Penetration Testing mailing list archives
Tools Update - Second week of March 2010
From: "SD List" <list () security-database com>
Date: Sat, 13 Mar 2010 22:11:38 +0100 (CET)
Hello Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. You can also follow us on Twitter (http://twitter.com/ToolsWatch) to share hot information with our followers (great bloggers, auditors, pentestors, IT professionals and old days hackers. New articles -------------------------- ** Sniff-n-Spit v1.0 - intercepting communications ** by ToolsTracker - 13 March 2010 During Penetration testing it can be seen that thick-clients sometimes communicate with a server whose IP address is hardcoded in to it.The HTTP communication between such client and server is harder to intercept and test. Sniff-n-Snip is a very useful utility in such scenarios. It sniffs for HTTP packets from the client to server and forwards them to your favorite proxy (Burp, WebScarab, Paros etc). User Input: The tool expects the following user input: Number of the listening (...) -> http://www.security-database.com/toolswatch/Sniff-n-Spit-v1-intercepting.html ** Imposter v0.9 - Browser Phishing Tool ** by ToolsTracker - 13 March 2010 Imposter is a flexible framework to perform Browser Phishing attacks. Once the system running Imposter is configured as the DNS server to the victims, the internal DNS server of Imposter resolves all DNS queries to itself. When the victim tries to access any website the domain resolves to the system running Imposter and Imposters internal web server serves content to the victim. Depending on the configuration appropriate payloads are sent to the victim. Data stolen from the victim is sent (...) -> http://www.security-database.com/toolswatch/Imposter-v0-9-Browser-Phishing.html ** iScanner v0.4 released - Malicious codes scanner ** by Tools Tracker Team - 12 March 2010 iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically. This tool is programmed by iSecur1ty using Ruby programming language and it's released under the terms of GNU Affero General Public License 3.0. Features Detect malicious codes in web pages, this include hidden iframe tags, javascript, vbscript and activex objects. Extensive log shows the infected files and the malicious code. (...) -> http://www.security-database.com/toolswatch/iScanner-v0-4-released-Malicious.html ** KNOPPIX 6.2.1 LiveCD available ** by Tools Tracker Team - 12 March 2010 KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Due to on-the-fly decompression, (...) -> http://www.security-database.com/toolswatch/KNOPPIX-6-2-1-LiveCD-available.html ** Samhain v2.6.3 & Beltane v2.3.19 released ** by ToolsTracker - 11 March 2010 The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain v2.6.3 A regression in the email code has been fixed. This regression would cause messages of highest priority to get queued along with other messages, instead of getting mailed immediately MD5: 0a10af903c87017fbc27d5248fcd6029 Beltane (...) -> http://www.security-database.com/toolswatch/Samhain-v2-6-3-Beltane-v2-3-19.html ** Social-Engineering Ninja v0.1 Beta - PHP scripts ** by ToolsTracker - 11 March 2010 S-E Ninja is a Social Engineering tool, with 20-25 popular sites fake pages and anonymous mailer via mail() function in PHP. Available Sites: amazon.com digg.com ebuddy.com facebook.com gmail.com hotmail.com msn.com (hotmail) myspace.com onecard.com (AR,EN Langs) paypal.com travian.com (AR,EN Langs) twitter.com yahoo.com youtube.com Features: Fakepages. IP, malicious page gives you the ip address of victim. Mailer. You can send an anonymous message using PHP mail() (...) -> http://www.security-database.com/toolswatch/Social-Engineering-Ninja-v0-1-Beta.html ** plecost v0.2.2-7 Beta (Update!) ** by ToolsTracker - 11 March 2010 Wordpress finger printer tool search and retrieve information about the plugins versions installed in Wordpress systems. It can analyze a single URL or perform an analysis based on the results indexed by Google. Additionally displays CVE code associated with each plugin, if there. Version 0.2.2-7 Beta Fixed some execition errors. Libraries xgoogle Plecost works in two modes. On the one hand by analyzing a single URL and the other analyzing the results of Google searches (-G). (...) -> http://www.security-database.com/toolswatch/plecost-v0-2-2-7-Beta-Update.html ** Vordel SOAPbox for analyzing Webservices Security ** by Tools Tracker Team - 11 March 2010 SOAPbox is a Web services testing tool, which supports both SOAP-based and REST-based invocation modes. It shares some of its architecture with the Vordel XML Gateway, especially for security features or policy creation. Using SOAPbox, you can: Test Web services residing in your internal network, or provided from the Web, or in a cloud environment. SOAP-style and REST-style services and SOAP attachments are supported. Test Web services that require encrypted input. Test Web services (...) -> http://www.security-database.com/toolswatch/Vordel-SOAPbox-for-analyzing.html ** FireCAT v1.6 updated with 4 Firebug add-ons ** by Tools Tracker Team - 10 March 2010 FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners. New extensions added: Firebug add-ons added (Category Editors -> FireBug) : Flashbug: A Firebug extension for Flash. Displays all the running .SWF file trace output. (...) -> http://www.security-database.com/toolswatch/FireCAT-v1-6-updated-with-4.html ** Eclipse HTTP Client (HTTP4e) v3.0 available ** by Tools Tracker Team - 10 March 2010 Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking. Features: Making/Replaying an HTTP call directly from Eclipse IDE Visual Editors for HTTP headers, parameters and body Tabbed browsing (allowing replaying different RESTful, HTTP calls on separate tabs) History (...) -> http://www.security-database.com/toolswatch/Eclipse-HTTP-Client-HTTP4e-v3.html ** SubSeven v2.3.2010 released ** by Tools Tracker Team - 10 March 2010 SubSeven 2.3 is a simple, easy to use remote administration tool (RAT) designed to work on all current Windows platforms, both 32bit and 64bit. This tool is aimed at people who want that little bit more power and control over remote computer management. Please use this tool responsibly and read and accept the disclaimer prior to use. If you do not agree with the disclaimer, please do not use the tool. You accept full liability and responsibility for your actions when using SubSeven. Do not (...) -> http://www.security-database.com/toolswatch/SubSeven-v2-3-2010-released.html ** GeoIPgen v0.4 Country-to-IPs generator ** by ToolsTracker - 9 March 2010 GeoIPgen is a country-to-IPs generator. It's a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country. Version 0.4 (07/03/2010) Faster and smaller memory usage. It now uses the fast-random algorithm by default instead of the bit-field method Re-wrote README file Simplified usage instructions Video: Geo (...) -> http://www.security-database.com/toolswatch/GeoIPgen-v0-4-Country-to-IPs.html ** OpenSCAP v0.5.7 released ** by ToolsTracker - 9 March 2010 The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP. Version 0.5.7 Debian dpkginfo probe is available now RHEL5 support new command line tool - OVAL scanner Fedora 12 OVAL content available documentation is (...) -> http://www.security-database.com/toolswatch/OpenSCAP-v0-5-7-released.html ** Dradis v2.5.1 released ** by ToolsTracker - 9 March 2010 Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. Features include: Easy report generation. Support for attachments. Integration with existing systems and tools through server plugins. Platform independent. Version 2.5.1 (7/03/2010) Server component: Various improvements in the NotesBrowser (...) -> http://www.security-database.com/toolswatch/Dradis-v2-5-1-released.html ** Flint v1.0 the Firewall Rules Checkup Scanner ** by Tools Tracker Team - 9 March 2010 Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can: CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can't match traffic. ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules SANITY CHECK CHANGES to see if new rules create problems. Flint is absolutely free. There's no catch. You can download the source from our git repository. This isn't the "play at home" version; it's our second (...) -> http://www.security-database.com/toolswatch/Flint-v1-the-Firewall-Rules.html ** DirBuster v1.0 RC 1 - released ** by ToolsTracker - 8 March 2010 DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Version 1.0 RC 1 Auto pause, when 20 consecutive 20 errors happen Spelling mistakes corrected Multi threaded all the work generation, so multiple dir and file exts are scanned at the same time (this makes it much faster!) Reconstructed multiple parts of the code Proxy settings are now persistent The ability to change the look and feel has now been added (...) -> http://www.security-database.com/toolswatch/DirBuster-v1-RC-1-released.html ** plecost v0.1.6 RT Beta - WP finger printer tool ** by ToolsTracker - 8 March 2010 Wordpress finger printer tool search and retrieve information about the plugins versions installed in Wordpress systems. It can analyze a single URL or perform an analysis based on the results indexed by Google. Additionally displays CVE code associated with each plugin, if there. Version 0.1-6-rt-beta: Threads support added. Libraries xgoogle Plecost works in two modes. On the one hand by analyzing a single URL and the other analyzing the results of Google searches (-G). Options: (...) -> http://www.security-database.com/toolswatch/plecost-v0-1-6-RT-Beta-WP-finger.html ** Building your own malware lab (Part 1 & 2) - SecTechno ** by Tools Tracker Team - 7 March 2010 Malicious software pieces like viruses, worms and bots are currently one of the largest threats to the security of the Internet. Antivirus Labs have invested great Money for analyzing and reversing viruses, but for our case we can perform the analysis using some useful tools on our PC. Lets start with www.virustotal.com , if I feel that I have a suspicious file. First what I will do is to upload it to VirusTotal. VirusTotal gives the user the ability to analyze any file with more than 40 (...) -> http://www.security-database.com/toolswatch/Building-your-own-malware-lab-Part.html ** SpiderLabs Toolset for Pentesting ** by Tools Tracker Team - 7 March 2010 SpiderLabs has developed dozens of tools over the years. Most of them end up as internal-only tools since they eventually make their way into one of Trustwave's product offerings. Recently, we have decided to showcase some of these tools and provide them as Open Source to the information security community. The tools have been made available without warranty and are available under the GNU General Public License as published by the Free Software Foundation. ackack : A program to monitor (...) -> http://www.security-database.com/toolswatch/SpiderLabs-Toolset-for-Pentesting.html ** FireCAT v1.6 updated with 2 new extensions ** by Tools Tracker Team - 7 March 2010 FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners. New extensions: Category Network utilities -> Passwords: Fireforce - The bruteforce attacks firefox extension ( http://www.scrt.ch/pages_en/fireforce.html) Category IT (...) -> http://www.security-database.com/toolswatch/FireCAT-v1-6-updated-with-2-new.html ** NeoPwn : The first network auditing distribution for mobile phone released ** by Tools Tracker Team - 7 March 2010 The NeoPwn Mobile Pentesting project is proud to announce that it is merging with BackTrack, to produce the first ever BackTrack Mobile suite! The migration of the NeoPwn project will give way to a sharp development team, focused on fully supporting the Nokia N900 mobile phone. Future plans of the project will extend support for other mobile devices as they become compatible. This is an exciting leap from the original project, as there are incredible improvements in hardware, usability and (...) -> http://www.security-database.com/toolswatch/NeoPwn-The-first-network-auditing.html ** Samurai Web Testing Framework 0.8 available ** by Tools Tracker Team - 7 March 2010 The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test. Starting with reconnaissance, we have included tools such as the Fierce (...) -> http://www.security-database.com/toolswatch/Samurai-Web-Testing-Framework-8.html ** Airtun-ng available with AirCrack-ng package ** by Tools Tracker Team - 7 March 2010 Airtun-ng is a virtual tunnel interface creator. There are two basic functions: Allow all encrypted traffic to be monitored for wireless Intrusion Detection System (wIDS) purposes. Inject arbitrary traffic into a network. In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as snort. Traffic injection can be (...) -> http://www.security-database.com/toolswatch/Airtun-ng-available-with-AirCrack.html ** DB Audit v4.2.25 released ** by Tools Tracker Team - 7 March 2010 DB Audit Expert is a professional database auditing solution for Oracle, Sybase, DB2, MySQL and Microsoft SQL Server. DB Audit Expert enables database and system administrators, security administrators, auditors and operators to track and analyze any database activity including database security, access and usage, data creation, change or deletion. What makes DB Audit really unique is its built-in support for multiple auditing methods giving you the flexibility to choose the best fit for (...) -> http://www.security-database.com/toolswatch/DB-Audit-v4-2-25-released.html ** Websecurify v0.5 Final ** by ToolsTracker - 6 March 2010 Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others. More information: here Changelog Improved user interface. The workspace window now has an Issue view which provides detailed information on each finding. (...) -> http://www.security-database.com/toolswatch/Websecurify-v0-5-Final.html Regards Security-Database Team ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Tools Update - Second week of March 2010 SD List (Mar 15)