Bugtraq-II Beta 32 bits Release

Features

Bugtraq system offers the most comprehensive distribution, optimal, and stable with automated services manager in real time. This distribution based on the 3.2 and 3.4 kernel PAE has a huge range of penetration, forensic and laboratory tools. Bugtraq is available with XFCE, Gnome and KDE based on Ubuntu, Debian and OpenSuse. The systems are available in 11 different languages.

Tools

One of the novelties of bugtraq is its wide range of tools in different branches. We can find mobile forensic tools, malware testing laboratories, tools of the Bugtraq-Community, audit tools for GSM, wireless, bluetooth and RFID, integrated Windows tools, tools focused on ipv6, and typical pentesting and forensics tools that should not miss in Bugtraq-II.

Install

You can install our distribution from a Live DVD or USB drive. Depending on your desktop environment, the features vary. The minimum requirements are based on XFCE.

• 1GHz x86 processor & 512 MB of system memory
• 15 GB of disk space for installation

Download Bugtraq-II Beta 32 bits

System requirements

• 1GHz x86 processor
• 512 MB of system memory (RAM)
• 15 GB of disk space for installation
• Graphics card capable of 800x600 resolution
• DVD-ROM drive or USB port

Download Bugtraq 2 Black Widow Xubuntu available in 11 languages
 MD5: 94e997802dd9286da7acb6faba4b7f34

Read More

[SAMHAIN 3.0.9] File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.

Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.

Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans. 

Download SAMHAIN 3.0.9

Read More

[Stegano 0.4] Python Steganography Module

Stéganô is a Python Steganography module.

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Consequently, functions provided by Stéganô only hide message, without encryption. Indeed steganography is often used with cryptography.

The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. If you are interested in cryptography have a look at my project pySecret.

Requirements

• Python (2.4 -> 2.7);
• Python Imaging Library (PIL).

Tutorial

Documentation and tutorial of Stéganô.

Methods of hiding

For the moment, Stéganô implements these methods of hiding:

• using the red portion of a pixel to hide ASCII messages;
• using the Least Significant Bit (LSB) technique;
• using the LSB technique with sets based on generators (Sieve for Eratosthenes, Fermat, Mersenne numbers, etc.);
• using the description field of the image (JPEG).

Moreover some methods of steganalysis are provided:

• steganalysis of LSB encoding in color images;
• statistical steganalysis.

Links

• Ohloh page of Stéganô;
• freecode page of Stéganô.

License

Stéganô is under GPL v3 license.

Download

http://adf.ly/146BfW

Read More

[HoneyDrive Desktop] Máquina virtual con varias aplicaciones para correr nuestro propio Honeypot

HoneyDrive Desktop es una máquina virtual con varias aplicaciones preparadas que nos permite de una forma sencilla y rápida correr nuestro propio honeypot.

Corre con Xubuntu Desktop 12.04 32 bits y contiene entre otras, las siguientes aplicaciones:

• Servidor LAMP con phpMyAdmin
• Kippo SSH, Kippo-Graph y Kippo2MySQL
• Dionaea Malware + phpLiteAdmin
• Honeyd + Honeyd2MySQL y Honeyd-Viz
• LaBrea, Tiny Honeypot, IIS Emulator, INetSim y SimH
• Varias utilidades para el análisis de malware, PDFs, etc

La imagen ocupa 2.7 Gb y la puedes descargar desde aquí. Para instalarlo sólo tienes que importar el fichero dentro de tu programa favorito de virtualización. Recomendado Virtual Box.

Source: http://adf.ly/146Bda

Read More

[AnonTwi 1.0] Twittea Anónimanente

AnonTwi es un software gratuito diseñado para navegar anónimamente en las redes sociales. Es compatible con Identi.ca y Twitter.com. Puedes aprovechar la aleatorización de proxy, enviar datos falsos geolocalización, y más.

+ Cifrado AES + HMAC-SHA1 en Tweets y Mensajes Directos --> [Más Info]

      + Secure Sockets Layer (SSL) para interactuar con la API
      + Proxy Socks (por ejemplo, para conectar a la red TOR)
      + Valores aleatórios para las cabeceras HTTP
      + Enviar mensajes largos que divide de forma automática
      + Descifrado automático a partir de urls de tweets o código cifrado
      + Copia de seguridad de mensajes a disco (máx: 3200)
      + Enviar falsas geolocalizaciones
      + Borrar datos y cerrar cuenta (suicidarse)
      + Ver los Trending Topics globales
      + Soporte UTF-8 + Unicode (chino, árabe, símbolos, etc)
      + Multiplataforma: GNU/Linux, MacOS, Win32
      + Resultados con colores  
      + Generar herramientas y módulos
      + Interfaz visual GTK+
      + Un bot de irc     

Y otras muchas más opciones que puedes ver detalladas aquí                                                  

hg clone http://hg.code.sf.net/p/anontwi/code anontwi-code

Descargar AnonTwi 1.0

Read More

[SQLSentinel] OpenSource tool for sql injection security testing

SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can generate a pdf report which contains the url vuln found and the url crawled. 

Please remember that SQLSentinel is not an exploiting tool. It can only finds url Vulnerabilities.

Download SQLSentinel v0.2

Read More

[BeEF] Fake Browser Update Exploitation

How to use BeEF Framework for fake browser update exploitation.

Fake Browser Update : - In BeEF Framework there is a new feature available in social-engineering called Clippy using this feature we are sending the fake Update notification and if user click on that so obviously he is going to install that exe and other side you will get the meterpreter session. Very easy to perform but very good for social-engineering.

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

BeEF : - http://beefproject.com/

PDF : - http://adf.ly/146Bj3

Read More

Windows Autologin Password Dumper & Manager

Windows Autologin Password is the free command-line tool to quickly dump and manage the Windows Automatic Logon Password.

Automatic Logon is one of the useful feature in Windows which allows you to login to system automatically without entering the password everytime. This tool helps you to easily dump the current Autologon password as well as quickly change the Autologon settings with just one command.
Here is the complete list of things that you can do with it,

• Dump the Windows Auto Logon User & Password
• Enable the Windows Auto Logon
• Specify your Username & Password for Windows Auto Logon.
• Disable the Windows Auto Logon
  

Once you set the Auto Logon username & password, you have to restart and next time you will be logged in automatically.
It is simple & easy to use tool. Also being a command-line based tool makes it perfect for automation.

'Windows Autologin Password' works on both both 32 bit & 64 bit versions and tested successfully on all Windows Platforms starting from Windows XP to latest version, Windows 8.      

Web: http://securityxploded.com/windows-autologin-password.php
Download  [Windows Autologin Password Dumper & Manager]

Read More

[SQL Fingerprint] Christmas Release

Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions and/or privileges on Microsoft SQL Server to succeed. 

Instead, ESF.pl uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version. ESF.pl also applies a sophisticated Scoring Algorithm Mechanism (Powered by Exploit Next Generation⁺⁺ Technology), which is a much more reliable technique to determine the Microsoft SQL Server version. It is a tool intended to be used by: 

This version is a completely rewritten version in Perl, making ESF.pl much more portable than the previous binary 
version (Win32), and its original purpose is to be used as a tool to perform automated penetration test. This version also includes the followingMicrosoft SQL Server versions to its fingerprint database:        

        • Microsoft SQL Server 2012 SP1 (CU1)
        • Microsoft SQL Server 2012 SP1
        • Microsoft SQL Server 2012 SP1 CTP4
        • Microsoft SQL Server 2012 SP1 CTP3
        • Microsoft SQL Server 2012 SP0 (CU4)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (CU3)
        • Microsoft SQL Server 2012 SP0 (CU2)
        • Microsoft SQL Server 2012 SP0 (CU1)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (KB2685308)
        • Microsoft SQL Server 2012 RTM

Download: http://code.google.com
Source: http://adf.ly/146C04

Read More

[Hydra v 7.4] Fast Network cracker

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.

Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Change Log

• New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
• Added support for win8 and win2012 server to the RDP module
• Better target distribution if -M is used
• Added colored output (needs libcurses)
• Better library detection for current Cygwin and OS X
• Fixed the -W option
• Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
• Fixed HTTP Form module false positive when no answer was received from the server
• Fixed SMB module return code for invalid hours logon and LM auth disabled
• Fixed http-{get|post-form} from xhydra
• Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
• Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
• Added debug mode option to usage (thanks to Anold Black)

Download Hydra v 7.4 Fast Network cracker

Read More

[WiFi Password Decryptor] Free Wireless Password Recovery Software

WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system.

It automatically recovers all type of Wireless Keys/Passwords (WEP/WPA/WPA2 etc) stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays following information

WiFi Name (SSID) Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP) Password Type Password in clear text

After the successful recovery you can save the password list to HTML/XML/TEXT file. You can also right click on any of the displayed account and quickly copy the password. Under the hood, 'WiFi Password Decryptor' uses System Service method (instead of injecting into LSASS.exe) to decrypt the WiFi passwords. This makes it more safer and reliable. Also it makes us to have just single EXE to work on both 32-bit & 64-bit platforms. It has been successfully tested on Windows Vista and higher operating systems including Windows 8. How to Use? WiFiPasswordDecryptor is easy to use with its simple GUI interface.  Here are the brief usage details Launch WiFiPasswordDecryptor on your system Next click on 'Start Recovery' button and all stored WiFi account passwords will be recovered & displayed as shown in screenshot 1 below. You can right click on any of the displayed account to quickly copy the password Also can generated detailed password recovery report in HTML/XML/Text format by clicking on 'Export' button and then select the type of file from the drop down box of 'Save File Dialog'. Note that you need to have administrative privileges to run this tool. Limitations This tool can recover the WiFi Passwords configured by Windows Wirelss Configuration Manager only. Also it does not work on older operating systems like Windows XP, 2003.It works well with Vista & all the higher versions. Screenshots Here are the screenshots of WiFiPasswordDecryptor Screenshot 1: WiFi Password Decryptor showing all the Recovered WiFi account Passwords. Screenshot 2: Detailed HTML report of all the recovered WiFi account Passwords

Download WiFi Password Decryptor

Read More

[ScanPlanner] Scanner Nmap Online

ScanPlanner is the easiest, fastest way to run NMAP scans and tests from the web. Schedule and track your network scans and vulnerability tests with our intuitive online interface.

WEB: http://scanplanner.com/

Read More

[jSQL Injection] Java based automated SQL injection tool

jSQLi is java based free SQL Injection Tool. It is very easy for user to retrieve database information from a vulnerable web server.

SQL Injection features:

• GET, POST, header, cookie methods
• normal, error based, blind, time based algorithms
• automatic best algorithms detection
• data retrieving progression
• proxy setting
• evasion
• for now supports MySQL

Download it from here:
http://adf.ly/14645Y

Read More

[Nmap 6.25] 85 new NSE scripts

After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 .

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Updates:

• integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissions and corrections
• better IPv6 traceroute support
• new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X
• added support for Unix domain sockets
• 85 new NSE scripts
• 12 new protocol libraries
• Windows 8 improvements
• targets-sniffer is now capable of sniffing IPv6 addresses
• a number of bugs affecting the software's security, stability and productiveness fixed.

Download Nmap 6.25

Read More