Radare - The Reverse Engineering Framework

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files

This is the rewrite of radare (1.x branch) to provide a framework with a set of libraries and programs to work with binary data.

Radare project started as a forensics tool, an scriptable commandline hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, ..

radare2 is portable.

Architectures:

6502, 8051, arm, arc, avr, bf, tms320 (c54x, c55x, c55+), gameboy csr, dcpu16, dalvik, i8080, mips, m68k, mips, msil, snes, nios II, sh, sparc, rar, powerpc, i386, x86-64, H8/300, malbolge, T8200

File Formats:

bios, dex, elf, elf64, filesystem, java, fatmach0, mach0, mach0-64, MZ, PE, PE+, TE, COFF, plan9, bios, dyldcache, Gameboy and Nintendo DS ROMs

Operating Systems:

Android, GNU/Linux, [Net|Free|Open]BSD, iOS, OSX, QNX, w32, w64, Solaris, Haiku, FirefoxOS

Bindings:

Vala/Genie, Python (2, 3), NodeJS, LUA, Go, Perl, Guile, php5, newlisp, Ruby, Java, OCAM

Features:

• Multi-architecture and multi-platform
  • GNU/Linux, Android, *BSD, OSX, iPhoneOS, Windows{32,64} and Solaris
  • i8080, 8051, x86{16,32,64}, avr, arc{4,compact}, arm{thumb,neon,aarch64}, c55x+, dalvik, ebc, gb, java, sparc, mips, nios2, powerpc, whitespace, brainfuck, malbolge, z80, psosvm, m68k, msil, sh, snes, gb, dcpu16, csr, arc
  • pe{32,64}, te, [fat]mach0{32,64}, elf{32,64}, bios/uefi, dex and java classes
• Highly scriptable
  • Vala, Go, Python, Guile, Ruby, Perl, Lua, Java, JavaScript, sh, ..
  • batch mode and native plugins with full internal API access
  • native scripting based in mnemonic commands and macros
• Hexadecimal editor
  • 64bit offset support with virtual addressing and section maps
  • Assemble and disassemble from/to many architectures
  • colorizes opcodes, bytes and debug register changes
  • print data in various formats (int, float, disasm, timestamp, ..)
  • search multiple patterns or keywords with binary mask support
  • checksumming and data analysis of byte blocks
• IO is wrapped
  • support Files, disks, processes and streams
  • virtual addressing with sections and multiple file mapping
  • handles gdb:// and rap:// remote protocols
• Filesystems support
  • allows to mount ext2, vfat, ntfs, and many others
  • support partition types (gpt, msdos, ..)
• Debugger support
  • gdb remote and brainfuck debugger support
  • software and hardware breakpoints
  • tracing and logging facilities
• Diffing between two functions or binaries
  • graphviz friendly code analysis graphs
  • colorize nodes and edges
• Code analysis at opcode, basicblock, function levels
• embedded simple virtual machine to emulate code
• keep track of code and data references
• function calls and syscall decompilation
• function description, comments and library signatures

Download Radare

Read More

Arachni v1.0 - Web Application Security Scanner Framework

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. 

It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.

Unlike other scanners, it takes into account the dynamic nature of web applications, can detect changes caused while travelling through the paths of a web application’s cyclomatic complexity and is able to adjust itself accordingly. This way, attack/input vectors that would otherwise be undetectable by non-humans can be handled seamlessly. 

Moreover, due to its integrated browser environment, it can also audit and inspect client-side code, as well as support highly complicated web applications which make heavy use of technologies such as JavaScript, HTML5, DOM manipulation and AJAX. 

Finally, it is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits, to a multi-user multi-scan web collaboration platform.

Download Arachni v1.0

Read More

OWASP Xenotix XSS Exploit Framework 6

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module is incorporated with 3 intelligent fuzzers to reduce the scan time and produce better results. If you really don't like the tool logic, then leverage the power of Xenotix API to make the tool work like you wanted it to be. It is claimed to have the world’s 2nd largest XSS Payloads of about 4800+ distinctive XSS Payloads. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes real world offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.

Features

SCANNER MODULES

• GET Request Manual Mode
• GET Request Auto Mode
• Multiple Parameter Scanner
• GET Request Fuzzer
• POST Request Fuzzer
• Advanced Request Fuzzer
• OAuth 1.0a Request Scanner
• DOM Scanner
• Hidden Parameter Detector

INFORMATION GATHERING MODULES

• WAF Fingerprinting
• Victim Fingerprinting
  • IP to Location
  • IP to GeoLocation
• Network
  • Network IP (WebRTC)
  • Ping Scan
  • Port Scan
  • Internal Network Scan
• Browser
  • Fingerprinting
  • Features Detector

EXPLOITATION MODULES

• Send Message
• Cookie Thief
• Keylogger
• HTML5 DDoSer
• Load File
• Grab Page Screenshot
• JavaScript Shell
• Reverse HTTP WebShell
• Metasploit Browser Exploit
• Social Engineering
  • Phisher
  • Tabnabbing
  • Live WebCam Screenshot
  • Download Spoofer
  • Geolocation HTML5 API
  • Java Applet Drive-By (Windows)
  • Java Applet Drive-By Reverse Shell (Windows)
  • HTA Network Configuration (Windows, IE)
  • HTA Drive-By (Windows, IE)
  • HTA Drive-By Reverse Shell (Windows, IE)
• Firefox Addons
  • Reverse TCP Shell Addon (Windows, Persistent)
  • Reverse TCP Shell Addon (Linux, Persistent)
  • Session Stealer Addon (Persistent)
  • Keylogger Addon (Persistent)
  • DDoSer Addon (Persistent)
  • Linux Credential File Stealer Addon (Persistent)
  • Drop and Execute Addon (Persistent)

AUXILIARY MODULES

• WebKit Developer Tools
• Encoder/Decoder
• JavaScript Encoders
  • JSFuck 6 Char Encoder
  • jjencode Encoder
  • aaencode Encoder
• JavaScript Beautifier
• Hash Calculator
• Hash Detector
• View Injected JavaScript
• View XSS Payloads

XENOTIX SCRIPTING ENGINE

• Xenotix API
• IronPython Scripting Support
• Trident and Gecko Web Engine Support 

Download OWASP Xenotix XSS Exploit Framework 6

Read More

Drozer - The Leading Security Assessment Framework for Android

drozer is a comprehensive security audit and attack framework for Android.

With increasing pressure to support mobile working, the ingress of Android into the enterprise is gathering momentum. Have you considered the threat posed by the Android app that supports your business function, or Android devices being used as part of your BYOD strategy?

drozer helps to provide confidence that Android apps and devices being developed by, or deployed across, your organisation do not pose an unacceptable level of risk. By allowing you to interact with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

drozer provides tools to help you use and share public exploits for Android. For remote exploits, it can generate shellcode to help you to deploy the drozer Agent as a remote administrator tool, with maximum leverage on the device.

Faster Android Security Assessments

drozer helps to reduce the time taken for Android security assessments by automating the tedious and time-consuming.

• Discover and interact with the attack surface exposed by Android apps.
• Execute dynamic Java-code on a device, to avoid the need to compile and install small test scripts.

Test against Real Android Devices

drozer runs both in Android emulators and on real devices. It does not require USB debugging or other development features to be enabled; so you can perform assessments on devices in their production state to get better results.

Automate and Extend

drozer can be easily extended with additional modules to find, test and exploit other weaknesses; this, combined with scripting possibilities, helps you to automate regression testing for security issues.

Test your Exposure to Public Exploits

drozer provides point-and-go implementations of many public Android exploits. You can use these to identify vulnerable devices in your organisation, and to understand the risk that these pose.

Download drozer

Read More

OWASP Xenotix XSS Exploit Framework v5

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1600+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.

Following are the V5 Additions

• Xenotix Scripting Engine
• Xenotix API
• V4.5 Bug Fixes
• GET Network IP (Information Gathering)
• QR Code Generator for Xenotix xook
• HTML5 WebCam Screenshot(Exploitation Module)
• HTML5 Get Page Screenshot (Exploitation Module)
• Find Feature in View Source.
• Improved Payload Count to 1630
• Name Changes

Xenotix Scripting Engine and API

This release features the Xenotix Scripting Engine that works on the top of Xenotix API. The Scripting Engine helps you to create tools and test cases on the go based on your requirements. There are situations when you have to go the manual way and since the ruleset set of an automated tool is not applicable in certain situations. Xenotix Scripting Engine powered by Xenotix API come into your rescue. Now you can make sure your tool works based on your requirements. Apply your Python scripting skills on the latest Scripting Engine.

Xenotix API features

• 1630 XSS Detection Payloads.
• An inbuilt GET Request XSS Fuzzer for Intelligent and Fast XSS Vulnerability Detection.
• Analyze Response in Trident and Gecko Web Engines to make sure that there are no false positives.
• Interact with Web Engines from the scope of a Python Script.
• Make GET and POST Requests with one liner codes.

Reguirements

• Microsoft .NET Framework 4.0 http://www.microsoft.com/en-in/download/details.aspx?id=17718
• IronPython 2.7.3 http://ironpython.codeplex.com/downloads/get/423690

Download OWASP Xenotix XSS Exploit Framework v5

Read More

[Arachni v0.4.6 - Web User Interface v0.4.3] Open Source Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.

Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling

through the paths of a web application’s cyclomatic complexity.

This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.

Changelog

Framework v0.4.6

• Massively decreased RAM consumption.
• Amount of performed requests cut down by 1/3 — and thus 1/3 decrease in scan times.
• Overhauled timing attack and boolean/differential analysis algorithms to fix SQLi false-positives with misbehaving webapps/servers.
• Vulnerability coverage optimizations with 100% scores on WAVSEP’s tests for:
  • SQL injection
  • Local File Inclusion
  • Remote File Inclusion
  • Non-DOM XSS — DOM XSS not supported until Arachni v0.5.

WebUI v0.4.3

• Implemented Scan Scheduler with support for recurring scans.
• Redesigned Issue table during the Scan progress screen, to group and filter issues by type and severity.

Download Arachni v0.4.6

Read More

[Capstone] Ultimate Disassembly Framework

Capstone is a lightweight multi-platform, multi-architecture disassembly framework.

Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community.

Features

• Support hardware architectures: ARM, ARM64 (aka ARMv8), Mips & X86 (more details).
• Clean/simple/lightweight/intuitive architecture-neutral API.
• Provide details on disassembled instruction (called “decomposer” by others).
• Provide some semantics of the disassembled instruction, such as list of implicit registers read & written.
• Implemented in pure C language, with bindings for Python, Ruby, OCaml, C#, Java and GO available.
• Native support for Windows & *nix (including MacOSX, Linux, *BSD platforms).
• Thread-safe by design.
• Distributed under the open source BSD license.

Download Capstone

Read More

[OMENS v1.17] The framework for distributing Actionable Intelligence

OMENS (Object Monitor for Enhanced Network Security) was born out of the intrusion (and intrusion attempts) analysis that I have been doing over many years. I consistently run into intrusion attempts that existing IDS systems have difficulty detecting. OMENS is my attempt to better detect (and understand) these blind spots in existing systems.

OMENS uses two primary methods to determine hostile activity. Scanning for hostile activity through signature comparisons, and base-lining to determine if any system changes have taken place.

OMENS is initially targeted at defending web servers, because the author of OMENS is most familiar with web based intrusions. However, the concepts employed by OMENS could be used in many other circumstances.

OMENS starts with scanning the web server log file for hostile activity. If it sees anything that matches the hostile signature database, it will report that activity in a report or via syslog.

OMENS also baselines the web server’s (web root) file system. If any changes are made in the files, those files are then scanned for hostile signatures, and any findings are again reported via report or syslog. One unique feature of OMENS is that it will also scan any modified or new files for obfuscated code. A common indicator of hostile files is that they contain obfuscated code. Obfuscation is commonly used to prevent detection. To my knowledge no existing scanner other than OMENS looks for this important indicator.

OMENS can also check the Windows Registry for hostile keys.

Download OMENS v1.17

Read More

OWASP Xenotix XSS Exploit Framework v4.5

Version 4.5 Additions

• JavaScript Beautifier
• Pause and Resume support for Scan
• Jump to Payload
• Cookie Support for POST Request
• Cookie Support and Custom Headers for Header Scanner
• Added TRACE method Support
• Improved Interface
• Better Proxy Support
• WAF Fingerprinting
• Load Files
• Hash Calculator
• Hash Detector

Download OWASP Xenotix XSS Exploit Framework v4.5

Read More

[Sandy v0.1] Open-source Samsung phone encryption assessment framework

Sandy is an open-source Samsung phone encryption assessment framework. Sandy has different modules that allow you to carry out different attack scenarios against encrypted Samsung phones. For the details check our Derbycon 3.0 presentation (What’s common in Oracle and Samsung? They tried to think differently about crypto).

Requirements

• It was developed with python 2.7.
• Most of the modules works on OSX.
• Every modules should work on Kali Linux.
• You need pexpect, pbkdf2 and pyCrypto pyhton modules.

Download Sandy v0.1

Read More

[Arachni v0.4.5.1-0.4.2] Open Source Web Application Security Scanner Framework

Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit.

Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible security/vulnerability assessments. More than that, Arachni is highly extend-able allowing for anyone to improve upon it by adding custom components and tailoring most aspects to meet most needs.

New Changes

• Optimized pattern matching to use less resources by grouping patterns to only be matched against the per-platform payloads. Bottom line, pattern matching operations have been greatly reduced overall and vulnerabilities can be used to fingerprint the remote platform.
• Modules
  • Path traversal ( path_traversal)
    • Updated to use more generic signatures.
    • Added dot-truncation for MS Windows payloads.
    • Moved non-traversal payloads to the file_inclusion module.
  • File inclusion ( file_inclusion) — Extracted from path_traversal.
    • Uses common server-side files and errors to identify issues.
  • SQL Injection ( sqli) — Added support for the following databases:
    • Firebird
    • SAP Max DB
    • Sybase
    • Frontbase
    • IngresDB
    • HSQLDB
    • MS Access
  • localstart_asp — Checks if localstart.asp is accessible.
• Plugins — Added:
  • Uncommon headers ( uncommon_headers) — Logs uncommon headers.

Download Arachni v0.4.5.1-0.4.2

Read More

[Xenotix XSS Exploit Framework v4] Advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes highly offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.

SCANNER MODULES

• Manual Mode Scanner
• Auto Mode Scanner
• DOM Scanner
• Multiple Parameter Scanner
• POST Request Scanner
• Header Scanner
• Fuzzer
• Hidden Parameter Detector

INFORMATION GATHERING MODULES

• Victim Fingerprinting
• Browser Fingerprinting
• Browser Features Detector
• Ping Scan
• Port Scan
• Internal Network Scan

EXPLOITATION MODULES

• Send Message
• Cookie Thief
• Phisher
• Tabnabbing
• Keylogger
• HTML5 DDoSer
• Executable Drive By
• JavaScript Shell
• Reverse HTTP WebShell
• Drive-By Reverse Shell
• Metasploit Browser Exploit
• Firefox Reverse Shell Addon (Persistent)
• Firefox Session Stealer Addon (Persistent)
• Firefox Keylogger Addon (Persistent)
• Firefox DDoSer Addon (Persistent)
• Firefox Linux Credential File Stealer Addon (Persistent)
• Firefox Download and Execute Addon (Persistent)

UTILITY MODULES

• WebKit Developer Tools
• Payload Encoder 

Download Xenotix XSS Exploit Framework v4

Read More

[Tunna Framework] Tool designed to bypass firewall restrictions on remote webservers

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on the remote web server or any other server in the DMZ. The local application communicates with the webshell over the HTTP protocol. It also exposes a local port for the client application to connect to.

Since all external communication is done over HTTP it is possible to bypass the filtering rules and connect to any service behind the firewall using the webserver on the other end.

Tunna framework

Tunna framework comes witht he following functionality:

	Ruby client - proxy bind: Ruby client proxy to perform the tunnel to the remote web application and tunnel TCP traffic.
	Python client - proxy bind: Python client proxy to perform the tunnel to the remote web application and tunnel TCP traffic.
	Metasploit integration module, which allows transparent execution of metasploit payloads on the server
	ASP.NET remote script
	Java remote script
	PHP remote script

Download Tunna

Read More

[Arachni v0.4.4] The Web Application Security Scanner Framework

Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit.

Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible security/vulnerability assessments. More than that, Arachni is highly extend-able allowing for anyone to improve upon it by adding custom components and tailoring most aspects to meet most needs.

Modules

There are new passive (recon) and active (audit) modules along with big coverage improvements for existing ones.

Recon

New

• X-Forwarded-For Access Restriction Bypass ( x_forwarded_for_access_restriction_bypass)
  • Retries denied requests with a X-Forwarded-For header to try and trick the web application into thinking that the request originates from localhost and checks whether the restrictions were bypassed.
• Form-based upload ( form_upload)
  • Flags file-upload forms as they require manual testing.

Improved

• .htaccess LIMIT misconfiguration ( htaccess_limit)
• Updated to use verb tampering as well.

Audit

New

• Source code disclosure ( source_code_disclosure)
  • Checks whether or not the web application can be forced to reveal source code.
• Code execution via the php://input wrapper ( code_execution_php_input_wrapper)
  • It injects PHP code into the HTTP request body and uses the php://input wrapper to try and load it.

Improved

• Blind SQL Injection (Boolean/Differential analysis) ( sqli_blind_rdiff)
  • Improved accuracy of results.
• Path traversal ( path_traversal)
  • Severity set to “High”.
  • Updated to start with / and go all the way up to /../../../../../../.
  • Added fingerprints for /proc/self/environ.
  • Improved coverage for MS Windows.
• Remote file inclusion ( rfi)
  • Updated to handle cases where the web application appends its own extension to the injected string.

Download Arachni v0.4.4

Read More

[Samurai Web Testing Framework v2.1] Live linux environment that has been pre-configured to function as a web pen-testing environment

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Download Samurai Web Testing Framework v2.1

Read More

[Drozer] The Leading Security Testing Framework for Android.

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

drozer provides tools to help you use and share public Android exploits. It helps you to deploy a drozer agent by using weasel – MWR’s advanced exploitation payload.

For the latest Mercury updates, follow @mwrdrozer.

Features

drozer allows you to use dynamic analysis during an Android security assessment. By assuming the role of an Android app you can:

• find information about installed packages.
• interact with the 4 IPC endpoints – activities, broadcast receivers, content providers and services.
• use a proper shell to play with the underlying Linux OS (from the content of an unprivileged application).
• check an app’s attack surface, and search for known vulnerabilities.
• create new modules to share your latest findings on Android.

drozer’s remote exploitation features provide a unified framework for sharing Android payloads and exploits. It helps to reduce the time needed for vulnerability assessments and mobile red-teaming exercises, and includes the outcome of some of MWR’s cutting-edge research into advanced Android payloads and exploits.

How it Works

drozer does all of this over the network: it does not require ADB.

Download Drozer

Read More

[Pytbull] IDS/IPS Testing Framework

Pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS and to validate config.

Download Pytbull

Read More

[OWASP Xenotix XSS Exploit Framework v4 2013] Herramienta para detectar errores de Cross Site Scripting (XSS)

OWASP Xenotix XSS Exploit Framework es un herramienta para detectar errores de Cross Site Scripting (XSS). Xenotic ofrece un scanner triple para los motores de renderizado Trident de IE, WebKit de Chrome, Safari y Opera y Gecko de Mozilla Firefox y tiene más de 1.500 payloads distintivos para detectar eficientemente vulnerabilidades XSS y sobrepasar los WAF más utilizados.

Además, incorpora un módulo de recopilación de información para realizar reconocimiento del objetivo e incluye módulos de explotación ofensivos para realizar pruebas de penetración y pruebas de concepto sobre el mismo.

Módulos de escaneo

• Manual Mode Scanner
• Auto Mode Scanner
• DOM Scanner
• Multiple Parameter Scanner
• POST Request Scanner
• Header Scanner
• Fuzzer
• Hidden Parameter Detector 

Information Gathering

• Victim Fingerprinting
• Browser Fingerprinting
• Browser Features Detector
• Ping Scan
• Port Scan
• Internal Network Scan

Explotación

• Send Message
• Cookie Thief
• Phisher
• Tabnabbing
• Keylogger
• HTML5 DDoSer
• Executable Drive By
• JavaScript Shell
• Reverse HTTP WebShell
• Drive-By Reverse Shell
• Metasploit Browser Exploit
• Firefox Reverse Shell Addon (Persistent)
• Firefox Session Stealer Addon (Persistent)
• Firefox Keylogger Addon (Persistent)
• Firefox DDoSer Addon (Persistent)
• Firefox Linux Credential File Stealer Addon (Persistent)
• Firefox Download and Execute Addon (Persistent)

Utilidades

• WebKit Developer Tools
• Payload Encoder 

Desde aquí se puede descargar el paper de su autor, ver los videos introductorios y la herramienta.

Fuente: http://blog.segu-info.com.ar/

Descargar OWASP Xenotix XSS Exploit Framework

Read More

[HconSTF Pentest Browser] Open Source Penetration Testing / Ethical Hacking Framework

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

Download HconSTF Pentest Browser v0.5

Read More

[Arachni v0.4.3] Ruby framework aimed towards helping penetration testers

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.

Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application’s cyclomatic complexity.

This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.

Changelog v0.4.3

Framework (v0.4.3)

• Stable multi-Instance scans, taking advantage of SMP/Grid architectures for higher efficiency and performance.
• Automated Grid load-balancing.
• Platform fingerprinting for tailor-made audits resulting in less bandwidth consumption, less server stress and smaller scan runtimes.

Web User Interface (v0.4.1)

• Support for PostgreSQL.
• Support for importing data and configuration from the previous 0.4.2-0.4 packages.

Packages

• Downgraded to require GLIBC >= 2.12 for improved portability.

More Information: here

Download Arachni v0.4.3 – Web User Interface v0.4.1

Read More