XTest - VoIP Infrastructure Security Testing Tool @ 04-09-2008 09:16
What is XTest? XTest is a simple, practical, and free, wired 802.1x supplicant security tool implementing the RFC 3847 EAP-MD5 Authentication method. It can be used to assess the password strength within wired ethernet environments that rely on 802.1x to protect IP Phones and the VoIP Infrastructure against rogue PC access. XTest is developed in C [...]
ISR-evilgrade @ 29-08-2008 10:20
ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims DNS traffic, it [...]
OpenVAS - Open Vulnerability Assessment System @ 19-08-2008 01:11
As you all probably known since version 3 Nessus turned to a proprietary model and started charging for the latest plugins locking most of us out. Now we finally have a new, properly organised forked development with the name of OpenVAS - at last a decent and free Vulnerability Scanner! OpenVAS stands for Open Vulnerability Assessment [...]
raWPacket HeX - Network Security Monitoring & Analysis LiveCD @ 13-08-2008 18:09
HeX is a project aimed at the NSM (Network Security Monitoring) community for use by network security analysts. The developers believe that simplicity and analysis work flow logic must be enhanced and emphasized through-out the process of designing this liveCD. Not only have they carefully chosen all the necessary applications and tools to be included [...]
PuttyHijack V1.0 - Hijack SSH/PuTTY Connections on Windows @ 11-08-2008 17:26
PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for [...]
Pass-The-Hash Toolkit v1.4 @ 31-07-2008 16:07
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM [...]
nUbuntu Development Kicking Off Again - Security LiveCD @ 29-07-2008 10:59
We did mention nUbuntu long ago in our famous 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) article. The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is [...]
MoocherHunter - Detect & Track Rogue Wifi Users @ 29-07-2008 10:57
MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. I wanted to mention this tool separately as I think it’s very cool! MoocherHunter™ identifies the location of an 802.11-based wireless moocher or hacker by the traffic they send across the network. If they want to mooch from you or [...]
TSGrinder - Brute Force Terminal Services Server @ 29-07-2008 10:56
This is a tool that has been around quite some time too, it’s still very useful though and it’s a very niche tool specifically for brute forcing Windows Terminal Server. TSGrinder is the first production Terminal Server brute force tool, and is now in release 2. The main idea here is that the Administrator account, since [...]
Zodiac - DNS Protocol Monitoring and Spoofing Tool @ 18-07-2008 10:59
Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet routines or packet [...]
