/wiki/Configurations" target="_blank">Click Here</a><b> </b><br /> <b>Uses & Examples :: </b><a href="https://bitbucket.org/camp0/aiengine/wiki/Home" target="_blank">Click Here</a><br /> <b>Wiki :: </b><a href="https://bitbucket.org/camp0/aiengine/wiki/Home" target="_blank">Click Here</a><br /> <h3> Download :: </h3> <b>Linux :: </b><a href="https://bitbucket.org/camp0/aiengine/downloads/aiengine-1.5.tar.gz" rel="nofollow" target="_blank">AIEngine v1.5</a><b> (.tar.gz)</b><br /> <b>Source ::</b> <a href="https://bitbucket.org/camp0/aiengine/overview">https://bitbucket.org/camp0/aiengine/overview</a><br /> <b>Submitted By :: </b>Luis

AIEngine (Artificial Intelligent Engine) :: Tools

AIEngine is a next generation interactive/programmable packet inspection engine with capabilities of learning without any human interven...

Read more »

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600/fern+wifi+cracker+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600-rw/fern+wifi+cracker+toolwar.png" /></a></div> <div style="text-align: justify;"> <b>Fern Wifi Cracker</b> is a <b><i>Wireless security auditing</i></b> and attack software program written using the <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> based <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a> on wireless or ethernet based networks.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Features :-</b></div> <div style="text-align: justify;"> <ul> <li>WEP <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">Cracking</a> with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack </li> <li>WPA/WPA2 Cracking with Dictionary or WPS based attacks</li> <li>Automatic saving of key in database on successful crack</li> <li>Automatic Access Point Attack System</li> <li>Session Hijacking (Passive and Ethernet Modes)</li> <li>Access Point MAC Address Geo Location Tracking</li> <li>Internal <a href="http://www.toolwar.com/search/label/MITM" target="_blank">MITM</a> Engine</li> <li>Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)</li> <li>Update Support</li> </ul> <h3> <b>Tutorials ::  </b></h3> <b>Session Hijacking Demonstration ::</b><br /> <b> </b> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Bi-8JRNpMqo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>Bruteforcing Routers with Fern-Wifi-Cracker ::</b> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_ztQQWMoVX4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <b>Cracking WEP Security with Fern-Wifi-Cracker ::</b> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/vpiOPEZD6qw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <br /> <h3> <b>Download :: </b></h3> <b>Download Here :: </b><a href="http://code.google.com/p/fern-wifi-cracker/downloads/list" target="_blank">Fern WiFi Cracker</a> <b> </b><br /> <b>Source Website ::</b> <a href="http://code.google.com/p/fern-wifi-cracker/">http://code.google.com/p/fern-wifi-cracker/</a></div> </div>

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the P...

Read more »

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="KisMAC Logo" border="0" height="277" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT0hq_xqF0S3TgubdqI2kXMyQJdIa4Xw5tz6EqhN_X9lUnO1W1Dy4wjcwJ9tMbIWnyC8-GYuHFmw13erY5ILu7_KOBlGEksaYGYIK-_qu-pDLXXY2SdMuEAG8TXkP4qSN0eOa4tJo6OGPl/s1600-rw/kisMAC+logo.png" title="KisMAC Logo" width="320" /></div> <div style="text-align: justify;"> <b>KisMAC</b> is a popular <b>wireless stumbler for Mac OS X</b> offers many of the features of its namesake <a class="local" href="http://www.toolwar.com/2013/09/kismet-tools.html" target="_blank">Kismet</a>, though the codebase is entirely different. Unlike console-based Kismet, <b>KisMAC</b> offers a pretty <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>KisMAC</b> is an open-source and free <a href="http://www.toolwar.com/search/label/Sniffer" target="_blank">sniffer</a>/<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> application for <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. It has an advantage over MacStumbler / iStumbler / <a href="http://www.toolwar.com/2013/09/netstumbler-tools.html" target="_blank">NetStumbler</a> in that it uses monitor mode and passive scanning. </div> <div style="text-align: justify;"> KisMAC supports many third party <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> devices: Intersil Prism2, Ralink rt2570, rt73, and Realtek rtl8187 chipsets. All of the internal AirPort hardware is supported for scanning. </div> <div style="text-align: justify;"> The rest of this wiki assumes you are prepared for advanced topics and know what you are doing with your system. </div> <h3 id="Features" style="text-align: justify;"> Features ::</h3> <ul style="text-align: justify;"> <li>Reveals hidden / cloaked / closed SSIDs </li> <li>Shows logged in clients (with MAC Addresses, IP addresses and signal strengths) </li> <li>Mapping and GPS support </li> <li>Can draw area maps of network coverage </li> <li>PCAP import and export </li> <li>Support for 802.11b/g </li> <li>Different attacks against encrypted networks </li> <li>Deauthentication attacks </li> <li>AppleScript-able </li> <li>Kismet drone support (capture from a Kismet drone) </li> </ul> <h3 id="Supportedhardwarechipsets" style="text-align: justify;"> Supported Hardware Chipsets :: </h3> <ul style="text-align: justify;"> <li>Apple AirPort and AirPort Extreme (dependent upon Apple's drivers) </li> <li>Intersil Prism 2, 2.5, 3 USB devices </li> <li>Ralink rt2570 and rt73 USB devices </li> <li>Realtek RTL8187L USB (such as the Alfa AWUS036H, which does not work on Mac OS 10.6.7 or later) </li> </ul> <h3 id="Cryptosupport" style="text-align: justify;"> Crypto Support :: </h3> <ul style="text-align: justify;"> <li>Bruteforce attacks against LEAP, WPA and WEP </li> <li>Weak scheduling attack against WEP </li> <li>Newsham 21-bit attack against WEP </li> </ul> <h3 style="text-align: justify;"> Tutorials :: </h3> <div style="text-align: justify;"> <b>Wiki ::</b> <a href="http://trac.kismac-ng.org/" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>Forum ::</b> <a href="http://forum.kismac-ng.org/" target="_blank">Click Here </a></div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/lBGN5OGCPgI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Mac :: </b><a href="http://update.kismacmirror.com/binaries/KisMAC-0.3.3.dmg" target="_blank">KisMAC v0.3.3</a> (.dmg)<b> </b></div> <div style="text-align: justify;"> <b>Official Website ::  </b><a href="http://kismac-ng.org/">http://kismac-ng.org/</a></div>

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

KisMAC is a popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet , though the codebase is entirel...

Read more »

FS-NyarL (Pentesting and Forensics) :: Framework

<div class="separator" style="clear: both; text-align: center;"> <img alt="FS-NyarL Logo" border="0" height="400" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyvqhfIV1vfEKDsDPoTq-IY5y6kdJuGAIfRzvtSPL90-6xtK2hDdppU1kPwgvztn_cudPZFcOqOalRYynOeDEflS5wufjqugLOyzJNrbZhqLjb34aHNnZuPJhRLZ_SInYW0BFppZeFQqDm/s1600-rw/FS-NyarL+Logo.jpg" title="FS-NyarL Logo" width="248" /></div> <div style="text-align: justify;"> <b>NyarL</b> it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony.  It's represent Crawling Chaos and <b>FS-NyarL</b> it's The <b>Crawling Chaos of Cyber Security</b>. A <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> takeover & <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic analysis tool</a> - useful to advanced PenTest tasks & for fun and profit - but use it at your own risk! </div> <ul style="text-align: justify;"> <li>Interactive Console</li> <li>Real Time Passwords Found</li> <li>Real Time Hosts Enumeration</li> <li>Tuned Injections & Client Side Attacks</li> <li>ARP Poisoning & SSL Hijacking</li> <li>Automated HTTP Report Generator</li> </ul> <div style="text-align: justify;"> <b>ATTACKS IMPLEMENTED:</b> </div> <ul style="text-align: justify;"> <li>MITM (Arp Poisoning)</li> <li>Sniffing (With & Without Arp Poisoning)</li> <li>SSL Hijacking (Full SSL/TLS Control)</li> <li>HTTP Session Hijaking (Take & Use Session Cookies)</li> <li>Client Browser Takeover (with Filter Injection in data stream)</li> <li>Browser AutoPwn (with Filter Injection in data steam)</li> <li>Evil Java Applet (with Filter Injection in data stream)</li> <li>DNS Spoofing</li> <li>Port Scanning</li> </ul> <table class="notableborder" style="margin-left: 0px; margin-right: 0px; text-align: left;"><tbody> <tr><td colspan="2"><b>POST ATTACKS DATA OBTAINED:</b><br /> <ul> <li>Passwords extracted from data stream</li> <li>Pcap file with whole data stream for deep analysis</li> <li>Session flows extracted from data stream (Xplico & Chaosreader)</li> <li>Files extracted from data stream</li> <li>Hosts enumeration (IP,MAC,OS)</li> <li>URLs extracted from data stream</li> <li>Cookies extracted from data stream</li> <li>Images extracted from data stream</li> <li>List of HTTP files downloaded extracted from URLs</li> </ul> </td> </tr> <tr><td><b>DEPENDENCIES (aka USED TOOLS):</b><br /> <ul> <li>Chaosreader (already in bin folder)</li> <li><a href="http://www.toolwar.com/2013/11/xplico-tools.html" target="_blank">Xplico</a></li> <li><a href="http://www.toolwar.com/2013/09/ettercap-076-tools.html" target="_blank">Ettercap</a></li> <li>Arpspoof</li> <li>Arp-scan</li> <li>Mitmproxy</li> <li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li> <li><a href="http://www.toolwar.com/2013/09/tcpdump-is-network-sniffer-we-all-used.html" target="_blank">Tcpdump</a></li> <li><a href="http://www.toolwar.com/2013/09/beef-browser-exploitation-framework.html" target="_blank">Beef</a></li> </ul> </td> <td><ul> <li><a href="http://www.toolwar.com/2013/10/social-engineering-toolkit-set-tools.html" target="_blank">SET</a></li> <li><a href="http://www.toolwar.com/2013/09/metasploit-framework.html" target="_blank">Metasploit</a></li> <li><a href="http://www.toolwar.com/2013/09/dsniff-tools.html" target="_blank">Dsniff</a></li> <li><a href="http://www.toolwar.com/2013/10/technitium-mac-address-changer-v6-tools.html" target="_blank">Macchanger</a></li> <li>Hamster</li> <li>Ferret</li> <li><a href="http://www.toolwar.com/2013/10/p0f-tools.html" target="_blank">P0f</a></li> <li><a href="http://www.toolwar.com/2013/11/foremost-tools.html" target="_blank">Foremost</a></li> <li>SSLStrip</li> <li><a href="http://www.toolwar.com/2014/02/sslsplit-mitm-attack-against-ssltls.html" target="_blank">SSLSplit</a></li> </ul> </td></tr> </tbody></table> <br /> <table class="notableborder" style="margin-left: 0px; margin-right: 0px; text-align: left;"><tbody> <tr><td><h3> Tutorials ::</h3> <b>Screenshots ::  </b><a href="http://www.fulgursecurity.com/en/content/fs-nyarl" target="_blank">Click Here</a> <br /> <h3> Download ::</h3> <b>Linux ::</b> <a href="http://www.fulgursecurity.com/tools/fs-nyarl/FS-NyarL_v1.0-kali.tar.gz" target="_blank">FS-NyarL v1.0</a> (.tar.gz)<br /> <b>Official Website :: </b><a href="http://www.fulgursecurity.com/en/content/fs-nyarl">http://www.fulgursecurity.com/en/content/fs-nyarl</a></td></tr> </tbody></table>

FS-NyarL (Pentesting and Forensics) :: Framework

NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony.  It's represent Crawling Chaos...

Read more »

FARADAY (Integrated Penetration Testing IDE) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="FARADAY Logo" border="0" height="91" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj03zjrenjfh3-P90KLn_GSw8ONyaQLqXdR6otoyPAiIMj1ETcLzdJpofOdDKILtTGY6U_4FS4zlEyLZEVF0IEjyTWLMkZrm9wa3U-YS1L8K8A1NQO_j0muNmj9wiuSaqph9OyYKddiOc-f/s1600-rw/Faraday-Logo.png" title="FARADAY Logo" width="400" /></div> <b>Faraday</b> introduces a new concept (IPE) <b>Integrated Penetration-Test Environment</b> a multiuser <b>Penetration test IDE</b>. Designed for distribution, indexation and analysis of the generated data during the process of a <a href="http://www.toolwar.com/search/label/Security" target="_blank"> security audit</a>.</div> <div style="text-align: justify;"> The main purpose of <b>Faraday</b> is to re-use the available tools in the community to take advantage of them in a multiuser way.</div> <div style="text-align: justify;"> Design for simplicity, users should feel no difference between their own terminal application and the one included in <b>Faraday</b>. Developed with a specialized set of functionalities that help users improve their own work. Do you remember yourself programming without an IDE? Well, <b>Faraday</b> does the same an IDE does for you when programming, but from the perspective of a <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration test</a>.</div> <div style="text-align: justify;"> <br /> <b>Requirement ::  </b></div> <div style="text-align: justify;"> <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Modern Linux</a> (Tested Debian / Ubuntu * / <a href="http://www.toolwar.com/2013/09/kali-linux-toolwar.html" target="_blank">Kali</a> / <a href="http://www.toolwar.com/2013/09/backtrack-5-r3-distribution.html" target="_blank">Backtrack</a>)</div> <ul style="text-align: justify;"> <li>Python 2.6.x and 2.7.x</li> <li>Qt3</li> <li>CouchDB >= 1.2.0<br /> </li> <li>The following python libs: <ul> <li>mockito </li> <li>couchdbkit </li> <li>whoosh </li> <li>argparse </li> <li>psycopg2</li> <li>IPy</li> <li>requests</li> </ul> <h3> </h3> </li> </ul> <h3 style="text-align: justify;"> Tutorials :: </h3> <div style="text-align: justify;"> <b>Installation :: </b> </div> <div style="text-align: justify;"> Preferably, you can download faraday by cloning the Git repository:</div> <div style="text-align: justify;"> <pre><code>$ git clone https://github.com/infobyte/faraday.git faraday-dev $ cd faraday-dev $ ./install </code></pre> </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Usage :: </b></div> <div style="text-align: justify;"> To get started, simply execute faraday and use the new console to start working in the pentest: </div> <div style="text-align: justify;"> <pre><code>$ ./faraday</code></pre> <pre><code> </code></pre> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EBz0g6ya7Mg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="https://github.com/infobyte/faraday/archive/master.zip" target="_blank">Faraday</a> (tarball) <b> </b></div> <div style="text-align: justify;"> <b>Source Website :: </b><a href="https://github.com/infobyte/faraday">https://github.com/infobyte/faraday</a></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.faradaysec.com/">http://www.faradaysec.com/</a></div>

FARADAY (Integrated Penetration Testing IDE) :: Framework

Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE . Designed for distrib...

Read more »

SIPVicious (Auditing SIP Based VoIP System) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="SIP VoIP " border="0" height="324" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs5pKQQ6VdyR7URrQT6nS1VVL0igxhRv5L4g9jfkKRkBLjfBegI6eKZANJ63AqMiWYIf8m2YEb8azNj4j9bwx-gCWo_jYM66n1k2GggJOHg0mLwLS0hJ7h7UWskxn3gWk6PAqEtxcvgABJ/s1600-rw/SIP+VoIP.png" title="SIP VoIP " width="640" /></div><b>SVMAP</b> is a part of a suite of tools called <b>SIPVicious</b> and it’s my favorite <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> of choice It can be used to scan identify and fingerprint a single IP or a range of IP addresses. <b>Svmap</b> allows specifying the request method which is being used for scanning, the default method is OPTIONS, it offers debug and verbosity options and even allows scanning the SRV records for SIP on the destination domain. You can use the <b>./svmap –h</b> in order to view all the available arguments </div><div style="text-align: justify;"><b>SIPVicious suite</b> is a set of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that can be used to audit SIP based <a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP systems</a>. It currently consists of four tools: </div><ul style="text-align: justify;"><li>svmap - this is a sip scanner. Lists SIP devices found on an IP range </li> <li>svwar - identifies active extensions on a PBX </li> <li>svcrack - an online password cracker for SIP PBX </li> <li>svreport - manages sessions and exports reports to various formats </li> <li>svcrash - attempts to stop unauthorized svwar and svcrack scans </li> </ul><div style="text-align: justify;">It was tested on the following systems: </div><ul style="text-align: justify;"><li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux </a></li> <li><a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X </a></li> <li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a></li> <li><a href="http://www.toolwar.com/search/label/FreeBSD" target="_blank">FreeBSD 6.2 </a></li> <li>Jailbroken iPhone with python installed </li> </ul><div style="text-align: justify;">If you use it on systems that are not mentioned here please let me know goes it goes. </div><h3 style="text-align: justify;">Tutorials ::</h3><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Zp_gzjV8l4c?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3a7xJeNQfOk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><h3 style="text-align: justify;"> </h3><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Linux | Windows | Mac | FreeBSD :: </b><a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.zip" target="_blank">SIPVicious v0.2.8</a> (.zip) | <a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.tar.gz" target="_blank">SIPVicious v0.2.8</a> (.tar.gz)<b> </b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://code.google.com/p/sipvicious/">http://code.google.com/p/sipvicious/</a></div>

SIPVicious (Auditing SIP Based VoIP System) :: Tools

SVMAP is a part of a suite of tools called SIPVicious and it’s my favorite scanner of choice It can be used to scan identify and fingerp...

Read more »

VoIPong (VoIP Sniffer and Call Detector) :: Tools

<div class="separator" style="clear: both; text-align: center;"><img alt="VoIP Hacking " border="0" height="337" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBxH793kkyuODvT2YM2SvDUf4q_9lL0i3cTdtxNEAo0qVv-QShCchSo0Ehnp75muGHbqnHldC6K2_wNn69CsW7RtQY-YphAkIyGJe1_VtlepwwSyy73nzn1i4ezE1fZdcy-tCJ8QdLUlCp/s1600-rw/VoIP+Hacking.jpg" title="VoIP Hacking " width="640" /></div><div class="style3" style="text-align: justify;"><b>VoIPong</b> is a utility which detects all <b><a href="http://www.toolwar.com/search/label/VOIP" target="_blank">Voice Over IP</a> calls on a pipeline</b>, and for those which are G711 encoded, dumps actual conversation to seperate wave files. It supports SIP, H323, Cisco's Skinny Client Protocol, RTP and RTCP. </div><div class="style3" style="text-align: justify;">It's been written in C language for performance reasons, proved to be running on Solaris, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> and <a href="http://www.toolwar.com/search/label/FreeBSD" target="_blank">FreeBSD</a>; though it's thought to compile and run on other platforms as well. </div><div class="style3" style="text-align: justify;">On a 45 Mbit/sec network traffic, it's been verified that <b>VoIPong</b> successfully detected all <a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP </a>gateways and the VoIP calls. CPU utilization during the run has been found ranging between 66% - 80% on a 256MB RAM, Celeron 1700 Mhz Toshiba notebook. </div><span class="style1"><b>Features :: </b></span><br /> <ul><li class="style2">Produces real .Wav files for direct audio hearing. </li> <li class="style2">Simple, optimized, extandable fast code </li> <li class="style2">The algorithm doesn't depend on signalling but on RTP/RTCP </li> <li class="style2">Detailed logging. (Comfortable for 'cut' and 'cat' operations to produce statistics.) </li> <li class="style2">Powerful management console interface </li> <li class="style2">Easy installation and administration</li> <li class="style2">Easy debugging. </li> </ul><h3 class="style3" style="text-align: justify;">Tutorials ::</h3><b>Users Manual ::</b> <a href="http://www.enderunix.org/voipong/users-manual/" target="_blank">Click Here</a><br />   <br /> <div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/ow1bRp6E8og?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 class="style3" style="text-align: justify;">Download ::</h3><div class="style3" style="text-align: justify;"><b>Linux :: </b><a href="https://github.com/EnderUNIX/VoIPong/archive/master.zip" target="_blank">VoIPong v2.0</a></div><div class="style3" style="text-align: justify;"><b>Official Website :: </b><a href="http://www.enderunix.org/voipong/">http://www.enderunix.org/voipong/</a></div>

VoIPong (VoIP Sniffer and Call Detector) :: Tools

VoIPong is a utility which detects all Voice Over IP calls on a pipeline , and for those which are G711 encoded, dumps actual conversati...

Read more »

SNMPCheck (SNMP Enumeration) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="SNMPCheck" border="0" height="316" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNQCGr22VHfWJI20ydnqXWT0FpVBP1u6mdLTIESgT_IN6QGduciK1QWIlWG0O__y2nvACefsDE1DFwXrHO973XbWbfbepc3FXB2bD_TX7jy6oZwLrfRXAkd_PCKf9C_28TD-klFE3QJk_P/s1600-rw/SNMPCheck.jpg" title="SNMPCheck" width="400" /></div> <b>SNMPCheck</b> allows you to <b>enumerate the SNMP</b> devices and places the output in a very human readable friendly format. It could be useful for <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a> or <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">systems monitoring</a>. Distributed under GPL license and based on "Athena-2k" script by jshaw.</div> <h3 style="text-align: justify;"> Features :: </h3> <div style="text-align: justify;"> SNMPCheck supports the following enumerations:</div> <ul style="text-align: justify;"> <li> contact</li> <li>description</li> <li> detect write access (separate action by enumeration)|</li> <li> devices</li> <li> domain</li> <li> hardware and storage informations</li> <li> hostname</li> <li> IIS statistics</li> <li> IP forwarding</li> <li> listening UDP ports</li> <li> location</li> <li> motd</li> <li> mountpoints</li> <li> network interfaces</li> <li> network services</li> <li> processes</li> <li> routing information</li> <li> software components</li> <li> system uptime</li> <li> TCP connections</li> <li> total memory</li> <li> uptime</li> <li> user accounts</li> </ul> <h3> Tutorials ::</h3> <b>Report Examples :: </b><a href="http://www.nothink.org/codes/snmpcheck/report_windows_xp.txt" target="_blank">Windows XP</a> | <a href="http://www.nothink.org/codes/snmpcheck/report_linux_ubuntu.txt" target="_blank">Linux Ubuntu</a><b><br /></b><br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RIVV4--m4dU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> Download ::</h3> <b>Perl Script :: </b><a href="http://www.nothink.org/codes/snmpcheck/snmpcheck-1.8.pl" target="_blank">SNMPCheck</a> (.pl) <b> </b><br /> <b>Official Website ::</b> <a href="http://www.nothink.org/codes/snmpcheck/">http://www.nothink.org/codes/snmpcheck/</a> <br /> <div class="alert alert-success" style="text-align: justify;"> </div>

SNMPCheck (SNMP Enumeration) :: Tools

SNMPCheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful ...

Read more »

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600/nbtscan+screenshot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nbtscan screenshot windows" border="0" height="333" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600-rw/nbtscan+screenshot.gif" title="nbtscan screenshot windows" width="400" /></a></div> <div style="text-align: justify;"> <b>nbtscan</b> is a <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line tool</a> that scans for open <b>NETBIOS nameservers</b> on a local or remote TCP/IP <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, and this is a first step in finding of open shares. It is based on the functionality of the standard <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows tool</a> nbtstat, but it operates on a range of addresses instead of just one. I wrote this <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tool</a> because the existing tools either didn't do what I wanted or ran only on the Windows platforms: mine runs on just about everything.</div> <div style="text-align: justify;"> <b>Windows</b> - The Win32 version of the tool, which works well on Windows 9x, NT and 2000, is available below as nbtscan.exe. It's written in portable C and is less than 40 kbytes, requires no special libraries or DLLs, and is run in an MS-DOS command window. I promise that the tools have no viruses, backdoors, or any other kind of overt bad behavior. I don't promise that there are no bugs. </div> <div style="text-align: justify;"> <b>LINUX</b> - the code works fine on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, and a version built on Red Hat Linux 6.2 is available as well. I have reports that this binary works on Red Hat Linux 6.0 - 8.0, Debian "woody", and Mandrake 8.1 (we don't think we've found a Red Hat, CentOS, or Fedora system that it didn't run on). </div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <pre class="codeblock">C:\> <b>nbtstat -A 192.168.1.99</b> NetBIOS Remote Machine Name Table Name Type Status --------------------------------------------- XPDEV <00> UNIQUE Registered UNIXWIX <00> GROUP Registered XPDEV <03> UNIQUE Registered XPDEV <20> UNIQUE Registered UNIXWIX <1E> GROUP Registered MAC Address = 00-50-04-6D-50-37</pre> <pre class="codeblock"> </pre> <pre class="codeblock">C:\> <b>nbtscan 192.168.1.0/24</b> 192.168.1.3 MTNDEW\WINDEV SHARING DC 192.168.1.5 MTNDEW\TESTING 192.168.1.9 MTNDEW\WIZ SHARING U=STEVE 192.168.1.99 MTNDEW\XPDEV SHARING </pre> <h3 style="text-align: justify;"> </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Linux :: </b><a href="http://www.unixwiz.net/tools/nbtscan-1.0.35.exe" target="_blank">NBTScan</a> (.exe)<b> | </b><a href="http://www.unixwiz.net/tools/nbtscan-source-1.0.35.tgz" target="_blank">NBTScan</a> (.tgz)</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.unixwiz.net/tools/nbtscan.html">http://www.unixwiz.net/tools/nbtscan.html</a></div>

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

nbtscan is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network , and this is a first step ...

Read more »