Tuesday, 20. March 2012
Converter v0.3 - En-Decode
MD5: 9880C4D32103945D5244BD5286932602




Monday, 19. March 2012
Dnmap - Nmap Framework - Linux
Dnmap (distributed Nmap) is a framework to distribute nmap scans among several clients. It reads an already created file with nmap commands and send those commands to each client connected to it. The framework use a client/server architecture. The server knows what to do and the clients do it. All the logic and statistics are managed in the server. Dnmap stores the Nmap output on both server and client. The only caveat of this whole set up is lack security as the framework will inherently trust the client and will execute any Nmap command sent. So, if you want to protect this setup, you might as well have it secured via ACLs, etc. Yet, the Dnmap server is capable of fighting off command injection attacks.




scdbg - shellcode analysis application
scdbg is a shellcode analysis application built around the libemu emulation library. When run it will display to the user all of the Windows API the shellcode attempts to call.
Additions include:
100+ new api hooks, 5 new dlls, interactive debug shell, rebuilt PEB, support for file format exploits, support for return address scanners, memory monitor, report mode, dump mode, easily human readable outputs, log after xx capabilities, directory mode, inline analysis of process injection shellcode and more...
The simplest command line you can use is:

scdbg -f shellcode_file.sc

Where shellcode_file.sc is the raw shellcode in binary format.

An example of working with shellcode for a file format exploit might look like:

scdbg -f shellcode.sc -fopen bad.doc_ -s -1 -i




fbpwn - Java based Facebook social engineering framework
Fbpwn is a cross-platform Java based Facebook social engineering framework that you can use for send invitation for any account you just need to select user id, next when victim just accept the invitation it will start to download user profile information , users pictures account so it will do the following:

Dump friend list
Add all victim friends
Dump all users album pictures
Dump profile information
Dump photos ( this mean profile pictures)
Check friends request
Dump victim wall (here including poke)
Clone the profiles




Thursday, 15. March 2012
NotepadCrypt is a simple text editor based on Notepad2 with the added option of encrypting the contents of the files it edits. Except when opening and saving files, refer to Notepad2's documention. Nothing has been changed. If you read or write unencrypted files, nothing has been changed. If you open an encrypted file, NotepadCrypt will prompt you for the passphrase. When you save a new version of the file, it will be automatically encrypted using the same passphrase. There is one new item on the file menu, "Set Encryption PassPhrase" which will let you change or remove the encryption.




CANAPE - Network testing tool
CANAPE is a network testing tool for arbitrary protocols, but specifically designed for binary ones. It contains code to implement standard network proxies and provide the user the ability to capture and modify traffic to and from a server.The core can be extended through multiple .NET programming languages to parse protocols as required and implement custom proxies.Canape was released during Blackhat Europe 2012 where Context presented Canape with a worked example against Citrix ICA.





Tuesday, 13. March 2012
XSS ChEF - Exploitation Framework
This is a Chrome Extension Exploitation Framework - think BeEF for Chrome extensions. Whenever you encounter a XSS vulnerability in Chrome extension, ChEF will ease the exploitation.

What can you actually do:

Monitor open tabs of victims
Execute JS on every tab (global XSS)
Extract HTML, read/write cookies (also httpOnly), localStorage
Get and manipulate browser history
Stay persistent until whole browser is closed (or even futher if you can persist in extensions' localStorage)
Make screenshot of victims window
Further exploit e.g. via attaching BeEF hooks, keyloggers etc.
Explore filesystem through file:// protocol
Bypass Chrome extensions content script sandbox to interact directly with page JS




Wednesday, 7. March 2012
Adobe SWF Investigator
Adobe® SWF Investigator is the only comprehensive, cross-platform, GUI-based set of tools, which enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications. With SWF Investigator, you can perform both static and dynamic analysis of SWF applications with just one toolset. SWF Investigator lets you quickly inspect every aspect of a SWF file from viewing the individual bits all the way through to dynamically interacting with a running SWF.




Monday, 5. March 2012
oSpy- Sniffing Local Application Calls
oSpy is a tool which aids in reverse-engineering software running on the Windows platform.
oSpy already intercepts one such API, and is the API used by MSN Messenger, Google Talk, etc. for encrypting/decrypting HTTPS data.




Friday, 2. March 2012
Security Analyze
Security Analyzer is a free program for the Windows operating system to assess the system’s security status. The application works in some regards identical to Microsoft’s Action Center control panel applet. Unlike Microsoft’s built-in tool, it provides additional information and options to see if the system is protected properly.