... neuere Einträge
Thursday, 24. November 2011
X-Scan
Am Thursday, 24. Nov 2011 im Topic 'Pentest'
X-Scan is a general scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-Scan feature include in the following: service type, remote OS type and version detection, weak user/password pair, and all of the nessus attack scripts combination.
Create: 2005-07-18
http://xfocus.org/programs/200507/X-Scan-v3.3-en.rar
Create: 2005-07-18
http://xfocus.org/programs/200507/X-Scan-v3.3-en.rar
Malware Analysis
Am Thursday, 24. Nov 2011 im Topic 'Malware Search'
Malbox is a Online service for malware analysis. Submit your Windows executable(*.exe) or compressed(*.zip)
http://malbox.xjtu.edu.cn/
Anubis is a service for analyzing malware.
Submit your Windows executable and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.
http://anubis.iseclab.org/
netscty malware analysis tool is a "Sandbox" used for testing suspicious software (binaries) in a controlled environment. Wikipedia refers to a sandbox as "a security mechanism for separating running programs. Some Sandboxes are used to execute untested code, or un-trusted programs from unverified third-parties, suppliers and un-trusted users."
Capable File Extensions to upload:
http://www.netscty.com/Services/Sandbox
Wepawet is a framework for the analysis of web-based threats.
Wepawet is able to determine if visiting a web page would lead to an attempt to compromise the visitor's environment.
http://wepawet.iseclab.org/index.php
Eureka is a binary static analysis preparation framework. It implements a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing. Eureka incorporates advanced API deobfuscation capabilities to facilitate the structural analysis of the underlying malware logic. For each uploaded binary, the Eureka service will attempt to unpack and (for Eureka I, disassemble; for Eureka II (not yet available), decompile) the binary, and will produce an annotated callgraph, subroutine/data index page, strings summary, and a list of embedded DNS entries.
http://eureka.cyber-ta.org/
PDF X-RAY is a PDF scanner that will try and classify if a suspicious PDF is malicious or not. It does this using a number of different data sources, statistical analysis and comparisons of collected malware samples based on months of research. PDF X-RAY will provide more detailed results compared to a traditional anti-virus because it compares the uploaded sample to other known malicious documents.
https://www.pdfxray.com/
JSUNPACK
A Generic JavaScript Unpacker
Upload a PDF, pcap, HTML, or JavaScript file
http://jsunpack.jeek.org/dec/go
HTTP Web-Sniffer 1.0.37
View HTTP Request and Response Header
http://web-sniffer.net/
GFI Sandbox™ (formerly CWSandbox) is an industry leading dynamic malware analysis tool. It gives you the power to analyze virtually any Windows application or file including infected: Office documents, PDF's, malicious URL's and Flash ads.
Once you submit your sample below we will email you an executive level PDF and an XML report containing all the behavior information gathered during analysis.
http://www.threattrack.com/
COMODO
If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, COMODO Automated Analysis System will scan it and report back its findings.
http://camas.comodo.com/
MWAnalysis
You may also use our mail submission feature. To use this service, please send an email to mwsubmit@mwanalysis.org and attach the a ZIP file containing the files you want to analyse. The ZIP file can be password-protected using the password 'infected'. The links to the corresponding reports will be sent to the sender's e-mail address.
ZIP packed files can also be submitted, if the password is 'infected'. A maximum of 50 files per ZIP is allowed.
http://mwanalysis.org/?site=1&page=submit
ThreatExpert Free Online File Scanner
If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, ThreatExpert will scan it and report back its findings.
http://www.threatexpert.com/filescan.aspx
malware tracker
PDF Examiner
View PDF objects as hex/text, PDF dissector and inspector, scan for known exploits (CVE-2007-5659, CVE-2009-0927, CVE-2008-2992, CVE-2009-4324, CVE-2009-3954, CVE-2009-3953, CVE-2009-3959, CVE-2009-1493, CVE-2010-0188, CVE-2010-1297, CVE-2010-2883, CVE-2010-3654, CVE-2010-4091, CVE-2011-0609, CVE-2011-0611 and embedded /Action commands), process PDF compression (FlateDecode, ASCIIHexDecode, LZWDecode, ASCII85Decode, RunLengthDecode), encryption (40+128 bit RC4, 128 bit AESV2), and obfuscation (unicode, Hex, fromCharCode)
http://www.malwaretracker.com/pdf.php
malware tracker
Shellcode Analysis
Unpack and analyze shellcode. Paste hex of shellcode.
http://www.malwaretracker.com/shellcode.php
Exe_Dump_Utility
See what's inside an EXE file or DLL
http://utilitymill.com/utility/Exe_Dump_Utility
Shellcode 2 EXE
See what's inside an EXE file
http://sandsprite.com/shellcode_2_exe.php
NSI Sandbox
Our malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers. Once you upload your potential malware sample to be analyzed a custom report will be generated for you. Upon completion of the analysis, an e-mail will be sent back to you in a PDF format. The report will outline the activity generated and observed once the file is executed within our controlled environment.
Ether
Malware Analysis via Hardware Virtualization Extensions
http://ether.gtisc.gatech.edu/web_unpack
viCHECK
We can accept any type of file including executables, documents, spreadsheets, presentations, compiled help files, database packages, PDF, images, emails, or archives. You can also submit a file from a remote web address.
https://www.vicheck.ca/
Xandora
Your Online Binary Analyzer
http://www.xandora.net/upload/
Norman SandBox
http://www.norman.com/security_center/security_tools/
GFI Sandbox
http://www.threattrack.com/
Zulu URL Risk Analyzer
Zulu is a dynamic risk scoring engine for web based content. For a given URL, Zulu will retrieve the content and apply a variety of checks in three different categories:
Content Checks – Inspection of page content to identify potentially malicious code in a variety of categories
URL Checks – Inspection of the full URL to identify malicious patterns and check the URL/FQDN/TLD against third party and Zscaler block lists
Host Checks – IP, DNS and netblock reputation checks
http://zulu.zscaler.com/
http://malbox.xjtu.edu.cn/
Anubis is a service for analyzing malware.
Submit your Windows executable and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.
http://anubis.iseclab.org/
netscty malware analysis tool is a "Sandbox" used for testing suspicious software (binaries) in a controlled environment. Wikipedia refers to a sandbox as "a security mechanism for separating running programs. Some Sandboxes are used to execute untested code, or un-trusted programs from unverified third-parties, suppliers and un-trusted users."
Capable File Extensions to upload:
http://www.netscty.com/Services/Sandbox
Wepawet is a framework for the analysis of web-based threats.
Wepawet is able to determine if visiting a web page would lead to an attempt to compromise the visitor's environment.
http://wepawet.iseclab.org/index.php
Eureka is a binary static analysis preparation framework. It implements a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing. Eureka incorporates advanced API deobfuscation capabilities to facilitate the structural analysis of the underlying malware logic. For each uploaded binary, the Eureka service will attempt to unpack and (for Eureka I, disassemble; for Eureka II (not yet available), decompile) the binary, and will produce an annotated callgraph, subroutine/data index page, strings summary, and a list of embedded DNS entries.
http://eureka.cyber-ta.org/
PDF X-RAY is a PDF scanner that will try and classify if a suspicious PDF is malicious or not. It does this using a number of different data sources, statistical analysis and comparisons of collected malware samples based on months of research. PDF X-RAY will provide more detailed results compared to a traditional anti-virus because it compares the uploaded sample to other known malicious documents.
https://www.pdfxray.com/
JSUNPACK
A Generic JavaScript Unpacker
Upload a PDF, pcap, HTML, or JavaScript file
http://jsunpack.jeek.org/dec/go
HTTP Web-Sniffer 1.0.37
View HTTP Request and Response Header
http://web-sniffer.net/
GFI Sandbox™ (formerly CWSandbox) is an industry leading dynamic malware analysis tool. It gives you the power to analyze virtually any Windows application or file including infected: Office documents, PDF's, malicious URL's and Flash ads.
Once you submit your sample below we will email you an executive level PDF and an XML report containing all the behavior information gathered during analysis.
http://www.threattrack.com/
COMODO
If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, COMODO Automated Analysis System will scan it and report back its findings.
http://camas.comodo.com/
MWAnalysis
You may also use our mail submission feature. To use this service, please send an email to mwsubmit@mwanalysis.org and attach the a ZIP file containing the files you want to analyse. The ZIP file can be password-protected using the password 'infected'. The links to the corresponding reports will be sent to the sender's e-mail address.
ZIP packed files can also be submitted, if the password is 'infected'. A maximum of 50 files per ZIP is allowed.
http://mwanalysis.org/?site=1&page=submit
ThreatExpert Free Online File Scanner
If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, ThreatExpert will scan it and report back its findings.
http://www.threatexpert.com/filescan.aspx
malware tracker
PDF Examiner
View PDF objects as hex/text, PDF dissector and inspector, scan for known exploits (CVE-2007-5659, CVE-2009-0927, CVE-2008-2992, CVE-2009-4324, CVE-2009-3954, CVE-2009-3953, CVE-2009-3959, CVE-2009-1493, CVE-2010-0188, CVE-2010-1297, CVE-2010-2883, CVE-2010-3654, CVE-2010-4091, CVE-2011-0609, CVE-2011-0611 and embedded /Action commands), process PDF compression (FlateDecode, ASCIIHexDecode, LZWDecode, ASCII85Decode, RunLengthDecode), encryption (40+128 bit RC4, 128 bit AESV2), and obfuscation (unicode, Hex, fromCharCode)
http://www.malwaretracker.com/pdf.php
malware tracker
Shellcode Analysis
Unpack and analyze shellcode. Paste hex of shellcode.
http://www.malwaretracker.com/shellcode.php
Exe_Dump_Utility
See what's inside an EXE file or DLL
http://utilitymill.com/utility/Exe_Dump_Utility
Shellcode 2 EXE
See what's inside an EXE file
http://sandsprite.com/shellcode_2_exe.php
NSI Sandbox
Our malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers. Once you upload your potential malware sample to be analyzed a custom report will be generated for you. Upon completion of the analysis, an e-mail will be sent back to you in a PDF format. The report will outline the activity generated and observed once the file is executed within our controlled environment.
Ether
Malware Analysis via Hardware Virtualization Extensions
http://ether.gtisc.gatech.edu/web_unpack
viCHECK
We can accept any type of file including executables, documents, spreadsheets, presentations, compiled help files, database packages, PDF, images, emails, or archives. You can also submit a file from a remote web address.
https://www.vicheck.ca/
Xandora
Your Online Binary Analyzer
http://www.xandora.net/upload/
Norman SandBox
http://www.norman.com/security_center/security_tools/
GFI Sandbox
http://www.threattrack.com/
Zulu URL Risk Analyzer
Zulu is a dynamic risk scoring engine for web based content. For a given URL, Zulu will retrieve the content and apply a variety of checks in three different categories:
Content Checks – Inspection of page content to identify potentially malicious code in a variety of categories
URL Checks – Inspection of the full URL to identify malicious patterns and check the URL/FQDN/TLD against third party and Zscaler block lists
Host Checks – IP, DNS and netblock reputation checks
http://zulu.zscaler.com/
Sql Injection In Bt5 R1 With Sqlmap.Py
Am Thursday, 24. Nov 2011 im Topic 'Tutorials'
SQL Injection in BT5 R1 from Anti-CyberMan on Vimeo.
Automatically detecting bugs and vulnerabilities in Linux
Am Thursday, 24. Nov 2011 im Topic 'Pentest'
Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may “embed” or “clone” code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library’s source or fork a copy of a library’s source.
Download
https://github.com/silviocesare/PackageCloneDetection
Download
https://github.com/silviocesare/PackageCloneDetection
Joomscan Security Scanner
Am Thursday, 24. Nov 2011 im Topic 'Pentest'
Joomscan Security Scanner updated recently with new database have 550 vulnerabilities. Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla web site. Last update for this tool was in August, 2009 with 466 vulnerabilities.
Download
http://web-center.si/joomscan/joomscan.rar
How to find the Joomla Vulnerability in Backtrack 5 Linux
Step 1: Moving to PenTest folder
Copy/Move the downloaded files in directory
/pentest/web/scanners/joomscan/
Step2: Set Permission
Now you have to set permission for the Joomscan file. In order to this, Type the following command in Terminal(if you don't know how to open terminal at all, please stop reading this and start it from basics of Linux).
CHMOD 0777 joomscan.pl
Step 3: Update
Update the scanner to latest version. To do this, enter the following command in Terminal:
./joomscan.pl update
Step 4: Scanning for Vulnerability
Now everything ok, we have to scan our joomla site for vulnerability. To do this, enter the following command in Terminal:
./joomscan.pl -u www.YourJoomlasite.com
Wait for a while, and it will list of the vulnerability found.
by BreakTheSec
Download
http://web-center.si/joomscan/joomscan.rar
How to find the Joomla Vulnerability in Backtrack 5 Linux
Step 1: Moving to PenTest folder
Copy/Move the downloaded files in directory
/pentest/web/scanners/joomscan/
Step2: Set Permission
Now you have to set permission for the Joomscan file. In order to this, Type the following command in Terminal(if you don't know how to open terminal at all, please stop reading this and start it from basics of Linux).
CHMOD 0777 joomscan.pl
Step 3: Update
Update the scanner to latest version. To do this, enter the following command in Terminal:
./joomscan.pl update
Step 4: Scanning for Vulnerability
Now everything ok, we have to scan our joomla site for vulnerability. To do this, enter the following command in Terminal:
./joomscan.pl -u www.YourJoomlasite.com
Wait for a while, and it will list of the vulnerability found.
by BreakTheSec
... ältere Einträge