Tuesday, 25. October 2011
Pentoo - Linux
Pentoo is a security-focused livecd based on Gentoo
It's basically a gentoo install with lots of customized tools, customized kernel, and much more..........
Kernel 2.6.31.6 with lzma and aufs patches
Wifi stack 2.6.32_rc7
Module loading support ala slax
Changes saving on usb stick
Enlightenment DR17 WM
Cuda/OPENCL cracking support with development tools
System updates if you got it finally installed

Download
http://mirror.switch.ch/ftp/mirror/pentoo/

Permalink

 


CAT
CAT is designed to facilitate manual web application penetration testing for more complex, demanding application testing tasks. It removes some of the more repetitive elements of the testing process, allowing the tester to focus on individual applications, thus enabling them to conduct a much more thorough test. Conceptually it is similar to other proxies available both commercially and open source, but CAT provides a richer feature set and greater performance, combined with a more intuitive user interface.

Download
http://cat.contextis.co.uk/cat/CAT_Beta_4.msi

Permalink

 


Monday, 24. October 2011
Bleeding Life 2 Exploit Pack - Linux
Black Hat Academy releases Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java. You can read all about it, and download it for yourself. Statistics are kept based on exploit, browser, and OS version.

Download
http://www.blackhatacademy.org/security101/index.php?title=Bleeding_Life#Download

Permalink

 


Sunday, 23. October 2011
OpenVAS
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The powerful and comprehensive OpenVAS solution is available as Free Software and maintained on a daily basis.

Download
http://www.openvas.org/download.html

Permalink

 


Saturday, 22. October 2011
OSSAMS - Linux
The framework is going to be designed in a fashion similar to Metasploit, SNORT, or other systems that allow the security community to create plugins for new tasks as needed. The primary goal of OSSAMS is to normalize the data, there by allowing the security professional to better assess the current state of security for an organization.
Completed:
acunetix, burp, grendel, nessus, netsparker, nexpose community, nikto, nmap, ratproxy, retina community, skipfish, sslscan, w3af, wapiti, watcher, websecurify, zap.

Download
http://www.ossams.com/?page_id=46

Permalink

 


Wednesday, 19. October 2011
Zexplo - Linux
Zexplo is a python based Penetration Testing toolkit with simple and cool interface.
This first version of Zexplo has 6 enumeration modules for various network scanning operations such as zping, zarpcache, ztcpscan, znmapport etc and 1 exploit (filecopa). In addition to this it also has some exciting modules for man in the middle (MITM) attack and autopwn. You will also see tools such as Injector (inject modules into running process)and Encoder (with triple layer of XOR).


Download
http://securityxploded.net/getfile.php?file=Zexplo.zip

Permalink

 


Friday, 14. October 2011
Hcon’s Security Testing Framework
Specification :
1. Based on Chromium Source (iron build) version 14
2. more secure and Tracking free from Google & Stable then other Chromium based builds
3. Over 100 tools integration with very easy use interface
4. Tested and heavily modified tools suggestions contributed by professional pentesters , web developers , Security researchers
5. Free and open source
6. Totally Portable (no need to install) , you can carry it around in your usb , memory card etc.
7. Runs on all windows including windows - XP , VISTA , 7

Download
http://www.hcon.in/u...stf_0.1beta.exe

Permalink

 


Friday, 7. October 2011
REMnux - Linux
REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser.

Download
http://sourceforge.net/projects/remnux/files/version2/remnux-vm-public-2.0.zip/download
http://sourceforge.net/projects/remnux/files/version2/remnux-public-2.0-live-cd.iso/download

Permalink

 


Monday, 3. October 2011
PuttyHijack
PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.

The injected DLL installs hooks and creates a socket in guest operating system for a callback connection that is then used for input/output redirection.

PuttyHijack does not kill the current connection, and will cleanly uninject if the socket or process is stopped. Leaves no race for further analysis.

Download
http://www.insomniasec.com/tools/PuttyHijackV1.0.rar

Permalink

 


Whisker - Linux
Whisker is an advanced CGI vulnerability scanner. It is scriptable and has many good features, such as querying for system type and basing scans on the information gathered (ie, determining between IIS and Apache webservers)

Download
ftp://ftp.usa.openbsd.org/pub/OpenBSD/distfiles//whisker-2.1.tar.gz

Permalink