GoLismero (The Web Knife) :: Framework

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Golismero " border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" title="Golismero " width="640" /></a></div> <div style="text-align: justify;"> <b>GoLismero</b> is an open source framework for <a href="http://www.toolwar.com/search/label/Security" target="_blank"><b>security testing</b></a>. It's currently geared towards <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> security, but it can easily be expanded to other kinds of scans.</div> <div style="text-align: justify;"> The most interesting features of the <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> are:</div> <ul style="text-align: justify;"> <li>Real platform independence. Tested on <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, *BSD and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">OS X</a>.</li> <li>No native library dependencies. All of the framework has been written in pure Python.</li> <li>Good performance when compared with other frameworks written in Python and other scripting languages.</li> <li>Very easy to use.</li> <li>Plugin development is extremely simple.</li> <li>The framework also collects and unifies the results of well known tools: <a href="http://www.toolwar.com/2013/09/sqlmap-tools.html" target="_blank">sqlmap</a>, xsser, <a href="http://www.toolwar.com/2013/09/openvas-is-advanced-open-source.html" target="_blank">openvas</a>, <a href="http://www.toolwar.com/2013/10/dnsrecon-tools.html" target="_blank">dnsrecon</a>, <a href="http://www.toolwar.com/2013/09/theharvester-tools.html" target="_blank">theharvester</a>...</li> <li>Integration with standards: CWE, CVE and OWASP.</li> <li>Designed for cluster deployment in mind (not available yet).</li> </ul> <h3> Tutorials ::</h3> <b>Installation :: </b> <br /> Strictly speaking, GoLismero doesn't require installation - only its dependencies do. So if you want to use it on a system where you don't have root privileges, you can ask the system administrator to install them for you, and just run the "git checkout" command on your home folder.<br /> <b>Briefly Tutorial of Installation :: </b> <a href="https://github.com/golismero/golismero">Click Here</a><br /> <b>Basic Usages ::</b> <a href="https://github.com/golismero/golismero" target="_blank">Click Here</a><br /> <h3> Download ::</h3> <b>Linux | Mac | Windows :: </b><a href="https://github.com/golismero/golismero/archive/master.zip" target="_blank">GoLismero Archive</a> (.zip)<b> </b><br /> <b>Official Website :: </b><a href="https://github.com/golismero/golismero" target="_blank">https://github.com/golismero/golismero</a>

GoLismero (The Web Knife) :: Framework

GoLismero is an open source framework for security testing . It's currently geared towards web security, but it can easily be expa...

Read more »

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

<div style="text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Cisco Torch" border="0" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" title="Cisco Torch" width="640" /></a></div> <div style="text-align: justify;"> <b>Cisco Torch</b> is a <b>mass scanning, fingerprinting, and exploitation tool</b> was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the <a href="http://www.toolwar.com/search/label/Tools">tools</a> availalbe on the market could not meet our needs. <br />The main feature that makes<b> Cisco-torch</b> different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum <a href="http://www.toolwar.com/search/label/Scanner">scanning</a> efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered. </div> <br /><h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux :: </b><a href="http://www.arhont.com/en/wp-content/uploads/2010/01/cisco-torch-0.4b.tar.gz" target="_blank">Cisco-Torch v0.4b</a> (.tar.bz2)<b> | Language ::</b> Perl<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website :: </b> <a href="http://www.arhont.com/en/category/resources/tools-utilities/">http://www.arhont.com/en/category/resources/tools-utilities/</a></div>

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

Cisco Torch is a mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hac...

Read more »

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="nmap scanner logo" border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPn1QPXq_tY_zK1uLIjY-6fyXimOMxgo3rq52s-03wGFIiM3FEUXb1R_uZpS2QvMEucVny6EK7w0eYYGJ5JKDgUtasnKL7WqkAIA5QMKqB05XXAv_va-hOLNd2wlIHxv1cUDpxCVa4kxbF/s1600/nmap.jpg" title="nmap scanner logo" width="400" /></div> </div> <div style="text-align: justify;"> <b>Nmap ("Network Mapper")</b> is a free and open source (license) utility for <b>network discovery and security auditing.</b> Many systems and network administrators also find it useful for tasks such as <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> inventory, managing service upgrade schedules, and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and results viewer <b>(Zenmap)</b>, a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis tool</a> (Nping).<br /> <br /> <b>Nmap</b> was named “<a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.<br /> <br /> <b>Nmap is::</b></div> <ul style="text-align: justify;"> <li>    Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">firewalls</a>, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), <b>OS detection</b>, version detection, ping sweeps, and more. See the documentation page.</li> <li>    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.</li> <li>    Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.</li> <li>    Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.</li> <li>    Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.</li> <li>    Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.</li> <li>    Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.</li> <li>    Acclaimed: <b>Nmap</b> has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.</li> <li>    Popular: Thousands of people download <b>Nmap</b> every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities. </li> </ul> <h3> Tutorials ::</h3> <b>Tutorial (Max OS X) :: </b><a href="http://nmap.org/book/inst-macosx.html#inst-macosx-source">Click Here</a><br /> <b>Tutorial (Windows) :: </b><a href="http://nmap.org/book/inst-windows.html#inst-win-source">Click Here</a> <b><br /> </b><br /> <b>Tutorial (Linux) ::</b> <a href="http://nmap.org/book/inst-source.html">Click Here</a><br /> <b>Installation :: </b><a href="http://nmap.org/book/install.html" target="_blank">Click Here</a>   <br /> <b>Tutorials From Basics :: </b><a href="http://nmap.org/bennieston-tutorial/">Click Here </a><br /> <b>Video Tutorial :: </b><br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RJxF7puQFXI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b> </b> <br /> <h3> Download ::</h3> <h3> </h3> <b>Download ZenMap (GUI of Nmap) :: </b><a href="http://nmap.org/zenmap/">Click Here</a><b> </b><br /> <b>Windows :: </b><a href="http://nmap.org/dist/nmap-6.40-setup.exe">Nmap-Latest</a> (.exe) <b> </b><br /> <b>Linux :: </b><a href="http://nmap.org/dist/nmap-6.40.tar.bz2">Nmap Latest</a> (.tar.bz2)<b> </b><br /> <b>Mac :: </b><a href="http://nmap.org/dist/nmap-6.40-2.dmg">Nmap Latest</a> (.dmg)<b> </b> <b>  </b><br /> <b>Official Website ::</b> <a href="http://nmap.org/">http://nmap.org/</a> <br /> <div style="text-align: justify;"> </div>

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many syste...

Read more »

SAINT 8 (Security Auditing Suite) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="SAINT LOGO" border="0" height="107" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7ITNbIsTcKUwW4ShEmmGIi_tc3r93_yUAm8uaCmmHsBBhYfr3EemJ8Cqkmicl1Fhpd9D3UxPy_DS7kuqAJEVvVADbttEn7PYmcWl3xA3gQEQWKeMojScYzNb7yO1L08sAs_4K6kEYXHm/s1600/SAINT.jpg" title="SAINT LOGO" width="200" /></div> <b>SAINT 8</b> is a <b>fully-integrated security tool suite</b> that combines <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability scanning</a>, with <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>, social engineering tools and configuration assessments. Use the combined power of these tools to identify vulnerabilities on <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices, operating systems, desktop applications, <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web applications</a>, databases, and more; run packaged penetration tests through pre-configured policies, run vulnerability-specific exploits for target-directed investigation; execute social engineering through packaged exploit Tools; and execute platform-specific configuration auditing, using NIST’s SCAP standards and protocols.  <b>SAINT 8 </b>then provides a robust set of <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> and reporting features to perform ad hoc analytics, view strategic level results across 1 or many assessments, and then build reports from pre-defined templates, compliance reports or build your own custom reports from over 150 customizable settings. <b>SAINT's</b> current repository includes over 4,200 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> checks and 900+ exploits - which span over 48,000 Common Vulnerability Exposures (CVEs), plus numerous vulnerabilities that do not currently have a CVE assigned. Vulnerability checks and exploit development is a daily activity, that includes delivery of new checks twice a week, through an automated plug-in. This agentless scanning solution can be delivered via a cloud-based version <b> (WebSAINT Pro 8)</b>, deployed standalone, shared as a server-based solution, or as a multi-<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> architecture for large enterprise or load balanced scanning.</div> <br /> <h3> Tutorials ::</h3> <b>Video Tutorial :: </b><a href="http://www.youtube.com/watch?v=ibW6gLNYrf8" target="_blank">Click Here </a><br /> <b>Exploit Tools List :: </b><a href="http://www.saintcorporation.com/solutions/exploitTools.html" target="_blank">Click Here</a><b></b><br /> <br /> <h3> Download :: </h3> <b>Windows :: </b><a href="https://www.saintcorporation.com/resources/requestEvaluation.html" target="_blank">Request a Evaluation Copy</a><b> </b><br /> <b>Official Website :: </b><a href="https://www.saintcorporation.com/products/SAINT8.html">https://www.saintcorporation.com/products/SAINT8.html</a><br /> <b>Submitted By :: </b>SAINT Corporation <br /> <div style="text-align: justify;"> <br /></div>

SAINT 8 (Security Auditing Suite) :: Framework

SAINT 8 is a fully-integrated security tool suite that combines vulnerability scanning , with penetration testing , social engineering ...

Read more »

FTester (Testing Firewall Filtering Policies and IDS Capabilities) :: Tools

<div style="text-align: justify;"> <div class="section"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2h4CgTrZX0VYiu63TmUAtbc4QAObotOLBVPALrQnQ8EFD3Xii02746KHPmYlcOy05O2996O4ZQkhmZ02DFzrpgLuSLR8wzAHvdVCdJO_f9rD6xOK9IV7pzIgiROpp2C_RJvsLGF0IkuR7/s1600/FTester+Screenshot.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="FTester Screenshot" border="0" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2h4CgTrZX0VYiu63TmUAtbc4QAObotOLBVPALrQnQ8EFD3Xii02746KHPmYlcOy05O2996O4ZQkhmZ02DFzrpgLuSLR8wzAHvdVCdJO_f9rD6xOK9IV7pzIgiROpp2C_RJvsLGF0IkuR7/s1600/FTester+Screenshot.JPG" title="FTester Screenshot" width="400" /></a></div> The <b>Firewall Tester (FTester)</b> is a tool designed for <b>testing firewall filtering policies and Intrusion Detection System (IDS) capabilities.</b><br /> The tool consists of two perl scripts, a <span id="goog_1392660018"></span><a href="http://www.toolwar.com/search/label/Packet">packet injector<span id="goog_1392660019"></span></a> (ftest) and a listening <a href="http://www.toolwar.com/search/label/Sniffer">sniffer</a> (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A comparison of the two produced log files (ftest.log and ftestd.log) outlines the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a <a href="http://www.toolwar.com/search/label/IDS">firewall</a>. Stateful inspection firewalls are handled with the 'connection spoofing' option. A script called freport is also available to automatically parse the log files.<br /> Using the tool is not a completely automated process, ftest.conf must be crafted for every different situation. Examples and rules are included in the attached configuration file.<br /> The <a href="http://www.toolwar.com/search/label/IDS">IDS (Intrusion Detection System)</a> testing feature can be used either with ftest only or with the additional support of ftestd for handling stateful inspection IDS, ftest can also use common IDS evasion techniques. The script can also process snort rule definition files.<br /> <h3> Features:</h3> <ul> <li>firewall testing</li> <li>IDS testing</li> <li>simulation of real tcp connections for stateful inspection firewalls and IDS</li> <li>TCP connection spoofing</li> <li>IP fragmentation / TCP segmentation</li> <li>IDS evasion techniques</li> </ul> <b>NOTE</b>: this tool is now outdated and is presented here for historical reasons, a complete rewrite with new features and IPv6 support is scheduled for sometime in the future.<br /> </div> </div> <div style="text-align: justify;"> <br /> <h3> Tutorials ::</h3> <b>Installation ::</b><br /> <div class="MsoNormal"> FTester components are PERL scripts. They can be executed on any platform with a recent version of PERL. Three perl modules -<span style="mso-spacerun: yes;">Ý </span>Net::RawIP, Net::PcapUtils, and NetPacket ñ are also required. These can be downloaded at the Comprehensive Perl Archive Network (<a href="http://www.cpan.org/" target="_new">CPAN</a>), and<span style="color: red;"> </span>you can install them using the CPAN shell. </div> <div class="MsoNormal"> Installation is quite simple. <span style="font-family: Courier;">Untar</span> the latest archive. Everything you need will be decompressed along with an example configuration file, documentation and a script called <span style="font-family: Courier;">freport</span> for comparing <span style="font-family: Courier;">ftest</span> and <span style="font-family: Courier;">ftestd</span> log files. Before using the package I recommend to read and fully understand all documentation.</div> <b>ManPage ::</b> <a href="http://www.inversepath.com/ftester_man.html" target="_blank">Click Here</a><br /> <b>Documentation :: </b><a href="http://dev.inversepath.com/ftester/README" target="_blank">Click Here</a><br /> <b>Published Paper ::</b> <a href="http://www.tisc-insight.com/newsletters/56.html" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://dev.inversepath.com/ftester/ftester-latest.tar.gz" target="_blank">FTester-Latest</a> (.tar.gz)<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.inversepath.com/ftester.html" target="_blank">http://www.inversepath.com/ftester.html</a></div>

FTester (Testing Firewall Filtering Policies and IDS Capabilities) :: Tools

The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (ID...

Read more »

Wafw00f (Web Application Firewall Detection) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEPFB63-uWGx3aIVZ5ZzxS1NkiNshLYe7Jic5FFeulXya-517a-PboH8hrWZkQpOl-mI9kSJMdQo1aByMhfdZITiQalnRB5h2HIgcbwvGtxg6nKUL_ePCsWTbosFDnmLr2IEwNhPzBYca9/s1600/wafw00f+screenshot.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="wafw00f screenshot" border="0" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEPFB63-uWGx3aIVZ5ZzxS1NkiNshLYe7Jic5FFeulXya-517a-PboH8hrWZkQpOl-mI9kSJMdQo1aByMhfdZITiQalnRB5h2HIgcbwvGtxg6nKUL_ePCsWTbosFDnmLr2IEwNhPzBYca9/s1600/wafw00f+screenshot.JPG" title="wafw00f screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Web Application Firewalls (WAFs) </b>can be detected through stimulus/response testing scenarios. Here is a short listing of possible detection methods: </div> <ul style="text-align: justify;"> <li><b>Cookies</b>: Some WAF products add their own cookie in the HTTP communication. </li> <li><b>Server Cloaking</b>: Altering URLs and Response Headers </li> <li><b>Response Codes</b>: Different error codes for hostile pages/parameters values </li> <li><b>Drop Action</b>: Sending a FIN/RST packet (technically could also be an IDS/IPS) </li> <li><b>Pre Built-In Rules</b>: Each WAF has different negative security signatures </li> </ul> <div style="text-align: justify;"> <b>WafW00f </b>is based on these assumptions to determine remote WAFs. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <pre>$ <b>python wafw00f.py http://www.aldeid.com</b> ^ ^ _ __ _ ____ _ __ _ _ ____ ///7/ /.' \ / __////7/ /,' \ ,' \ / __/ | V V // o // _/ | V V // 0 // 0 // _/ |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/ < ...' WAFW00F - Web Application Firewall Detection Tool By Sandro Gauci && Wendel G. Henrique Checking http://www.aldeid.com Generic Detection results: The site http://www.aldeid.com <span style="background: #ffff00; color: black;">seems to be behind a WAF </span> Reason: Blocking is being done at connection/packet level. Number of requests: 13</pre> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b></div> <pre>$ <b>cd /data/pentest/web/</b> $ <b>svn checkout <a class="external free" href="http://waffit.googlecode.com/svn/trunk/" rel="nofollow" target="_blank">http://waffit.googlecode.com/svn/trunk/</a> waffit-read-only</b></pre> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.aldeid.com/wiki/Wafw00f">http://www.aldeid.com/wiki/Wafw00f</a></div>

Wafw00f (Web Application Firewall Detection) :: Tools

Web Application Firewalls (WAFs) can be detected through stimulus/response testing scenarios. Here is a short listing of possible detec...

Read more »

Fragroute :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ7jo1_vjG2XgLQxevu8HSHLP5HXWK9U13ZtsPZ-8BjIWb42nfMZoi3lZP38PUekGaUY_b7EUj2OB5KGIYr97sJmVvd8ToD6esQTAUUuliELCScxrLNogl82uw6gc38sPZXclTroqB0vzd/s1600/fragroute.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="fragroute screenshot" border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ7jo1_vjG2XgLQxevu8HSHLP5HXWK9U13ZtsPZ-8BjIWb42nfMZoi3lZP38PUekGaUY_b7EUj2OB5KGIYr97sJmVvd8ToD6esQTAUUuliELCScxrLNogl82uw6gc38sPZXclTroqB0vzd/s1600/fragroute.JPG" title="fragroute screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Fragroute</b> intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. </div> <div style="text-align: justify;"> It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behaviour. </div> <div style="text-align: justify;"> This tool was written in good faith to aid in the testing of network intrusion detection systems, firewalls, and basic TCP/IP stack behaviour. Please do not abuse this software. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <b> Required libraries ::</b> <br /> <ul> <li>libdnet </li> <li>libpcap </li> <li>libevent (for non-Windows platforms) </li> </ul> <div style="text-align: justify;"> <b>Installation :: </b><a href="http://www.monkey.org/~dugsong/fragroute/INSTALL" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>ManPage :: </b><a href="http://www.monkey.org/~dugsong/fragroute/fragroute.8.txt" target="_blank">Click Here</a><br /> <b>Video Tutorial :: </b> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/k7viy_NN8f4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://www.monkey.org/~dugsong/fragroute/fragroute-1.2.tar.gz" target="_blank">Fragroute v1.2</a> (.tar.gz)</div> <div style="text-align: justify;"> <b>Official Website :: </b> <a href="http://www.monkey.org/~dugsong/fragroute/">http://www.monkey.org/~dugsong/fragroute/</a></div>

Fragroute :: Tools

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in...

Read more »

BlindElephant (Web Application Fingerprinting) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600/BlindElephant+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="287" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600/BlindElephant+logo.png" width="320" /></a></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> The <b>BlindElephant</b> is a <b>Web Application Fingerprinter</b> attempts to discover the version of a (known) <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> by comparing static files at known locations against precomputed <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a> for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatize. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Discussion and Forum :: </b><a href="http://www.qualys.com/blindelephant" target="_blank">Click Here</a></div> <div style="text-align: justify;"> <b>Installation ::</b></div> <div style="text-align: justify;"> Installation is only required if you plan to use BlindElephant as a library. Make sure that your <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> installation has distutils, and then do: </div> <div style="text-align: justify;"> <span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code>cd blindelephant/src</code><code>sudo python setup.py install</code></span></span></div> <br /> <b>Example Usage (Command Line) :: </b><br /> setup.py will have placed BlindElephant.py in your /usr/local/bin dir. <br /> <pre style="border-left: 5px solid #ddd; padding: 10px;"><span style="font-family: "Courier New",Courier,monospace;">$ BlindElephant.py Usage: BlindElephant.py [options] url appName Options: -h, --help show this help message and exit -p PLUGINNAME, --pluginName=PLUGINNAME Fingerprint version of plugin (should apply to web app given in appname) -s, --skip Skip fingerprinting webpp, just fingerprint plugin -n NUMPROBES, --numProbes=NUMPROBES Number of files to fetch (more may increase accuracy). Default: 15 -w, --winnow If more than one version are returned, use winnowing to attempt to narrow it down (up to numProbes additional requests). -l, --list List supported webapps and plugins Use "guess" as app or plugin name to attempt to attempt to discover which supported apps/plugins are installed. $ python BlindElephant.py http://laws.qualys.com movabletype Loaded /usr/local/lib/python2.6/dist-packages/blindelephant/dbs/movabletype.pkl with 96 versions, 2229 differentiating paths, and 209 version groups. Starting BlindElephant fingerprint for version of movabletype at http://laws.qualys.com Fingerprinting resulted in: 4.22-en 4.22-en-COM 4.23-en 4.23-en-COM Best Guess: 4.23-en-COM</span> </pre> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-size: small;"><b>More Help :: </b><a href="http://sourceforge.net/p/blindelephant/code/HEAD/tree/trunk/" target="_blank">Click Here</a></span></span> </code></span></span></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: left;"> <b>Linux Command  :: </b><code>svn co https://blindelephant.svn.sourceforge.net/svnroot/blindelephant/trunk blindelephant</code></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://blindelephant.sourceforge.net/">http://blindelephant.sourceforge.net/</a></div>

BlindElephant (Web Application Fingerprinting) :: Tools

The BlindElephant is a Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing sta...

Read more »

SARA (Security Auditor's Research Assistant) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="SARA - Security Auditor's Research Assistant" border="0" height="328" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTrFtEfewv2qJbhJrO35NMjPReB75buAjazNxPAGzn_8ewu8Kl2MR6bqR7jOcWgPl2nauo85Ttm13awIkk-HKsG3RzQwwaqJLguI0HYkFQBNeOqERU6aVXWY7Iloxk6dJPbufNj51Rz3NM/s1600/network-security-tips.jpg" title="SARA - Security Auditor's Research Assistant" width="640" /></div> <div style="text-align: justify;"> The <b>Security Auditor's Research Assistant (SARA)</b> is a third generation <b>network security analysis tool</b> that that has been available and actively updated for over 10 years. Sadly, all good things have to come to an end and so it goes for SARA. <b>SARA 7.9.1</b> is our last release.(1 May 2009) Actually, SARA-7.9.2a is the final release (1 August 2009).<br /><br />SARA:</div> <ol style="text-align: justify;"> <li>    Operates under Unix, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MAC OS/X</a> or <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (through coLinux) OS'.</li> <li>    Integrates the National Vulnerability Database (NVD).</li> <li>    Performs SQL injection tests.</li> <li>    Performs exhaustive XSS tests</li> <li>    Can adapt to many firewalled environments.</li> <li>    Support remote self scan and API facilities.</li> <li>    Used for CIS benchmark initiatives</li> <li>    Plug-in facility for third party apps</li> <li>    CVE standards support</li> <li>    Enterprise search module</li> <li>    Standalone or daemon mode</li> <li>    Free-use open SATAN oriented license</li> </ol> <div style="text-align: justify;"> The first generation assistant, the Security Administrator's Tool for Analyzing <a href="http://www.toolwar.com/search/label/Network" target="_blank">Networks</a> (SATAN) was developed in early 1995. It became the benchmark for <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">network security analysis</a> for several years. However, few updates were provided and the tool slowly became obsolete in the growing threat environment. <br /><br /><h3> Tutorials ::</h3> <b><span style="font-size: small;">Installation ::</span></b> <span style="font-weight: normal;"><a href="http://www-arc.com/sara/cosara/index.shtml" target="_blank">Click Here</a></span><br /> <h3> Download ::</h3> <b>Windows :: </b><a href="http://www-arc.com/sara/downloads/cosara/cosara-7.4.1.exe" target="_blank">coSARA v7.4.1</a> (.exe)<b><br />Linux :: </b><a href="http://www-arc.com/sara/downloads/sara-7.9.2a.tgz" target="_blank">SARA v7.9.2a</a> (.tar.gz)<b><br />Official Website :: </b><a href="http://www-arc.com/sara/">http://www-arc.com/sara/</a><br /><br /></div>

SARA (Security Auditor's Research Assistant) :: Tools

The Security Auditor's Research Assistant (SARA) is a third generation network security analysis tool that that has been available ...

Read more »

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="IronWASP Screenshot" border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" title="IronWASP Screenshot" width="640" /></a></div> <b>IronWASP (Iron Web application Advanced Security testing Platform)</b> is an open source <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> for <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> application <a href="http://www.toolwar.com/search/label/Vulenrability" target="_blank">vulnerability</a> testing. It is designed to be customizable to the extent where users can create their own custom <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners</a> using it. Though an advanced user with <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners. </div> <div style="text-align: justify;"> <b>IronWASP</b> has a plugin system that supports Python and Ruby. The version of Python and Ruby used in <b>IronWASP</b> is IronPython and IronRuby which is syntactically similar to CPython and CRuby. However some of the standard libraries might not be available, instead plugin authors can make use of the powerful IronWASP API.  </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>IronWASP Blog : : </b><a href="http://blog.ironwasp.org/" target="_blank">Click Here </a></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/yUoPRnEf22I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="https://ironwasp.org/ironwasp.zip" target="_blank">IronWASP v0.9.7.5</a><b> </b>(.zip)</div> <div style="text-align: justify;"> <b>Linux :: </b></div> <div style="text-align: justify;"> <b><span style="font-family: "Courier New",Courier,monospace;">wget http://blog.anantshri.info/content/uploads/2013/01/ironwasp_installer.sh.txt -O ~/ironwasp_installer.sh && sh ~/ironwasp_installer.sh </span></b></div> <div style="text-align: justify;"> <b>Mac :: </b>IronWASP runs on Mac with <a href="http://www.codeweavers.com/products/">CrossOver</a>.</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://ironwasp.org/">http://ironwasp.org/</a></div>

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testin...

Read more »

ACE (Telephony Analysis) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWLRvwL7u17Q85XO9IPzEMIVsSg9m8CoZRlKLo-f6NhIRybAW0vQo3-YLRAXw_xVs3yOaaI3CQClkkVlDjbGbvYks6TS9rXYckfQzKMuMOSTC0JF9EmfHYq9swqpI1cBXSTCePFuQDtCaG/s1600/VoIP+Phones.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWLRvwL7u17Q85XO9IPzEMIVsSg9m8CoZRlKLo-f6NhIRybAW0vQo3-YLRAXw_xVs3yOaaI3CQClkkVlDjbGbvYks6TS9rXYckfQzKMuMOSTC0JF9EmfHYq9swqpI1cBXSTCePFuQDtCaG/s1600/VoIP+Phones.jpg" width="640" /></a></div> <div style="text-align: justify;"> <b>ACE (Automated Corporate Enumerator)</b> is a simple yet powerful <b><a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP</a> Corporate Directory enumeration tool</b> that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface. In the same way that the "corporate directory" feature of VoIP hardphones enables users to easily dial by name via their VoIP handsets, ACE was developed as a research idea born from <b>"VoIP Hopper"</b> to automate VoIP <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a> that can be targeted against names in an enterprise Directory. The concept is that in the future, attacks will be carried out against users based on their name, rather than targeting VoIP traffic against random RTP audio streams or IP addresses. ACE works by using DHCP, TFTP, and HTTP in order to download the VoIP corporate directory. It then outputs the directory to a text file, which can be used as input to other VoIP assessment tools. <b> ACE is a standalone utility,</b> but its functions are integrated into UCSniff.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Features ::</b></div> <div style="text-align: justify;"> ACE currently supports the VoIP corporate directory used in Cisco Unified IP Phones. It works in the following way:</div> <ul style="text-align: justify;"> <li>Spoofs CDP to get VVID</li> <li>Adds Voice VLAN Interface (VLAN Hop) - subsequent traffic is tagged with VVID</li> <li>Sends DHCP request tagged with VVID</li> <li>Decodes TFTP Server IP Address via DHCP Option 150</li> <li>Sends a TFTP request for IP Phone configuration file</li> <li>Parses file, learning Corporate Directory URL</li> <li>Sends an HTTP GET request for Directory</li> <li>Parses XML Data, writing directory users to a formatted text file</li> </ul> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Usages :: </b></div> <div style="text-align: justify;"> ACE can be used in one of two ways. First, it can auto-discover the TFTP Server IP Address via DHCP, or (second) the user can specify the TFTP Server IP address as a command line parameter of the tool. In either case, you must supply the MAC Address of the IP Phone with the -m option in order for the tool to correctly download the configuration file via TFTP.<br />ACE v1.0: Automated Corporate (Data) Enumerator<br />Usage: ace [-i interface] [ -m mac address ] [ -t tftp server ip address | -c cdp mode | -v voice vlan id | -r vlan interface | -d verbose mode ]<br /><br />-i (Mandatory) Interface for sniffing/sending packets<br />-m (Mandatory) MAC address of the victim IP phone<br />-t (Optional) tftp server ip address<br />-c (Optional) 0 CDP sniff mode, 1 CDP spoof mode<br />-v (Optional) Enter the voice vlan ID<br />-r (Optional) Removes the VLAN interface<br />-d (Optional) Verbose | debug mode<br /><br />Example Usages:<br />Usage requires MAC Address of IP Phone supplied with -m option<br />Usage: <span style="font-family: "Courier New",Courier,monospace;">ace -t -m</span><br /><br />Mode to automatically discover TFTP Server IP via DHCP Option 150 (-m)<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -m 00:1E:F7:28:9C:8e</span><br /><br />Mode to specify IP Address of TFTP Server<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -t 192.168.10.150 -m 00:1E:F7:28:9C:8e</span><br /><br />Mode to specify the Voice VLAN ID<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -v 96 -m 00:1E:F7:28:9C:8E</span><br /><br />Verbose mode<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -v 96 -m 00:1E:F7:28:9C:8E -d</span><br /><br />Mode to remove vlan interface<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -r eth0.96</span><br /><br />Mode to auto-discover voice vlan ID in the listening mode for CDP<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -c 0 -m 00:1E:F7:28:9C:8E</span><br /><br />Mode to auto-discover voice vlan ID in the spoofing mode for CDP<br />Example: <span style="font-family: "Courier New",Courier,monospace;">ace -i eth0 -c 1 -m 00:1E:F7:28:9C:8E</span></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/ucsniff/files/ace/ace-1.10.tar.gz/download" target="_blank">ACE v1.10</a> (.tar.gz)<b><br /> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://ucsniff.sourceforge.net/ace.html">http://ucsniff.sourceforge.net/ace.html</a></div>

ACE (Telephony Analysis) :: Tools

ACE (Automated Corporate Enumerator) is a simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of ...

Read more »

Cisco Global Exploiter (CGE) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="CISCO Global Exploiter" border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE95qKAuiFSSG89yP0adW44_GbFhQyPv25VQtzfb0sXlcZULk_kYsSmrKlhrhZGj95J1CaXicGo9aMbA-IJhRw9fBfpplvCZg7YWDn-cmp9n3DCvhhPeuPYQ-IYA8jjcmpyRd95Mee7XKc/s1600/Cisco+Global+Exploiter.PNG" title="CISCO Global Exploiter" width="320" /></a></div> <div style="text-align: justify;"> <b>Cisco Global Exploiter (CGE)</b>, is an advanced, simple and fast <a href="http://www.toolwar.com/search/label/Security" target="_blank"> security</a> testing tool/ exploit engine, that is able to exploit 14 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank"> vulnerabilities</a> in disparate Cisco switches and routers.  CGE is <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line</a> driven <a href="http://www.toolwar.com/2013/09/perl-language.html" target="_blank">perl </a>script which has a simple and easy to use front-end.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> CGE can exploit the following 14 vulnerabilities:</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[1] - Cisco 677/678 Telnet Buffer Overflow Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[2] - Cisco IOS Router Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[3] - Cisco IOS HTTP Auth Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[4] - Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability[5] - Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[6] - Cisco 675 Web Administration Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[7] - Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[8] - Cisco IOS Software HTTP Request Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[9] - Cisco 514 UDP Flood Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[10] - CiscoSecure ACS for Windows NT Server Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[11] - Cisco Catalyst Memory Leak Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[12] - Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[13] - 0 Encoding IDS Bypass Vulnerability (UTF)</span></div> <div style="text-align: justify;"> <span style="font-family: Times New Roman;">[14] - Cisco IOS HTTP Denial of Service Vulnerability</span></div> <div style="text-align: justify;"> <br /></div> <h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> Tutorial :: </h3> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Installation:</b></div> <div style="text-align: justify;"> <span style="font-family: Courier New;">tar -zxvf cge-13.tar.gz</span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b><span style="font-family: Times New Roman;">Execution:</span></b></div> <div style="text-align: justify;"> <span style="font-family: Courier New; font-size: x-small;">perl cge.pl <target> <vulnerability number></span></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Example output:</b></div> <div style="text-align: justify;"> <span style="font-size: x-small;"><span style="font-family: Courier New;">[root@hacker cge-13]# perl cge.pl 192.168.1.254 3</span><br /> <span style="font-family: Courier New;">Vulnerability successful exploited with [http://192.168.1.254/level/17/exec/....] ...</span></span></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> The above is trying to exploit <span style="font-family: Times New Roman;">the Cisco IOS HTTP Auth Vulnerability and hopefully using the nice link provided we should have basic access to the switch we are attacking, (not enable):</span></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;">   </div> <h3 style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> Download ::</h3> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> <b>Linux :: </b><a href="http://packetstormsecurity.org/0405-exploits/cge-13.tar.gz" target="_blank">Cisco Global Exploiter</a> (.tar.gz)<b><br /></b></div> <div style="margin-bottom: 0px; margin-top: 0px; text-align: justify;"> <b>Official Website :: </b><a href="http://www.vulnerabilityassessment.co.uk/cge.htm">http://www.vulnerabilityassessment.co.uk/cge.htm</a></div>

Cisco Global Exploiter (CGE) :: Tools

Cisco Global Exploiter (CGE) , is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14...

Read more »

Lightbeam for Firefox :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8LwYFX-HLYguqrxftKa8XFuXUwwkdHvKAZfApbYN5Vd6kB5Pb-QkCewhw5EAtqk7xnRX5EGLwxTSmNKvqefpZvysWyXvvmeUXlN0_Lhdp-lwgsyXJS9mhaoM6t0MfzWcNC4UEgVfr8kr/s1600/lightbeam+addon.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Lightbeam Addon" border="0" height="249" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8LwYFX-HLYguqrxftKa8XFuXUwwkdHvKAZfApbYN5Vd6kB5Pb-QkCewhw5EAtqk7xnRX5EGLwxTSmNKvqefpZvysWyXvvmeUXlN0_Lhdp-lwgsyXJS9mhaoM6t0MfzWcNC4UEgVfr8kr/s1600/lightbeam+addon.png" title="Lightbeam Addon" width="400" /></a></div> <b>Lightbeam is a Firefox</b> add-on that enables you to see the <b>first and third party sites you interact with on the <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web</a></b>. Using interactive visualizations, <b>Lightbeam</b> shows you the relationships between these third parties and the sites you visit.</div> <div style="text-align: justify;">  Using interactive visualizations, <b>Lightbeam</b> enables you to see the first and third party sites you interact with on the Web. As you browse, Lightbeam reveals the full depth of the Web today, including parts that are not transparent to the average user. Using three distinct interactive graphic representations — Graph, Clock and List — <b>Lightbeam</b> enables you to examine individual third parties over time and space, identify where they connect to your online activity and provides ways for you to engage with this unique view of the Web.<br /> <br /> <b>How Lightbeam Works ::</b><br /> When you activate Lightbeam and visit a website, sometimes called the first party, the add-on creates a real time visualization of all the third parties that are active on that page. The default visualization is called the Graph view. As you then browse to a second site, the add-on highlights the third parties that are also active there and shows which third parties have seen you at both sites. The visualization grows with every site you visit and every request made from your browser. In addition to the Graph view, you can also see your data in a Clock view to examine connections over a 24-hour period or in a List view to drill down into individual sites.<br /> <br /> <b>How You Can Use Lightbeam to Help Us Illuminate the Inner Workings of the Web ::</b> <br /> As a part of Lightbeam, we're creating a big-picture view of how tracking works on the Internet, and how third-party sites are connected to multiple other sites. You may contribute your data to our crowdsourced directory by simply turning on the share switch within the add-on. To disable crowdsourcing, you can turn it off at any time. You can view your local data stored within Lightbeam at any time, or save your data by clicking the "Save" button under the data section on the left side of the add-on.<br /> <br /> <b>How is my information stored? ::</b><br /> As a default, all info generated and used for Lightbeam’s visualizations and features are only stored locally on your computer. You can save a copy of your connection history at any time, which is also where you can see the specific data collected by the add-on. You may also reset Lightbeam to erase your locally stored connection history, disable it to stop data collection or uninstall it to instantly remove all locally stored data related to <b>Lightbeam.</b><br /> <h3> Tutorial :: </h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Axhz4vChpL4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> </h3> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download ::</b> <a href="https://addons.mozilla.org/en-US/firefox/addon/lightbeam/?src=search" target="_blank">Click Here</a> (Firefox Add-on) <b> </b><br /> <b>Official Developer ::</b> Mozilla  </div>

Lightbeam for Firefox :: Tools

Lightbeam is a Firefox add-on that enables you to see the first and third party sites you interact with on the Web . Using interactive ...

Read more »

Havij (Automated and Advanced SQL Injection) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Havij Screenshot" border="0" height="319" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" title="Havij Screenshot" width="320" /></a></div> <b>Havij</b> is an <b>automated SQL Injection tool</b> that helps <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration</a> testers to find and exploit SQL Injection vulnerabilities on a <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> page.  It can take advantage of a vulnerable web application. By using this software, user can perform back-end database fingerprinting, retrieve DBMS login names and <a href="http://www.toolwar.com/search/label/Password" target="_blank">password</a> <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a>, dump tables and columns, fetch data from the database, execute SQL statements against the server, and even access the underlying file system and execute operating system shell commands.<br /> The distinctive power of <b>Havij</b> that differentiates it from similar <a href="http://www.toolwar.com/search/label/Tools" target="_blank"> tools</a> lies in its unique methods of injection. The success rate of attack on vulnerable targets using <b>Havij</b> is above 95%.  The user friendly <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI (Graphical User Interface)</a> of Havij and its automated configuration and heuristic detections make it easy to use for everyone even amateurs.</div> <h3 style="text-align: justify;"> <b>Tutorials :: </b></h3> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>URL Rewrite :: </b><a href="http://www.itsecteam.com/files/havij/URL%20Rewrite/url_rewrite.htm" target="_blank">Click Here</a></span></span></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>MSSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/MsSQL/mssql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>PostGreSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/PostgreSQL/postgresql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Pro Features :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Pro%20Features/pro%20features.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Oracle :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Oracle/oracle.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Multi-Thread Blind Injection :: </b></span></span><a href="http://www.itsecteam.com/files/havij/multi%20thread%20blind%20injection/multi%20thread%20blind%20injection.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <b><span style="font-size: small;"><span style="font-family: inherit;">Dump All :: </span></span></b><a href="http://www.itsecteam.com/files/havij/Dump%20All/Dump_All.html" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></span></span></a><b> </b></div> <div style="text-align: justify;"> <br /> <b>How to use ::</b></div> <div class="rtejustify" style="text-align: justify;"> You can use this utility to find and potentially exploit SQL Injection vulnerabilities in web application. To use this tool, some knowledge of SQL Injection - even though abasic one - is essential. Most of what you will have to do, in typical cases, will be to enter the URL of the suceptible page, selecting the applicable method clicking 'Analyze'. Almost everything needed to reveal and make use of the vulnerabilities is done by the utility. For best results, the URL should be one that returns a normal response (rather than one that returns a 4xx response).</div> <div class="rtejustify" style="text-align: justify;"> <br /></div> <div class="rtejustify" style="text-align: justify;"> <b>Video ::</b> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/7ubB9VocgnQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="rtejustify" style="text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/dEM7YRRSvP8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows ::</b>  <a href="http://www.itsecteam.com/files/havij/Havij1.15Free.rar" target="_blank">Havij v1.15</a> (.rar) | <b>Trial</b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://itsecteam.com/products/havij-advanced-sql-injection/">http://itsecteam.com/products/havij-advanced-sql-injection/</a><b> </b></div>

Havij (Automated and Advanced SQL Injection) :: Tools

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web p...

Read more »

Advanced Encryption Package :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="encryption-window-algorithm-expanded" border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJ0GkaQws6zeP9BDAKJLLBj9oZrkk5m3h0V-j-MCgf5SnIhooYtvusIkM6347PhQZWuy9tQVYiEhoP4FdUG4Wakmw1cCrqnwMuO0TzXm9psLCcd6WqPlLHgKdbV4eFVaSo82gBFtvY14s-/s1600/encryption-window-algorithm-expanded.jpg" title="encryption-window-algorithm-expanded" width="387" /></div> <div style="text-align: justify;"> <b>Advanced Encryption Package</b> is a File <a href="http://www.toolwar.com/search/label/Encryption" target="_blank">encryption</a>, Secure File Transfer, Batch File Encryption and Encrypted Backups. <b>Advanced Encryption Package</b> adds new features to the context menu of <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> Explorer. As you can see on this screenshot, context menu has new menu item AEP and some subitems under this item: Encrypt, Decrypt, Create Self-Extracting File, Wipe. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Features ::</b></div> <div style="text-align: justify;"> <ul> <li><strong>Easy to use</strong> for novices. It integrates nicely with Windows Explorer and made easy for novices.</li> <li><strong>Strong and proven algorithms</strong> to protect your sensitive documents (20 encryption algorithms).</li> <li><strong>File</strong> and/or <strong>text</strong> encryption.</li> <li>Symmetric and asymmetric algorithms (17 data destruction algorithms).</li> <li><strong>Secure</strong> file <strong>deletion</strong>.</li> <li>Using <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> flash drives to store [en]-decryption keys.</li> <li>Creating <strong>encrypted self-extracting file</strong> to send it as <strong>email</strong> attachement. No additional software is required on other end!</li> <li>Complete <strong><a href="http://www.toolwar.com/search/label/CLI" target="_blank">command line</a> support</strong> to fully <strong>automate</strong> [en]-decryption tasks.</li> </ul> </div> <h3 style="text-align: justify;"> <b>  </b></h3> <h3> <b>Tutorials ::</b></h3> <b> How to Article :: </b><a href="http://www.aeppro.com/support/security-articles.shtml" target="_blank">Click Here</a><b> </b><br /> <h3> <b>Download ::</b></h3> <b>Windows :: </b><a href="http://www.aeppro.com/download/aep_setup.msi" target="_blank">Advanced Encryption Package Pro 2014</a> (.msi)<br /> <b>Official Website :: </b><a href="http://www.aeppro.com/products/aep.shtml" target="_blank">http://www.aeppro.com/products/aep.shtml</a>

Advanced Encryption Package :: Tools

Advanced Encryption Package is a File encryption , Secure File Transfer, Batch File Encryption and Encrypted Backups. Advanced Encryptio...

Read more »

DLL Hijack Auditor (Audit DLL Hijacking Vulnerability) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOMHBbtHY3M6lvqsdBgjSk97gxPEL_jkS-pkAh5TEJuqCY9FzYDNWnoURsXelk8hGovQ8lYwslQO2KHcGTN-_ojdmJ42ufcLJfz-U3TZ9vZzCfTJ7HrP4jFfCwaVRaSa2v93a91_Jkh7zO/s1600/dllhijackauditor_screenshot1_main_small.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="dllhijackauditor" border="0" height="303" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOMHBbtHY3M6lvqsdBgjSk97gxPEL_jkS-pkAh5TEJuqCY9FzYDNWnoURsXelk8hGovQ8lYwslQO2KHcGTN-_ojdmJ42ufcLJfz-U3TZ9vZzCfTJ7HrP4jFfCwaVRaSa2v93a91_Jkh7zO/s1600/dllhijackauditor_screenshot1_main_small.jpg" title="dllhijackauditor" width="400" /></a></div> <div style="text-align: justify;"> <b>Dll Hijack Auditor</b> is the smart tool to <b>Audit against the Dll Hijacking Vulnerability</b> in any <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> application. This is one of the critical security issue affecting almost all Windows systems. Though most of the apps have been fixed, but still many Windows applications are susceptible to this <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> which can allow any attacker to completely take over the system. DllHijackAuditor helps in discovering all such Vulnerable Dlls in a Windows application which otherwise can lead to successful exploitation resulting in total compromise of the system.<br /><br />With its simple <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI interface</a> <b>DllHijackAuditor</b> makes it easy for anyone to instantly perform the auditing operation. It also presents detailed technical Audit report which can help the developer in fixing all vulnerable points in the application. <b>DllHijackAuditor</b> is a standalone portable application which also comes with Installer for local Installation & Uninstallation of software. </div> <div style="text-align: justify;"> It works on wide range of platforms starting from Windows XP to latest operating system, Windows 8.<br /><h3> Features ::</h3> <ul> <li>Here are some of the smart features of<b> DllHijackAuditor,</b></li> <li>Directly & Instantly audit any Windows Application.</li> <li>Allows complete testing to uncover all Vulnerable points in the target Application</li> <li>Smart <a href="http://www.toolwar.com/search/label/Debugger" target="_blank">Debugger</a> based 'Interception Engine' for consistent and efficent performance without intrusion.</li> <li>Support for specifying as well as auditing of application with custom & multiple Extensions.</li> <li>Timeout Configuration to alter the waiting time for each Application.</li> <li>Generates complete auditing report (in HTML format) about all vulnerable hijack points in the Application.</li> <li>GUI based tool, makes it easy for anyone with minimum knowledge to perform the auditing operation.</li> <li>Does not require any special privilege for auditing of the application (unless target application requires)</li> <li>Free from Antivirus as it does not use any shellcodes or exploit codes which trigger Antivirus to terminate the operation.</li> <li>Fully portable tool which can be run directly on any system.</li> <li>Support for local Installation and uninstallation of the software. </li> </ul> <h3> Tutorials :: </h3> </div> <div style="text-align: justify;"> <b>Installation & Uninstallation ::</b><br />It comes with simple Instaler that helps you to install it locally on your system for regular usage. It has intuitive setup wizard which guides you through series of steps in completion of installation. At any point of time, you can uninstall the product using the Uninstaller located at following location (by default)</div> <div style="text-align: justify;"> <br />[Windows 32 bit]<br />C:\Program Files\SecurityXploded\DllHijackAuditor<br /><br />[Windows 64 bit]<br />C:\Program Files (x86)\SecurityXploded\DllHijackAuditor<br /><br /><b>How to use ::</b><br /><ul> <li>Here are simple tests to use <b>DllHijackAuditor</b> for auditing of any Windows application.</li> <li>Launch the DllHijackAuditor after copying it or installing it on your local system. </li> <li>Now click on 'Browse' button to select application and then click on 'Start Audit' to begin the operation.</li> <li>Next click on 'Exploit' button (only if it has found any vulnerable DLLs in the previous phase) to perform real Exploitation test.</li> <li>Finally click on 'Report' button to generate complete Audit report. </li> </ul> You can tick the check box ( 'Do not terminate application' ) to make DllHijackAuditor to wait until you perform complete testing of all vulnerable points within the application. Once you are done with the testing, close the application so that <b>DllHijackAuditor</b> will continue with auditing operation.</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Video :: </b></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EBXGA8eMrT4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <b> </b></div> <div style="text-align: justify;"> <h3> <b>Download ::</b></h3> </div> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://securityxploded.com/download-file.php?id=7777" target="_blank">DLL Hijack Auditor v3.0 </a><b><br /></b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://securityxploded.com/dllhijackauditor.php">http://securityxploded.com/dllhijackauditor.php</a></div>

DLL Hijack Auditor (Audit DLL Hijacking Vulnerability) :: Tools

Dll Hijack Auditor is the smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is one of the c...

Read more »

SSLsplit (MITM Attack against SSL/TLS) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="sslsplit" border="0" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiKnDa1SmFAz2I_uUyfY8OE-KawIYa9Rk7T3wbyfUM42-zCwgo1Hs18FThDil200FpKE2OdkcCO9Uvk0_lHGNieQuDLgJxQVuvj7VN0Yhxbtky5w-AyzRHrrqWZB4Qrf8q5dafKyblfRnO/s1600/SSLsplit.jpg" title="sslsplit" width="400" /></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><b>SSLsplit</b> is a tool for <b><a href="http://www.toolwar.com/search/label/MITM" target="_blank">man-in-the-middle attacks</a> against SSL/TLS</b> encrypted <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. <b>SSLsplit</b> terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensics</a> and <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>.</span></div> <br /> <div style="text-align: justify;"> <span style="font-family: inherit;"><b>SSLsplit </b>supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. <b>SSLsplit</b> fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. <b>SSLsplit </b>can also use existing certificates of which the private key is available, instead of generating forged ones. <b>SSLsplit</b> supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. SSLsplit removes HPKP response headers in order to prevent public key pinning.</span></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>Installation ::</b></div> <div style="text-align: justify;"> SSLsplit is or will be available as a package or port on the following systems:</div> <ul style="text-align: justify;"> <li>OpenBSD: security/sslsplit</li> <li>Arch Linux AUR: sslsplit</li> <li>Fedora: sslsplit</li> <li>Kali: sslsplit</li> <li>Backtrack: sslsplit</li> </ul> <div style="text-align: justify;"> <b>To install from source:</b></div> <div style="text-align: justify;"> <pre><code class=" ruby">make make <span class="keymethods">test</span> <span class="comment"># optional unit tests</span> make install <span class="comment"># optional install</span> </code></pre> </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Usage ::</b></div> <div style="text-align: justify;"> <pre><code class=" sql">% sslsplit -h <span class="keyword">Usage</span>: sslsplit [options...] [proxyspecs...] -c pemfile use CA cert (<span class="keyword">and</span> <span class="keyword">key</span>) <span class="keyword">from</span> pemfile <span class="keyword">to</span> sign forged certs -k pemfile use CA <span class="keyword">key</span> (<span class="keyword">and</span> cert) <span class="keyword">from</span> pemfile <span class="keyword">to</span> sign forged certs -C pemfile use CA chain <span class="keyword">from</span> pemfile (intermediate <span class="keyword">and</span> root CA certs) -K pemfile use <span class="keyword">key</span> <span class="keyword">from</span> pemfile <span class="keyword">for</span> leaf certs (<span class="keyword">default</span>: generate) -t certdir use cert+chain+<span class="keyword">key</span> PEM files <span class="keyword">from</span> certdir <span class="keyword">to</span> target <span class="keyword">all</span> sites matching the common <span class="keyword">names</span> (non-matching: generate if CA) -O deny <span class="keyword">all</span> OCSP requests <span class="keyword">on</span> <span class="keyword">all</span> proxyspecs -P passthrough SSL connections if they cannot be split because <span class="keyword">of</span> client cert auth <span class="keyword">or</span> <span class="keyword">no</span> matching cert <span class="keyword">and</span> <span class="keyword">no</span> CA (<span class="keyword">default</span>: <span class="keyword">drop</span>) -g pemfile use DH <span class="keyword">group</span> params <span class="keyword">from</span> pemfile (<span class="keyword">default</span>: keyfiles <span class="keyword">or</span> auto) -G curve use ECDH named curve (<span class="keyword">default</span>: secp160r2 <span class="keyword">for</span> non-RSA leafkey) -Z disable SSL/TLS compression <span class="keyword">on</span> <span class="keyword">all</span> connections -s ciphers use the given OpenSSL cipher suite spec (<span class="keyword">default</span>: <span class="keyword">ALL</span>:-aNULL) -e engine specify <span class="keyword">default</span> NAT engine <span class="keyword">to</span> use (<span class="keyword">default</span>: ipfw) -E list available NAT engines <span class="keyword">and</span> exit -u <span class="keyword">user</span> <span class="keyword">drop</span> <span class="keyword">privileges</span> <span class="keyword">to</span> <span class="keyword">user</span> (<span class="keyword">default</span> if run <span class="keyword">as</span> root: nobody) -j jaildir chroot() <span class="keyword">to</span> jaildir (<span class="keyword">default</span> if run <span class="keyword">as</span> root: /var/empty) -p pidfile <span class="keyword">write</span> pid <span class="keyword">to</span> pidfile (<span class="keyword">default</span>: <span class="keyword">no</span> pid file) -l logfile <span class="keyword">connect</span> log: log one line summary per <span class="keyword">connection</span> <span class="keyword">to</span> logfile -L logfile content log: <span class="keyword">full</span> data <span class="keyword">to</span> file <span class="keyword">or</span> named pipe (excludes -S) -S logdir content log: <span class="keyword">full</span> data <span class="keyword">to</span> separate files <span class="keyword">in</span> dir (excludes -L) -d daemon mode: run <span class="keyword">in</span> background, log error messages <span class="keyword">to</span> syslog -D debug mode: run <span class="keyword">in</span> foreground, log debug messages <span class="keyword">on</span> stderr -V print version information <span class="keyword">and</span> exit -h print <span class="keyword">usage</span> information <span class="keyword">and</span> exit proxyspec = type listenaddr+port [natengine|targetaddr+port|<span class="string">"sni"</span>+port] e.g. http <span class="number">0.0</span>.<span class="number">0.0</span> <span class="number">8080</span> www.roe.ch <span class="number">80</span> # http/<span class="number">4</span>; static hostname dst https ::<span class="number">1</span> <span class="number">8443</span> <span class="number">2001</span>:db8::<span class="number">1</span> <span class="number">443</span> # https/<span class="number">6</span>; static address dst https <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">9443</span> sni <span class="number">443</span> # https/<span class="number">4</span>; SNI DNS lookups tcp <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">10025</span> # tcp/<span class="number">4</span>; <span class="keyword">default</span> NAT engine ssl <span class="number">2001</span>:db8::<span class="number">2</span> <span class="number">9999</span> pf # ssl/<span class="number">6</span>; NAT engine <span class="string">'pf'</span> Example: sslsplit -k ca.<span class="keyword">key</span> -c ca.pem -P https <span class="number">127.0</span>.<span class="number">0.1</span> <span class="number">8443</span> https ::<span class="number">1</span> <span class="number">8443</span></code></pre> </div> <div style="text-align: justify;"> <code class=" sql"><span style="font-family: "Courier New",Courier,monospace;"><b><span style="font-weight: normal;"><span class="number"><br /></span></span></b></span> </code></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Requirements ::</h3> <div style="text-align: justify;"> SSLsplit depends on the OpenSSL and libevent 2.x libraries. The build depends on GNU make and a POSIX.2 environment in <code>PATH</code>. The (optional) unit tests depend on the check library.</div> <div style="text-align: justify;"> SSLsplit currently supports the following operating systems and NAT engines:</div> <ul style="text-align: justify;"> <li>FreeBSD: pf rdr and divert-to, ipfw fwd, ipfilter rdr</li> <li>OpenBSD: pf rdr-to and divert-to</li> <li>Linux: netfilter REDIRECT and TPROXY</li> <li>Mac OS X: ipfw fwd and pf rdr (experimental)</li> </ul> <h3> Download ::</h3> <b>Linux :: </b><a href="http://mirror.roe.ch/rel/sslsplit/sslsplit-0.4.8.tar.bz2" target="_blank">SSLsplit v0.4.8</a> (.tar.bz2)<b><br /></b><br /> <b>Official Website ::</b> <a href="http://www.roe.ch/SSLsplit">http://www.roe.ch/SSLsplit</a><br /><code class=" ruby"><span class="comment"></span> </code>

SSLsplit (MITM Attack against SSL/TLS) :: Tools

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently interc...

Read more »

Simple Packet Sender- SRS (Packet Crafting) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BUKKw498tOZ31MifYW6bPLuJau7rdayfP5pA059VWTSs2bX9U8wBoL0uzzMGPCSIx2uJ2Zd0U3siY6mMaSIHGNiuByoH6wcWmPvKxDi_QhXGorMs_JAvn14nckZgM-3C0XybRLTQpiVN/s1600/tcp-ipv4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Simple Packet sender screenshot" border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BUKKw498tOZ31MifYW6bPLuJau7rdayfP5pA059VWTSs2bX9U8wBoL0uzzMGPCSIx2uJ2Zd0U3siY6mMaSIHGNiuByoH6wcWmPvKxDi_QhXGorMs_JAvn14nckZgM-3C0XybRLTQpiVN/s1600/tcp-ipv4.png" title="Simple Packet sender screenshot" width="320" /></a></div> <div style="text-align: justify;"> <b>Simple Packet Sender (SPS)</b> is a linux <b>packet crafting tool</b>. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. Written in C on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> with <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> built using GTK+ and released under GPLv3. Does not require pcap.</div> <h3 style="text-align: justify;"> <b>Features:</b></h3> <div style="text-align: justify;"> <a href="http://www.toolwar.com/search/label/Packet" target="_blank">Packet</a><a href="http://www.toolwar.com/search/label/Packet" target="_blank"> crafting</a> and sending one, multiple, or flooding IPv4 and IPv6 packets of type TCP, ICMP, or UDP (or cycle through all three). All values within ethernet frame can be modified arbitrarily. Supports IPv4 header options, TCP header options, and TCP, ICMP and UDP data as well, input from either: keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. IPv6 support includes: hop-by-hop, "first" and "last" destination, routing, authentication, and encapsulating security payload (ESP) extension headers. For those without access to a native IPv6 <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, IPv6 packets can be transmitted over IPv4 (6to4).</div> <div style="text-align: justify;"> Packet fragmentation for IPv4, IPv6, and 6to4. Assumed maximum transmission unit (MTU) can be changed if unusual fragment sizes are needed. IP addresses and port numbers can be randomized. A configurable traceroute function, which supports TCP, ICMP, and UDP packets with all the features mentioned above. View packets in hexadecimal/ASCII representation, in both unfragmented and fragmented forms. All packet settings can be saved to and loaded from file. IP and ASN delegation functions, including: country name/code search and reverse-search, autonomous system (AS) number search by country and reverse-search,  IPv4 and IPv6 address delegation search and reverse-search.</div> <div style="text-align: justify;"> ARP (IPv4) and Neighbor Discovery (IPv6) for querying a LAN for MAC addresses of local nodes.</div> <div style="text-align: justify;"> Retrieve MAC address and current MTU setting of any attached network interface. Domain name resolution and <a href="http://www.toolwar.com/search/label/Reverse" target="_blank">reverse</a> resolution.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorial ::</h3> <div style="text-align: justify;"> <b>Wiki ::</b> <a href="http://sourceforge.net/p/simplepacket/wiki/Home/" target="_blank">Click Here</a></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="https://sites.google.com/site/simplepacketsender/sps-4.2.tar.gz?attredirects=0" target="_blank">Simple Packet Sender</a> (.tar.gz)<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="https://sites.google.com/site/simplepacketsender/">https://sites.google.com/site/simplepacketsender/</a></div>

Simple Packet Sender- SRS (Packet Crafting) :: Tools

Simple Packet Sender (SPS) is a linux packet crafting tool . Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over I...

Read more »

Rootkit Hunter (Rootkit Scanner) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <b><img alt="rootkit hunter logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmAKcX4SzdyaNdf4DapqpG3d1wMIQl85Bf0MAAPmJDtEku0X-3BPe_s9_ozZkwyHMyJrfIXdORod7eI9TGZejFbegPFldu185F6m872hTfpFEgo8CPqIQPMyFm9ltA2FzzD6V9PhSLSoVP/s1600/Rkhunter.jpg" title="rootkit hunter logo" /></b></div> <b>Rootkit Hunter</b> is <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanning tool</a> to ensure you for about 99.9%* you're clean of nasty <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>. This tool <i>scans for <a href="http://www.toolwar.com/search/label/Rootkit" target="_blank">rootkits</a>, backdoors and local exploits</i> by running tests like:<br /> <br />     - MD5 <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> compare<br />     - Look for default files used by rootkits<br />     - Wrong file permissions for binaries<br />     - Look for suspected strings in LKM and KLD modules<br />     - Look for hidden files<br />     - Optional scan within plaintext and binary files<br /> <br /> <b>Rootkit Hunter</b> is released as GPL licensed project and free for everyone to use.* No, not really 99.9%.. It's just another security layer<br /> <br /> <b>System requirements:</b><br />     - Compatible operating system (see 'Supported operating systems')<br />     - Bourne Again Shell (BASH)<br /> <br /> <b>Supported operating systems ::</b><br /> - Most <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">Linux distributions</a><br /> - Most *BSD distributions</div> <div style="text-align: justify;"> <h3> Tutorial ::</h3> <b>Scanning Techniques :: </b><a href="http://www.rootkit.nl/articles/rootkit_scanning_techniques.html" target="_blank">Click Here</a><br /> <b>Documentations :: </b><a href="http://www.rootkit.nl/files/rootkit_documentation.html" target="_blank">Click Here</a><br /> <b>Video Tutorial ::</b>  <br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5ngeBpeRros?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> </div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://sourceforge.net/projects/rkhunter/files/latest/download" target="_blank">RootKit Hunter v1.4.0</a> (.tar.gz)<b> </b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.rootkit.nl/projects/rootkit_hunter.html">http://www.rootkit.nl/projects/rootkit_hunter.html</a></div>

Rootkit Hunter (Rootkit Scanner) :: Tools

Rootkit Hunter is scanning tool to ensure you for about 99.9%* you're clean of nasty tools . This tool scans for rootkits , backdoo...

Read more »

Lynis (Security and System Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s1600/lynis-screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="lynis screenshot" border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s320/lynis-screenshot.png" title="lynis screenshot" width="400" /></a></div> <div style="text-align: justify;"> <b>Lynis</b> is a <b><i>Security and system auditing tool</i> </b>to harden <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> systems. <b>Lynis</b> is an <b>auditing tool </b>for Unix/Linux (specialists). It scans the <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> and available software and performs many individual <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> checks. It determines the hardening state of the machine and <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detects</a> security issues. Beside security related information it will also scan for general system information, installed packages and possible configuration errors. <b>Lynis</b> is a <a href="http://www.toolwar.com/search/label/Security" target="_blank">security tool</a> to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan it will provide the warnings and suggestions to help you improving the security defense of your systems.<br /> <br /> This software aims in assisting automated auditing, hardening, software patch management, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> and <a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a> scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (<a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> stick, cd/dvd).<br /> <br /> <b>Lynis </b>assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits.<br /> <br /> <b>Intended audience:</b><br /> Security specialists, penetration testers, system auditors, system/network managers.<br /> <br /> <b>Examples of audit tests:</b><br /> - Available authentication methods<br /> - Expired SSL certificates<br /> - Outdated software<br /> - User accounts without password<br /> - Incorrect file permissions<br /> - Configuration errors<br /> - Firewall auditing<br /> <br /> <b>Current state:</b><br /> Stable releases are available, development is active.<br /> <h3> Tutorials :: </h3> <b>Documentation :: </b><a href="http://www.rootkit.nl/files/lynis-documentation.html" target="_blank">Click Here</a> </div> <div style="text-align: justify;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FgkC4k1kJaE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> <b>Download </b></h3> <b>Linux ::</b> <a href="http://cisofy.com/files/lynis-1.4.0.tar.gz" target="_blank">Llynis-1.4.0</a> (.tar.gz)</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.rootkit.nl/projects/lynis.html" target="_blank">http://www.rootkit.nl/projects/lynis.html </a></div> </div>

Lynis (Security and System Auditing) :: Tools

Lynis is a Security and system auditing tool to harden Linux systems. Lynis is an auditing tool for Unix/Linux (specialists). It sca...

Read more »

PuTTY (SSH and Telnet Client) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="putty logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3zvoJcKewErjVHSTjvbSDUjRlAnvLx8DNoFccuOvxFsCFHnuKCMJYOJ1NrhyfEBId03fqOnulo2MIoeDxqIbix4vgflC093Md_UhkccEcdQQ4NZiRT5mNwvddKjRoz6N4izQD-ufOng6j/s1600/putty+logo.png" title="putty logo" /></div> <div style="text-align: justify;"> <b>PuTTY</b> is a free <b>implementation of Telnet and SSH for Windows and Unix</b> platforms, along with an <code>xterm</code> terminal emulator. It is written and maintained primarily by Simon Tatham. </div> <div style="text-align: justify;"> <b>PuTTY</b> is a free and <i>open-source terminal emulator</i>, serial console and <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> file transfer application. It supports several network <a href="http://www.toolwar.com/search/label/Protocol" target="_blank">protocols</a>, including SCP, SSH, Telnet and rlogin. The name "<b>PuTTY</b>" has no definitive meaning, though "tty" is the name for a terminal in the Unix tradition, usually held to be short for Teletype.<br /> <br /> <b>PuTTY</b> was originally written for Microsoft <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, but it has been ported to various other operating systems. Official ports are available for some Unix-like platforms, with work-in-progress ports to Classic Mac OS and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac</a> OS X, and unofficial ports have been contributed to platforms such as Symbian and Windows Mobile.<br /> </div> <h3 style="text-align: justify;"> Tutorials :: </h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9CZphjhQxIQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe" target="_blank">PuTTY x86</a> <b>(.exe)</b></div> <div style="text-align: justify;"> <b>Unix :: </b><a href="http://the.earth.li/~sgtatham/putty/latest/putty-0.63.tar.gz" target="_blank">PuTTY</a><b> (.tar.gz)</b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">http://www.chiark.greenend.org.uk/~sgtatham/putty/</a></div>

PuTTY (SSH and Telnet Client) :: Tools

PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. It is written ...

Read more »

FruityWiFi (Wireless Auditing) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="FruityWiFi Screenshot" border="0" height="311" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1JHrHssrXvjVxrIiXhQ2a_6Nw0cQ6Io_oxLac-3nYxXA0ztQBVccfe8XxahD3MDwUa0nN_AyCnTwyNYqRew1esXzke6jIE0oEZJ9-UqWX7VbnNqecm1eywx_ksuFf4SRuUs0ISrTb68ij/s320/FruityWiFi+Screenshot.JPG" title="FruityWiFi Screenshot" width="320" /></div> <div style="text-align: justify;"> <b>FruityWifi</b> is a <i>wireless network auditing tool</i> based in the <a href="http://www.toolwar.com/search/label/WiFi" target="_blank">wifi</a> Pineapple. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, <a href="http://www.toolwar.com/2013/09/kali-linux-toolwar.html" target="_blank">Kali Linux</a>, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi).</div> <h3 style="text-align: justify;"> Tutorial ::</h3> <div style="text-align: justify;"> <b> Wiki :: </b><a href="https://github.com/xtr4nge/FruityWifi/wiki" target="_blank">Click Here</a></div> <h3 style="text-align: justify;"> Download :: </h3> <div style="text-align: justify;"> <b>Linux ::</b> <a href="https://github.com/xtr4nge/FruityWifi/archive/master.zip" target="_blank">FruityWiFi</a></div>

FruityWiFi (Wireless Auditing) :: Tools

FruityWifi is a wireless network auditing tool based in the wifi Pineapple. The application can be installed in any Debian based syst...

Read more »

WormTrack (Network IDS) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="wormtrack " border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhS_UOobtkh2f05uE8fyvAf88MMYAlPr8YiidihA2xGZvHZMsYhmnbVhGG_lwY9beh6w82FX9GdK-B4yEJK56j-SYiyBfKseSVHH6hyc4cS5aWRJgwp1oGurg46HM1l9BIs7JRt2d_jPsWn/s1600/WormTrack.jpg" title="wormtrack " width="400" /></div> <b>WormTrack</b> is a <b>Network based intrusion detection system (NIDS)</b> designed to identify scanning activity on the <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, in particular of <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanning</a> worms (horizontal scanning of the network). It attempts to do that WITHOUT having any type of privileged access to the network equipment, for example a MONITOR port on a switch. It also doesn't require a constant updating of its signature engine, as new threats are released, since it is based on <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detection</a> of anomalous activity - which all Worms, that propagate through the network, would exhibit in order to survive and spread efficiently. A <b>Network IDS </b>which allows detection of scanning worms on a Local Area Network by <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> of anomalous ARP traffic. This allows detection of scanning threats on the network, without having a privileged access on a Switch to set up a dedicated Monitor PORT, nor does it require a constant updating of the rules engine to address new threats. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>General Info & Configuration :: </b><a href="http://code.google.com/p/wormtrack/wiki/GeneralInfo" target="_blank">Click Here</a> </div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux :: </b><a href="http://wormtrack.googlecode.com/files/wormtrack-0.1.tar.gz" target="_blank">WormTrackv0.1</a> (.tar.gz)<b><br /></b></div> <div style="text-align: justify;"> <b>Source Website ::</b><a href="http://code.google.com/p/wormtrack/" target="_blank"> http://code.google.com/p/wormtrack/</a></div>

WormTrack (Network IDS) :: Tools

WormTrack is a Network based intrusion detection system (NIDS) designed to identify scanning activity on the network , in particular o...

Read more »

Pytbull (IDS/IPS Testing) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;">  <img alt="pytbull ids mode" border="0" height="291" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBUJPMHKujz46n6sRck2NZDM075hEsNEerHmckZ-25awz2AFXTsWET-KZg7ngqkBZi0hpKmBHgm9_EwaLliZYrhmFPjNhRYcjqM3beHBHH4szekg9xDZKMPb1parSaCEd4KfgunPEj-e4f/s1600/pytbull-ids-mode.png" title="pytbull ids mode" width="400" /></div> <b>Pytbull</b> is an <b>Intrusion Detection/Prevention System (IDS/IPS) testing framework</b> for <i><a href="http://www.toolwar.com/2013/09/snort-tools_7.html" target="_blank">Snort</a> and Suricata.</i> We all know the greatness of these two projects. Even though it concentrates on Snort and Suricata, it can possibly be used to test the <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detection</a> and blocking capabilities of other <b><a href="http://www.toolwar.com/search/label/IDS" target="_blank">IDS</a>/<a href="http://www.toolwar.com/search/label/IPS" target="_blank">IPS</a></b> also. You can also use it to compare IDS/IPS, or compare their configuration modifications or to simply check/validate configurations. The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> is well equipped with about 300 tests grouped in 8 testing modules, such as:You've just set up your Intrusion Detection/Prevention System (IDS/IPS) and feel "Now I'm secure". But how can you be so sure? And how much do you trust your IDS/IPS?</div> <div style="text-align: justify;"> The only way to ensure your <b>IDS/IPS</b> detects and blocks unwanted traffic is to test it with specific payloads and <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, but this job can take hours or even days...</div> <div style="text-align: justify;"> Why all this pain? Here is where pytbull comes in!</div> <div style="text-align: justify;"> <b>Pytbull</b> is a <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> based flexible IDS/IPS <a href="http://www.toolwar.com/search/label/Testing" target="_blank">testing</a> framework shipped with more than 300 tests, grouped in 9 modules, covering a large scope of attacks (clientSideAttacks, testRules, badTraffic, fragmentedPackets, multipleFailedLogins, evasionTechniques, shellCodes, denialOfService, pcapReplay)</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_zS1f-F9niw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Linux ::</b> <a href="https://downloads.sourceforge.net/project/pytbull/pytbull-2.0.tar.bz2" target="_blank">Pytbull v2.0</a> (.tar.bz2)</div> <div style="text-align: justify;"> <b>Official Website :: </b>http://pytbull.sourceforge.net/ </div>

Pytbull (IDS/IPS Testing) :: Framework

  Pytbull is an Intrusion Detection/Prevention System (IDS/IPS) testing framework for Snort and Suricata. We all know the greatness o...

Read more »