PenTBox – Penetration Testing Security Suite

PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems. Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works.

It is free, licensed under GNU/GPLv3.

PenTBox Contains

Cryptography tools

  • Base64 Encoder & Decoder
  • Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512)
  • Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512)
  • Secure Password Generator
  • Files en/decryptor Rijndael (AES) 256 bits – GOST – ARC4

Network tools

  • TCP Flood DoSer
  • TCP Flood AutoDoSer
  • Spoofed SYN Flood DoSer [nmap - hping3]
  • Port scanner
  • Honeypot
  • PenTBox Secure Instant Messaging

Extra

  • L33t Sp3@k Converter
  • Fuzzer

An updated list of tools can be found here.

You can download PenTBox v1.3.2 here:

Windows version (Ruby included) – pentbox_1.3.2_win.zip
Linux version – pentbox_1.3.2.tar

Or read more here.

Labels: , , , , , , , , ,

Flint – Web-based Firewall Rule Scanner

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:

  • CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
  • ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
  • SANITY CHECK CHANGES to see if new rules create problems.

Flint is absolutely free. There’s no catch. You can download the source from the git repository. This isn’t the “play at home” version; it’s their second product, and they want to do it open source.

Why You Need Flint

You have multiple firewalls protecting internal networks from the Internet and controlling access to customer data. Your business changes, and so do your firewalls, and not always at the same time. Firewalls can get out of step with policies.

Everybody makes mistakes. To understand a firewall configuration, you have to read hundreds of configuration lines, and then you have to think like a firewall does. People aren’t good at thinking like firewalls. So most firewalls are riddled with subtle mistakes. Some of those mistakes can be expensive:

  • INSECURE SERVICES might be allowed through the firewall, preventing it from blocking attacks.
  • LAX CONTROLS ON DMZs may expose staging and test servers.
  • FIREWALL MANAGEMENT PORTS may be exposed to untrusted networks.
  • REDUNDANT FIREWALL RULES may be complicating your configuration and slowing you down.

You can download Flint here:

VMWare Virtual Machine – FlintVM-current.zip
OVF Virtual Machine – FlintVM-current.ovf.zip
Source – flint-current.tgz

Or read more here.

Labels: , , , , , , , ,

skipfish – Automated Web Application Security Reconnaissance Tool

The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, Google has released projects such as ratproxy, a passive security assessment tool.

The latest is they have announced a new tool called skipfish – a free, open source, fully automated, active web application security reconnaissance tool.

Key Features

  • High speed: written in pure C, with highly optimized HTTP handling and a minimal CPU footprint, the tool easily achieves 2000 requests per second with responsive targets.
  • Ease of use: the tool features heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
  • Cutting-edge security logic: we incorporated high quality, low false positive, differential security checks capable of spotting a range of subtle flaws, including blind injection vectors.

The tool is believed to support Linux, FreeBSD 7.0+, MacOS X, and Windows (Cygwin) environments.

You can download skipfish here:

skipfish-1.10b.tgz

Or read more here.

Labels: , , , ,

OWASP CodeCrawler – Static Code Review Tool

CodeCrawler is a tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. It’s a Microsoft .NET 3.5 Windows Form application which supports the OWASP Code Review Project.

It provides automatic STRIDE classification a very simple DREAD calculator and few minor utilities. Direct links to WAST 2.0 Threat Classification, Secure Java Development Guidelines and OWASP Tools are also part of the package.

Requirements

  • .NET Framework 3.5 (Service Pack 1)
  • Visual Studio 2008
  • Windows Platform

You can download CodeCrawler here:

CODECRAWLER_2.5_RELEASE.zip

Or read more here.

Labels: , , , , , , , , ,

Vicnum – Lightweight Vulnerable Web Application

Vicnum is a flexible and vulnerable web application which demonstrates common web security problems such as cross site scripting, sql injections, and session management issues. The program is especially useful to IT auditors honing web security skills and setting up ‘capture the flag’ type exercises.

Being a small web application with no complex framework involved, Vicnum can easily be invoked and tailored to meet a specific need. For example if a test vulnerable application is needed in evaluating a web security scanner or a web application firewall, you might want to control a target web application to see what the scanner can find and what the firewall can protect.

Ultimately the major goal of this project is to strengthen security of web applications by educating different groups (students, management, users, developers, auditors) as to what might go wrong in a web app. And of course it’s OK to have a little fun.

The guessing part of the game itself is quite fun too, there’s an online version of Vicnum hosted here:

http://vicnum.ciphertechs.com/

I can guess the number correctly with 1 try every time (that’s an easy one), also got an SQL injection to dump out all the scores recorded. Seeing what else can be done now.

It’s actually quite a fun one to play around with.

You can download Vicnum v1.4 here:

VMvicnum14.zip

Or read more here.

Labels: , , , , , , ,

WebRaider – Automated Web Application Exploitation Tool

WebRaider is a plugin based automated web application exploitation tool which focuses to get a shell from multiple targets or injection point.

Idea of this attack is very simple. Getting a reverse shell from an SQL Injection with one request without using an extra channel such as TFTP, FTP to upload the initial payload.

  • It’s only one request therefore faster,
  • Simple, you don’t need a tool you can do it manually by using your browser or a simple MITM proxy,
  • Just copy paste the payload,
  • CSRF(able), It’s possible to craft a link and carry out a CSRF attack that will give you a reverse shell,
  • It’s not fixed, you can change the payload,
  • It’s short, Generally not more than 3.500 characters,
  • Doesn’t require any application on the target system like FTP, TFTP or debug.exe,
  • Easy to automate.

Dependencies

Internally WebRaider uses Metasploit. The authors use a specific version of Metasploit, they trimmed the fat from Metasploit to launch it faster and make it smaller. You can change the paths and make it work with the latest Metasploit of your own setup.

Also note due to the reverse shells and Metasploit components this software will be detected a virus by AV software.

You can download WebRaider here:

WebRaider-0.2.3.8.zip

Or read more here.

Labels: , , , , , , , , ,

SAHI – Web Automation & Application Security Testing Tool

Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.

Sahi is a tester friendly tool. It abstracts out most difficulties that testers face while automating web applications. Some salient features include excellent recorder, platform and browser independence, no XPaths, no waits, multi-threaded playback, excellent Java interaction and inbuilt reporting.

Features

  • Browser and Operating System independent
  • Powerful recorder which works across browsers
  • Powerful Object Spy
  • Intuitive and simple APIs
  • Javascript based scripts for good programming control
  • Version Controllable text-based scripts
  • In-built reports
  • In-built multi-threaded or parallel playback of tests
  • Tests do not need the browser window to be in focus
  • Command line and ant support for integration into build processes
  • Supports external proxy, HTTPS, 401 & NTLM authentications
  • Supports browser popups and modal dialogs
  • Supports AJAX and highly dynamic web applications
  • Scripts very robust
  • Works on applications with random auto-generated ids
  • Very lightweight and scalable
  • Supports data-driven testing. Can connect to database, Excel or CSV file.
  • Ability to invoke any Java library from scripts

Limitations

  • Framesets/pages with frames/iframes loading pages from multiple domains is not supported. Sahi cannot handle pages which have other pages from different domains embedded in them using iframes or frames. So you cannot have a page from google.com having an iframe with a page from yahoo.com. Note that this is not the same as switching between domains, where you navigate from a google.com page to a yahoo.com page, which will work in Sahi.
  • File upload field will not be populated on browsers for javascript verification. File upload itself works fine

You can download SAHI here:

sahi_20100302.zip

Or read more here.

Labels: , , , , , , , ,

Ncrack – High Speed Network Authentication Cracking Tool

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients.

Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more.

Ncrack was started as a “Google Summer of Code” Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool, be sure to read the Ncrack man page to fully understand Ncrack usage.

You can download Ncrack ALPHA here:

Tarball: ncrack-0.01ALPHA.tar.gz
Windows Binary: ncrack-0.01ALPHA-setup.exe

Or read more here.

Labels: , , , , , ,

Web Security Dojo – Training Environment For Web Application Security

Web Security Dojo is a free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo

What?
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v9.10.

Why?

The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started – tools, targets, and documentation.

Web Security Dojo currently contains:

Targets –

  • OWASP’s WebGoat v5.2
  • Damn Vulnerable Web App v1.0.6
  • Hacme Casino v1.0
  • OWASP InsecureWebApp v1.0
  • Simple training targets by Maven Security (including REST and JSON)

Tools -

  • Burp Suite (free version) v1.3
  • w3af cvs version
  • OWASP Skavengerv0.6.2a
  • OWASP Dirbuster v1.0 RC1
  • Paros v3.2.13
  • Webscarab v20070504-1631
  • Ratproxy v1.57-beta
  • sqlmap v0.7
  • Helpful Firefox add-ons

You can download Web Security Dojo here:

VMWare image – dojo_v1.0-vmware.zip
VirtualBox image – dojo_v1.0-virtualbox.zip

Or read more here.

Labels: , , , , , , , ,
Subscribe to: Posts (Atom)