Zodiac - DNS Protocol Monitoring and Spoofing Tool @ 18-07-2008 17:59
Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet routines or packet [...]
Lynis - Security & System Auditing Tool for UNIX/Linux @ 17-07-2008 03:26
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This is a tool that might be useful for both penetration testers performing white box tests and system admins trying [...]
FWAuto v1.1 - Firewall Auditing & Ruleset Analyzer Tool @ 17-07-2008 03:24
FWAuto (Firewall Rulebase Automation) is a Perl script and should work on any system with Perl installed. Provide the running config of a PIX firewall to fwauto. It will analyze and give you a list of weak rules in your rule base and store the result in multiple output files. Maybe there have been times when [...]
DNSenum - Domain Information Gathering Tool @ 11-07-2008 20:43
The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain. The program currently performs the following operations: Get the host’s addresse (A record). Get the namservers [...]
Pantera - Web Application Analysis Engine @ 09-07-2008 18:34
Pantera is actually using an improved version of SPIKE Proxy and is a project under the umbrella of OWASP. It’s aiming to be a more automated method for testing Web Application Security. Features User-friendly custom web GUI. (CSS): Pantera itself is a web application that runs inside the browser and can be customized using [...]
ratproxy - Passive Web Application Security Audit Tool @ 04-07-2008 00:19
Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic [...]
PAW/PAWS - Python Advanced Wardialing System @ 04-07-2008 00:17
Now this is an oldskool topic, wardialling! Some people still ask me about wardialling tools though, so here’s one I found recently written in Python. PAW / PAWS is a wardialing software in python. It is designed to scan for ISDN (PAWS only) and “modern” analog modems (running at 9.6kbit/s or higher). Wardialing tools are - [...]
Bsqlbf V2 - Blind SQL Injection Brute Forcer Tool @ 04-07-2008 00:16
There are quite a lot of SQL Injection Tools available and now there is one more to add to the stable for testing - Bsqlbf V2, which is a Blind SQL Injection Brute Forcer. The original tool (bsqlbfv1.2-th.pl) was intended to exploit blind sql injection against a mysql backend database, this new version supports blind sql [...]
BackTrack Final 3 Hacking LiveCD @ 25-06-2008 19:59
If you don’t know, BackTrack is a top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. New Stuff SAINT SAINT has provided BackTrack users with a functional version of SAINT, pending a free request for an IP range license [...]
Technitium FREE MAC Address Changer v5 Released @ 20-06-2008 13:31
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit [...]
