Complemento v0.6 – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool

What is Complemento?

Complemento is a collection of tools that the author originally created for his own personal toolchain for solving some problems or just for fun. Now he has decided to release it to the public.

LetDown is a TCP flooder written after the author read the article by fyodor entitled article “TCP Resource Exhaustion and Botched Disclosure“. It has an (experimental) userland TCP/IP stack, and support multistage payloads for complex protocols, fragmentation of packets and variable TCP window.

ReverseRaider is a domain scanner that uses brute force wordlist scanning for finding a target sub-domains or reverse resolution for a range of ip addresses. This is similar to some of the functionality in DNSenum. It supports permutation on wordlist and IPv6.

Httsquash is an HTTP server scanner, banner grabber and data retriever. It can be used for scanning large ranges of IP addresses and finding devices or HTTP servers (there is an alpha version of a GUI for this). It supports IPv6 and personalized HTTP requests.

Improvements for v0.6

LetDown:

  • New (experimental) userland TCP stack
  • Support for multistage payloads (for complex and stateful protocol, such as FTP, SMTP…)
  • Variable TCP Window size
  • Fragmentation of packets
  • Polite mode (ACK received packets and/or closing the connection with FIR or RST packets)

ReverseRaider:

  • Support for IPv6

HttSquash:

  • Support for IPv6

You can download Complemento v0.6 here:

complemento-0.6

Or read more here.

Labels: , ,

CeWL – Custom Word List Generator

It seems to be trendy lately to make tools which can create custom or more specific word lists for password cracking, just last week we posted about the web application The Associative Word List Generator (AWLG), which crawls the whole web to look for associated words with a given topic.

This application is more towards creating custom word lists from a specific domain by crawling it for unique words. Basically you give the application a spidering target website and it will collect unique words. The application is written in Ruby and is called CeWL, the Custom Word List generator. The app can spider a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.

IF you combine the info output by CeWL and AWLG with the standard wordlists for password cracking – you should have a fairly comprehensive set.

By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.

Version 2 of CeWL can also create two new lists, a list of email addresses found in mailto links and a list of author/creator names collected from meta data found in documents on the site. It can currently process documents in Office pre 2007, Office 2007 and PDF formats. This user data can then be used to create the list of usernames to be used in association with the password list.

Installation

CeWL needs the rubygems package to be installed along with the following gems:

  • http_configuration
  • mime-types
  • mini_exiftool
  • rubyzip
  • spider

You can download CeWL here:

cewl_2.0.tar.bz2

Or read more here.

Labels:

The Associative Word List Generator

About AWLG

The Associative Word List Generator (AWLG) is a tool that generates a list of words relevant to some subjects, by scouring the Internet in an automated fashion.

Inclusion Example: A search string including the words (without quotes): “steve carell” would give us a word list with lots of words associated with the actor Steve Carell. This includes all of the words from his MySpace page, words from the Wikipedia article on him, etc.

Exclusion Example: We know that Steve Carell is an actor for lots of things, including a show called “The Office”. A search string: “steve carell” with omissions: “office” and “michael scott” would find words from websites that mention Steve Carell, but do not mention the word “office”, “michael”, or “scott”.

Privacy policy

AWLG.org does not record any transmitted search strings or user information. AWLG.org does record statistical information such as total site usage, total number of words generated per search, etc.

You can get cracking with AWLG here:

http://awlg.org/index.gen

Labels:

OWASP (Open Web Application Security Project) Testing Guide v3

This project’s goal is to create a “best practices” web application penetration testing framework which users can implement in their own organizations and a “low level” web application penetration testing guide that describes how to find certain issues.

Version 3 of the Testing Guide was released in last month in December 2008, the project was part of the OWASP Summer of Code, started on April 2008 reviewing the version 2 and improving it.

OWASP Testing Guide v3 is a 349 page book; they have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity.

Each control has an OWASP name, so for example a SQL Injection is called: OWASP-DV-005, meaning that it is the 5th control of the Data Validation category. They got a dream team of 21 authors and 4 reviewers: after 6 months of hard work and great team work we realized the v3.

The Guide is a “live” document: the project always needs your feedback! Please join the testing mailing list and share your ideas here.

You can download OWASP Testing Guide v3 here:

OWASP_Testing_Guide_v3.pdf

Download the presentation here
Browse the Testing Guide v3 on the wiki here

Or read more here.

Labels: ,

WITOOL v0.1 – GUI Based SQL Injection

WITOOL is an graphical based SQL Injection Tool written in dotNET.

- For SQL Server, Oracle
- Error Base and Union Base

Interface


Features

  • Retrieve schema : DB/TableSpace, Table, Column, other object
  • Retrieve data : retrive paging, dump xml file
  • Log : View the raw data HTTP log

Environment

OS: Windows 2000/XP/VISTA
Requirement: Microsoft .NET(2.0) Library (Download Here).

You can download WITOOL v0.1 here:

WITOOL_V0.1_081231.zip

Or read more here.

Labels: , ,
Subscribe to: Posts (Atom)