Wednesday, 13. July 2011
Loki: An Open Source Layer 3 Packet Generating and Attacking Python Framework
When we speak of layer 3, the Network Layer, a very few tools have the power or the capability to support all the support protocols for packet generation and attack. To name a few, we have tools like Cain & Abel, Scapy, Yersinia and HPING. Yersinia and Scapy being our favourites, they need a bit of knowledge before being set up. Enter Loki, a Python based GUI framework implementing many packet generation and attack modules for Layer 3 protocols

Download
http://www.ernw.net/content/e6/e180/index_eng.html

Permalink

 


UPDATE: WPScan v1.0!
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, …)

Download
http://code.google.com/p/wpscan/downloads/list

Link
http://securityxploit.blogger.de/stories/1853410/

Permalink

 


CentOS 6.0
We haven’t yet covered operating systems as a part of PenTestIT. However, we are thinking that we should start covering operating system/kernel/application updates too. Starting with CentOS, that has released its new and improved operating system CentOS 6.0 for i386 and x86_64 architectures.

It is based on the upstream release EL 6.0 and includes packages from all variants. All upstream repositories have been combined into one, to make it easier for end users to work with.

Download
http://www.centos.org/modules/tinycontent/index.php?id=30

Permalink

 


Bokken - Linux
Bokken was recently introduced in Inguma penetration toolkit (version 0.3 to be precise!). Now, it has also been released as a stand-alone tool for malware analysis. In actuality, Bokken is a GUI for the pyew tool. So, you know that it can do all that pyew can, with a nice user interface.

Download
http://bokken.inguma.eu/projects/bokken/files

Permalink

 


Inguma 0.4 - Linux
Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits.

While the current exploitation capabilities in Inguma may be limited, this program provides numerous tools for information gathering and target auditing. Inguma is still being heavily developed so be sure to stay current and check back for news and updates.

Download
http://inguma.eu/projects/inguma/files

Permalink

 


Mitigating Software Vulnerabilities
How exploit mitigation technologies can help reduce or eliminate risk, prevent attacks and minimize operational disruption due to software vulnerabilities

Download PDF
http://www.microsoft.com/downloads/info.aspx?na=41&srcfamilyid=3fec5647-f58b-4443-9ead-eb219f4bf31d&srcdisplaylang=en&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f5%2f0%2f5%2f505646ED-5EDF-4E23-8E84-6119E4BF82E0%2fMitigating_Software_Vulnerabilities.pdf

Permalink

 


ClubHack Magazine - July 2011
Topics of interest include, but not limited to:-
Mobile (Cellular), VOIP Exploitation and Security
Firewall Evasion Techniques
Malware Attacks
Sniffing
Forensics
Protocol Security and Exploitation

ClubHack Magazine has as different sections:

1.Tech Gyan - Main article of the magazine. Covers various technical aspects
in security, latest hacking trends and techniques.
2. Tool Gyan - Covers various hacking and security tools.
3. Mom's Guide - Dedicated to common man. Covers basics and fundamentals.
4. Legal Gyan - IT Law with respect to hacking explained in simple language.
5. Matriux Vibhag - Articles on Matriux Security Distro.

Download PDF
http://chmag.in/issue/jul2011.pdf

Permalink

 


ZeuS trojan attacks Android
Several AV vendors report that, after targeting Symbian, BlackBerry and Windows Mobile devices, a variant of the ZeuS online banking trojan now also infects Android smartphones and will upload any TANs that arrive via SMS text message to a server. If they have control of victims' PCs as well as their smartphones, criminals are then able to bypass the mobile TAN system and make fraudulent transactions from their victims' accounts.

According to Kaspersky, the Android variant of ZeuS-in-the-Mobile (ZitMo) is more simple than the version for Symbian, which appeared in September 2010, and the Windows variant that followed. ZitMo for Android does not require any digital certificates and is injected by manual download of an alleged security extension from a company called Trusteer. Once installed, the trojan masquerades as an online banking activation app.

While this means that a variant of the ZeuS trojan now exists for most modern mobile and open platforms, there is no need for users to panic. For example, in none of the cases can the malware be injected into a device via a security hole when visiting a web page. Criminals always need to persuade users, in more or less ingenious ways, to download and install a specially crafted file onto their smartphones. Users who are certain that they won't fall for such tricks can continue to live without a virus scanner for their smartphones.

Permalink

 


Exploit & Vulnerability Search Engine
online search for currently utilizing data from NVD, OSVDB, SecurityFocus, Exploit-DB, Metasploit, Nessus, OpenVAS, and PacketStorm.Well search engine does the work but this is a specific search engine for better results.

Source:
http://www.exploitsearch.net/

Permalink

 


WPSCAN - WordPress Security & vulnerability Scanner Linux
Details

Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)

Download
http://code.google.com/p/wpscan/
http://wpscan.googlecode.com/svn/trunk/



Permalink

 


GMER - Automating Rootkit Analyzer
GMER is an application that detects and removes rootkits .

Download:
http://www.gmer.net/#files

Permalink

 


Windows x64 Shellcode
Contents

Introduction
RIP-Relative Addressing
API Lookup Overview
API Lookup Demo
The Code
Building
Testing
Comments
Mitigations

Source:
http://mcdermottcybersecurity.com/articles/windows-x64-shellcode

Permalink