DotDotPwn is a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module. It’s written in perl programming language and can be run either under *NIX or Windows platforms. Fuzzing modules supported in this version are – HTTP – HTTP URL – FTP – TFTP – Payload (Protocol independent) – STDOUT

Download
http://www.intrudefense.com.mx/dotdotpwn-v3.0.tar.gz
http://www.brainoverflow.org/code/dotdotpwn-v3.0.tar.gz

Sample usage:

HTTP:

perl ddpwn.pl -http website.com

FTP:

perl ddpwn.pl -ftp ftphost.com

Commands
http://pastebin.com/n25dyQQN

Download Files
http://technicdynamic.com/wp-content/uploads/2012/01/verizon.zip

The files can be copied and pasted on to the /var/www/ folder. Once that’s done, start Apache and MySQL from the services menu, and go type localhost to test it in a web browser.

Login to MySQL:
mysql -u root -p
Note: Default backtrack user/pass are root/toor
Create the database:
create database wpa2;
use wpa2;
create table content(key1 VARCHAR(64), key2 VARCHAR(64));

Do Not Track Plus is a free online privacy tool that makes it easy for anyone to see when they are being tracked online and stop being profiled by social networks, large advertisers, and data collection companies, including Google and Facebook.

Features of Do Not Track Plus

Stop advertisers from knowing everything they do online, including site visits, shopping interests, hobbies, clicks, and geographic location
See how they’re being tracked on millions of websites
Block a growing list of 580 different tracking technologies and more than 200 tracking companies
Improve web page load times by up to 4x
Block social tracking while still being able to voluntarily use social-sharing buttons, a feature that’s exclusive to DNT+
Keep a running count of who’s tracking them with DNT+’s block counter
Browse in true privacy, far beyond what built-in “private browsing modes” offer.

Download
http://www.donottrackplus.com/downloading.php?utm_campaign=http://www.net-security.org/secworld.php?id=12380&utm_source=organic

Browser forensic tool, is a software that will search in all kind of browser history (even archived) in a few seconds.It will retrieve URLS and Title with the chosen keywords of all matching search.You can use default example profiles or create yours, with thematic search.

Download
http://unremote.org/downloads/BrowserForensicTool.zip

Features
--------
- OWASP Testing Guide-oriented: owtf will try to classify the findings as closely as possible to the OWASP Testing Guide
- Report updated on the fly: As soon as each plugin finishes or sometimes before (i.e. after each vulnerability scanner finishes)
- "Scumbag spidering": Instead of implementing yet another spider (a hard job), owtf will scrub the output of all tools/plugins run to gather as many URLs as possible. This is somewhat "cheating" but tremendously effective since it combines the results of different tools, including several tools that perform brute forcing of files and directories.
- Resilience: If one tool crashes owtf will move on to the next tool/test, saving the partial output of the tool until it crashed
- Easy to configure: config files are easy to read and modify
- Easy to run: No strange parameters, DB setup requirements, libraries, complex dependencies, etc
- Full control of what tests to run, interactivity and hopefully easy to follow examples and help :)
- Easy to review trasaction log and plain text files with URLs, simple for scripting
- Basic Google Hacking without (annoying) API Key requirements via "blanket searches", trying a bunch of operators at once, you can then narrow the search down if you find something interesting.
- Easy to extract data from the database to parse or pass to other tools: They are all text files

Download
https://github.com/7a/owtf/tree/master/releases

General configuration: Tool locations, Icons for review, Default settings, etc

owtf_dir/profiles/general/default.cfg

Defines how tools will be run + external links to useful resources and online tools

owtf_dir/profiles/resources/default.cfg

Defines the order in which web plugins will be run

owtf_dir/profiles/web_plugin_order/default.cfg

Internal framework configuration:

owtf_dir/framework/config/framework_config.cfg

Details:
========
1.1
A SQL Injection vulnerability is detected on the official website of Indianapolis Superbowl 2012 (US).
Remote attackers can execute own sql commands via remote orber by sql injection.

Vulnerable Modul(s):
[+] downloadRelease.php?id=

1.2
A blind SQL Injection vulnerability is detected on the official website of Indianapolis Superbowl 2012 (US).
Remote attackers can execute own sql commands via remote blind sql injection.

Vulnerable Modul(s):
[+] event-detail/?id=



by
Alexander Fuchs (f0x23)

Androguard (Android Guard) is a tool written in python which helps us to analyze, display, modify and save your apps easily and statically by creating your own software (by using the API), or by using the tool (androlyze) in command line. This tool is useful when you would like to do reverse engineering on a specific application (e.g : malware).

Download
http://code.google.com/p/androguard/downloads/list

Securing Android: Think outside the box
Interview with Joe Sullivan, CSO at Facebook
White hat shellcode: Not for exploits
Using mobile device management for risk mitigation in a heterogeneous environment
Metasploit: The future of penetration testing with HD Moore
Using and extending the Vega open source web security platform
Next-generation policies: Managing the human factor in security

Download PDF
http://www.net-security.org/dl/insecure/INSECURE-Mag-33.pdf

Tech Gyan: Exploiting Remote System without Being Online
This paper demonstrates unique kind of communication technique between attacker machine and victim machine during the exploitation of any victim system. Usually, while an attacker exploits the remote system and gets the remote command prompt (remote shell), attacker is only able to execute commands till the session from the remote machine is opened (established). While exploiting the system in a normal way, attacker and the victim system both should be online, if attacker wants to execute some commands in remote machine (Victim Machine).
Legal Gyan: Liability of Intermediaries under the Information Technology Act
Recently Delhi high court has summoned Google, Facebook and Twitter to remove objectionable content from their website within the prescribed time period failing to which may result into blocking of the websites in India. I will be a fool to copy this from pentestit. So the question which triggers is What is the liability of the intermediaries like Google, Facebook and Twitter under Indian law?
Tool Gyan: Cain and Abel – The Black Art of ARP Poisoning
Cain and Abel is windows based password recovery tool available as a freeware and maintained by Massimiliano Montoro. It supports wide features to recover passwords varying from Local Area Network to various routing protocols as well as provides intelligent capability to recover cached passwords and encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks.
Matriux Vibhag: Introduction to Skipfish
Skipfish is an active web application security reconnaissance tool written and maintained by Michal Zalewski (@lcamtuf). Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under Arsenal ->Framework -> Skipfish
Mom’s Guide: Firewall 101
Today we are exposed to innumerable threats online. Firewalls act as the first line of defense for securing our network against these threats. Firewall could be a program or a device or group of devices used to control the traffic flow. The basic principle that Firewall uses to control this communication is ‘Access Rules’. It maintains an access rule table and every time a packet comes in or goes out, Firewall refers to this table. It only allows authorized traffic and blocks the unwanted packets.

Download PDF
http://chmag.in/issue/feb2012.pdf

Wifi Protector protects our phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via “Man In The Middle” through ARP spoofing / ARP poisoning.

Download
https://market.android.com/details?id=com.gurkedev.wifiprotector

Hydra is best for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.

Download
http://www.thc.org/releases/hydra-7.2-src.tar.gz

It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP.

Download
http://www.nullsecurity.net/tools/trixd00r-0.0.1.tar.gz

YOU CAN
– Inspect your Wi-Fi and surrounding networks
– Scan and filter hundreds of nearby access points
– Troubleshoot competing access points and clogged Wi-Fi channels
– Highlight access points for areas with high Wi-Fi concentration
– Track the strength of received signals in dBm over time
– Sort results by MAC Address, SSID, Channel, RSSI, Time Last Seen
– Export Wi-Fi and GPS data to a KML file in Google Earth

Download
http://www.metageek.net/products/inssider/download/

The Sandcat Browser is a freeware, portable, penetration testing oriented, multi-tabbed web browser that supports extensions. It is built on top of the Chromium engine, that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support. It practically is the fastest web browser combined with the fastest scripting language in the world packed with features for pen-testers! Lua is a powerful, fast, lightweight, embeddable scripting language that combines simple procedural syntax with powerful data description constructs based on associative arrays and extensible semantics.

Download
http://www.syhunt.com/?n=Sandcat.Browser

IronWASP is a Iron Web application Advanced Security testing Platform an open source system for web application vulnerability testing.

Requirement for using IronWASP
.NET 2.0

Download :
https://ironwasp.org/ironwasp.zip

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.

Download
http://www.apache.org/dyn/closer.cgi/shiro/1.2.0/shiro-root-1.2.0-source-release.zip

Info
http://shiro.apache.org/10-minute-tutorial.html

CODE 2600 will be screened at the Camera 12 Theatre, located at 201 South Second Street, San Jose, CA 95113.

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization

Download
http://sourceforge.net/projects/ani-shell/

login : lionaneesh
pass : lionaneesh