FS-NyarL - Network Takeover & Forensic Analysis Tool

NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony.

It's represent Crawling Chaos and FS-NyarL it's The Crawling Chaos of Cyber Security :-)

A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at your own risk!

 

• Interactive Console
• Real Time Passwords Found
• Real Time Hosts Enumeration
• Tuned Injections & Client Side Attacks
• ARP Poisoning & SSL Hijacking
• Automated HTTP Report Generator

ATTACKS IMPLEMENTED:

• MITM (Arp Poisoning)
• Sniffing (With & Without Arp Poisoning)
• SSL Hijacking (Full SSL/TLS Control)
• HTTP Session Hijaking (Take & Use Session Cookies)
• Client Browser Takeover (with Filter Injection in data stream)
• Browser AutoPwn (with Filter Injection in data steam)
• Evil Java Applet (with Filter Injection in data stream)
• DNS Spoofing
• Port Scanning

POST ATTACKS DATA OBTAINED:

• Passwords extracted from data stream
• Pcap file with whole data stream for deep analysis
• Session flows extracted from data stream (Xplico & Chaosreader)
• Files extracted from data stream
• Hosts enumeration (IP,MAC,OS)
• URLs extracted from data stream
• Cookies extracted from data stream
• Images extracted from data stream
• List of HTTP files downloaded extracted from URLs

DEPENDENCIES (aka USED TOOLS):

• Chaosreader (already in bin folder)
• Xplico
• Ettercap
• Arpspoof
• Arp-scan
• Mitmproxy
• Nmap
• Tcpdump
• Beef
• SET
• Metasploit
• Dsniff
• Macchanger
• Hamster
• Ferret
• P0f
• Foremost
• SSLStrip
• SSLSplit

Download FS-NyarL

Read More

Ninja PingU - High performance network scanner tool for large scale analyses

NINJA-PingU Is Not Just a Ping Utility is a free open-source high performance network scanner tool for large scale analyses. It has been designed with performance as its primary goal and developed as a framework to allow easy plugin creation.

NINJA PingU comes out of the box with a set of plugins for services analysis and embedded devices identification. More information about those can be found in its home page at http://owasp.github.io/NINJA-PingU

Usage:

# sudo ./bin/npingu [OPTIONS] targets

  -t    Number of sender threads.
  -p    Port scan range. For instance, 80 or 20-80.
  -d    Delay between packages sent (in usecs).
  -s    No service identification (less bandwith load, more hosts/time).
  -m    Module to run. For instance, Service.
  -h    Show this help.
  [targets] Ip address seed. For instance, 192.168.1. or 1.1.1.1-255.0.0.0

Examples:
Example to scan some OVH servers:

   # ./bin/npingu -t 3 -p 20-80 188.1.1.1-188.255.1.1 -d 1 -m Service

  -Targeted Hosts [188.165.83.148-188.255.83.148]
  -Targeted Port Range [20-80]
  -Threads [3]
  -Delay 1 usec
  -Use the Service identification Module

Example to scan several google web servers:

  # ./bin/npingu -t 5 -p 80 -s 74.125.0.0-74.125.255.255

  -Targeted Hosts [74.125.0.0-74.125.255.255]
  -Targeted Port [80]
  -Threads [5]
  -s synOnly scan

Example for scanning the 32764/TCP Backdoor

  # ./bin/npingu -t 2 1.1.1.1-255.1.1.1 -m Backdoor32764 -p 32764

  -Targeted Hosts [1.1.1.1-255.1.1.1]
  -Targeted Port [32764]
  -Threads [2]
  -Use the 32764/TCP Backdoor Module

Download Ninja PingU

Read More

HonSSH - Log all SSH communications between a client and server

HonSSH is a high-interaction Honey Pot solution.

HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them.

Features

• Captures all connection attempts to a text file.
• When an attacker sends a password guess, HonSSH can automatically replace their attempt with the correct password (spoof_login option). This allows them to login with any password but confuses them when they try to sudo with the same password.
• All interaction is captured into a TTY log (thanks to Kippo) that can be replayed using the playlog utility included from Kippo.
• A text based summary of an attackers session is captured in a text file.
• Sessions can be viewed or hijacked in real time (again thanks to Kippo) using the management telnet interface.  

Download HonSSH

Read More

Nmap 6.45 - Free Security Scanner For Network Exploration & Security Audits

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Added ssl-heartbleed script to detect the Heartbleed bug in OpenSSL. Various other additions and updates.

Download Nmap 6.45

Read More

Simple 8-bit Assembler Simulator

A simulator which provides a simplified assembler syntax (based on NASM) and is simulating a x86 like cpu. Press Help inside the simulator to see an overview about the supported instructions.

Features

• 8-bit CPU
• 4 general purpose registers
• 256 bytes of memory
• Console output

Simple 8-bit Assembler Simulator

Read More

Burp Suite Professional v1.6 - The leading toolkit for web application security testing

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Changelog v1.6

Burp Suite Free Edition contains significant new features added since v1.5, including:

• Support for WebSockets messages.
• Support for PKCS#11 client SSL certificates contained in smart cards and physical tokens.
• A new Extender tool, allowing dynamic loading and unloading of multiple extensions.
• A new powerful extensibility API, enabling extensions to customize Burp’s behavior in much more powerful ways.
• Support for extensions written in Python and Ruby.
• A new BApp Store feature, allowing quick and easy installation of extensions written by other Burp users.
• An option to resolve DNS queries over a configured SOCKS proxy, allowing access to TOR hidden services.
• Generation of CSRF PoC attacks using a new cross-domain XHR technique.
• New options for SSL configuration, to help work around common problems.
• Optional unpacking of compressed request bodies in the Proxy.
• Support for .NET DeflateStream compression.
• New and improved types of Intruder payloads.
• New Proxy interception rules.
• New Proxy match/replace rules.
• Improved layout options in the Repeater UI.
• An SSL pass-through feature, to prevent Burp from breaking the SSL tunnel for specified domains.
• Support for the Firefox Plug-n-hack extension.
• An option to copy a selected request as a curl command.

Burp Suite Professional contains a number of bugfixes and tweaks, added since the last beta version, including:

• An occasional bug causing misplaced highlights on payloads in Scanner issues has been fixed.
• A bug in which restoring default settings for the Extender tool didn’t unload any currently running extensions has been fixed.
• A display bug affecting the rendering of binary content (such as images) in the raw view of the HTTP message editor has been fixed.
• A bug which prevented the automatic backup on exit feature from functioning in headless mode has been fixed.
• In previous versions, Burp stored its preferences in separate locations for each major version. This caused persisted settings to be lost on upgrading to a new major version. This behavior has been modified, and from v1.6 onwards major versions will store their preferences in the same location. As a workaround to preserve settings from earlier releases, Pro users can launch the earlier release, save a state file containing their preferences, then launch the new release and load the state file.

Download Burp Suite Professional v1.6

Read More

RouterPassView v1.53 - Recover lost password from router backup file

Most modern routers allow you to backup the configuration of the router into a file, and then restore the configuration from the file when it's needed.

The backup file of the router usually contains important data like your ISP user name/password, the login password of the router, and wireless network keys.

If you lost one of these password/keys, but you still have a backup file of your router configuration, RouterPassView might help you to recover your lost password from your router file.

Supported Routers

Due to large amount of router models available in the market, it's impossible to support all of them. 

For now, RouterPassView supports a limited number of router models, and I'll gradually add support for more routers in future versions. Also, be aware that even if your router is not in the list, you can still try to open your router backup file with RouterPassView, because some routers are sold with different brand name, but they still use the same software/chipset of other routers.

Here's the list:

• Linksys WRT54GL (With original firmware or Tomato firmware), WRT54G (only some of them), WRT160N, WRT320N, and possibly similar models.
• Linksys E5200
• Linksys E2000
• Linksys RV082
• Linksys E2500
• Linksys N1500
• Linksys E900
• Cisco-Linksys E4200
• Edimax BR6204WG, and possibly similar models.
• Siemens ADSL SL2-141, and possibly similar models.
• Dynalink RTA1025W, and possibly similar models.
• NETGEAR WGT624, WGR614v9, WNR1000v3, WNR3500L, and possibly other models.
• ASUS WL-520g, WL-600g, and possibly similar models.
• ASUS RT-N10+ , and possibly similar models.
• Asus RT-N56U , and possibly similar models.
• Asus RT-AC66U
• D-Link DIR-655, DIR-300, and possibly similar models.
• Sanex SA 5100, and possibly similar models.
• Sitecom WL-351, WL-575, WL-312, and possibly similar models.
• COMTREND 536+ (Only Internet Login)
• US Robotics 9108 ADSL (internet login and admin login)
• D-Link DSL-2540U/BRU/D ADSL2+, DSL-2650U, DSL-520B
• D-Link DVA-G3170i/PT
• D-Link DSL-604T
• D-Link G3670B
• D-Link DSL-2640T
• D-Link DSL-G684T
• D-Link DSL-2500U
• D-Link 2740B
• D-Link DIR-615 G2
• D-Link WBR-1310
• D-Link DSL-2543B
• D-Link DI-524
• D-Link DI-624+A
• D-Link DIR-600
• D-Link DIR-300
• TL-WDR4300 N750
• TP-Link TD-8810 ADSL Modem/Router.
• Dynamode R-ADSL-C4-W-G1
• NetComm NB5Plus4 DSL
• Thomson TG580 DSL (only in Hex Dump mode)
• Asus RT-G31
• HuaWei EchoLife HG520 (Only some of them)
• HuaWei HG526
• HuaWei-3Com Aolynk BR104
• TP-LINK TL-WR841N
• TP-LINK TL-WR841DN
• TP-LINK TL-MR342
• TP-LINK TL-WR340G
• TP-LINK TL-R460
• TP-LINK TL-WR741ND v2.0
• TP-LINK TL-WR700N
• TP-LINK TL-WR740N
• TP-LINK TL-WA801N
• TP-LINK TL-WR541G
• TP-LINK TL-WR1043ND
• TP-LINK TD-W8960N
• TP-Link TL-WR941ND
• TP-Link TL-MR3220
• TP-Link TL-WR642G
• TP-Link TL-WDR3320
• TP-Link TD-W8970
• Belkin N+ (F5D8236uk4)
• Mercury MW54R
• Netgear DG632
• Netgear Wireless Cable Voice Gateway CG3000/CG3100
• Netcomm NB6W
• Aztech DSL605EW
• Comtrend CT-5072T ADSL2+ modem/router
• Small Business RV042
• Intelbras WRN240
• ipTIME N604V
• Linksys WRV200 

  

Download RouterPassView

Read More

Hidden File Finder v3.0 - Free Tool to Find and Unhide/Remove all the Hidden Files

Hidden File Finder is the free software to quickly scan and discover all the Hidden files on your Windows system.

It performs swift multi threaded scan of all the folders parallely and quickly uncovers all the hidden files. It automatically detects the Hidden Executable Files (EXE, DLL, COM etc) and shows them in red color for easier identification. Similarly 'Hidden Files' are shown in black color and 'Hiddden Folders' are shown in blue color.

One of its main feature is the Unhide Operation. You can select one or all of the discovered Hidden files and Unhide them with just a click. Successful 'Unhide operations' are shown in green background color while failed ones are shown in yellow background.

New version v2.0 features Settings dialog to fine tune the scanning operation. Also added right click context menu to quickly perform tasks such as Unhide, Delete, Open, Scan Online using Google Search/VirusTotal etc.

It is very easy for any user with its cool GUI interface. Particularly, more useful for Penetration testers and Forensic investigators.

It works on both 32-bit & 64-bit platforms starting from Windows XP to Windows 8.

Features

• Free, Easy to use GUI based Software
• Fast multi threaded Hidden File finder to quickly scan entire computer, drive or folder.
• Unhide all the Hidden files with one click.
• Delete the selected file/folder completely
• Scan Online feature to online threat verification (mainly Executable files) using Google Search or VirusTotal.
• Right Click Context Menu to perform quick tasks.
• Settings dialog to fine tune the scanning operation.
• Color based representation of Hidden Files/Folders/Executable Files and Unhide operations.
• Sort feature to arrange the Hidden files based on name/size/type/date/path
• Detailed hidden file scan report in HTML format
• Fully portable and can be run from anywhere
• Also includes Installer for local installation/un-installation      

Download Hidden File Finder v3.0

Read More

Kvasir - Penetration Testing Data Management Tool

Penetration Testing Data Management can be a nightmware, because well you generate a LOT of data and some information when conducing a penetration test, especially using tools – they return lots of actual and potential vulnerabilitites to review. Port scanners can return thousands of ports for just a few hosts. How easy is it to share all this data with your co-workers?

Features

That’s what Kvasir is here to help you with. Here’s what you’ll need to get started:

• The latest version of web2py
• A database (PostgreSQL known to work)
• A network vulnerability scanner (Nexpose/Nmap supported)
• Additional python libraries
• Kvasir is a web2py application and can be installed for each customer or task.

Tools Supported

At current release, Kvasir directly supports the following tools:

• Rapid7 Nexpose Vulnerability Scanner
• Nmap Security Scanner
• Metasploit Pro (limited support for Express/Framework data)
• ShodanHQ
• ImmunitySec CANVAS
• THC-Hydra
• Foofus Medusa
• John The Ripper

This design keeps data separated and from you accidentally attacking or reviewing other customers.

This tool was developed primarily for the Cisco Systems Advanced Services Security Posture Assessment (SPA) team. While not every method used by the SPA team may directly relate we hope that this tool is something that can be molded and adapted to fit almost any working scenario.

Download Kvasir

Read More

HULK - Web Server DoS Tool

HULK is a web server denial of service tool (DDoS Tool) written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool.

The Hulk Web server is a brainchild of Barry Shteiman. This DDoS attack tool distinguishes itself from many of the other tools out in the wild. According to its creator, the Hulk Web server was born of his conclusion that most available DDoS attack tools produced predictable repeated patterns that could easily be mitigated. The principle behind the Hulk Web server is that a unique pattern is generated at each and every request, with the intention of increasing the load on the servers as well as evading any intrusion detection and prevention systems.

Some Techniques

• Obfuscation of Source Client – this is done by using a list of known User Agents, and for every request that is constructed, the User Agent is a random value out of the known list
• Reference Forgery – the referer that points at the request is obfuscated and points into either the host itself or some major prelisted websites.
• Stickiness – using some standard Http command to try and ask the server to maintain open connections by using Keep-Alive with variable time window
• no-cache – this is a given, but by asking the HTTP server for no-cache , a server that is not behind a dedicated caching service will present a unique page.
• Unique Transformation of URL – to eliminate caching and other optimization tools, I crafted custom parameter names and values and they are randomized and attached to each request, rendering it to be Unique, causing the server to process the response on each event.

Download Hulk

Read More

FakeNet - Windows Network Simulation tool for Malware Analysis

FakeNet is a tool that aids in the dynamic analysis of malicious software.  The tool simulates a network so that malware interacting with a remote host continues to run allowing the analyst to observe the malware’s network activity from within a safe environment.  The goal of the project is to:

1. Be easy to install and use; the tool runs on Windows and requires no 3rd party libraries
2. Support the most common protocols used by malware
3. Perform all activity on the local machine to avoid the need for a second virtual machine
4. Provide python extensions for adding new or custom protocols
5. Keep the malware running so that you can observe as much of its functionality as possible
6. Have a flexible configuration, but no required configuration

The tool is in its infancy of development.  We started working on the tool in January 2012 and we intend to maintain the tool and add new and useful features.  If you find a bug or have a cool feature you think would improve the tool please contact us.

Features

• Supports DNS, HTTP, and SSL
• HTTP server always serves a file and tries to serve a meaningful file; if the malware request a .jpg then a properly formatted .jpg is served, etc.  The files being served are user configurable.
• Ability to redirect all traffic to the localhost, including traffic destined for a hard-coded IP address.
• Python extensions, including a sample extension that implements SMTP and SMTP over SSL.
• Built in ability to create a capture file (.pcap) for packets on localhost.
• Dummy listener that will listen for traffic on any port, auto-detect and decrypt SSL traffic and display the content to the console.

Demo Video

Click here to watch a demo of version 0.9 of the tool in action.

How it works

FakeNet uses a variety of Windows and third party libraries.  It uses a custom HTTP and DNS server to respond to those request.  It uses OpenSSL to wrap any connection with SSL.  It uses a Winsock Layered Service Provider (LSP) to redirect traffic to the localhost and to listen for traffic on new ports.  It uses python 2.7 for the python extensions.  And, it creates the .pcap file by reconstructing a packet header based on the traffic from send/recv calls.

Download FakeNet

Read More

OWASP ZAP 2.3.0.1 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. 

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

Some of ZAP's functionality: 

• Intercepting Proxy
• Traditional and AJAX spiders
• Automated scanner
• Passive scanner
• Forced browsing
• Fuzzer
• Dynamic SSL certificates
• Smartcard and Client Digital Certificates support
• Web sockets support
• Authentication and session support
• Powerful REST based API
• Support for a wide range of scripting languages
• Automatic updating option
• Integrated and growing marketplace of add-ons

Some of ZAP's features: 

• Open source
• Cross platform
• Easy to install (just requires java 1.7)
• Completely free (no paid for 'Pro' version)
• Ease of use a priority
• Comprehensive help pages
• Fully internationalized
• Translated into a dozen languages
• Community based, with involvement actively encouraged
• Under active development by an international team of volunteers

It supports the following languages: 

• English
• Arabic
• Albanian
• Brazilian Portuguese
• Chinese
• Danish
• Filipino
• French
• German
• Greek
• Indonesian
• Italian
• Japanese
• Korean
• Persian
• Polish
• Russian
• Spanish 

Download OWASP ZAP 2.3.0.1

Read More

Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)

• A checker (site and tool) for CVE-2014-0160: https://github.com/FiloSottile/Heartbleed
• ssltest.py: Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford http://pastebin.com/WmxzjkXJ
• SSL Server Test https://www.ssllabs.com/ssltest/index.html
• Metasploit Module: https://github.com/rapid7/metasploit-framework/pull/3206/files
• Nmap NSE script: Detects whether a server is vulnerable to the OpenSSL Heartbleed: https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse
• Nmap NSE script: Quick'n'Dirty OpenVAS nasl wrapper for ssl_heartbleed based on ssl_cert_expiry.nas https://gist.github.com/RealRancor/10140249
• Heartbleeder: Tests your servers for OpenSSL: https://github.com/titanous/heartbleeder?files=1
• Heartbleed Attack POC and Mass Scanner: https://bitbucket.org/fb1h2s/cve-2014-0160
• Heartbleed Honeypot Script: http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt

Read More

Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics.

PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without loosing the essens in the DNS answer.

Example output from version 1.0.0->Current in the log file (/var/log/passivedns.log):

#timestamp||dns-client ||dns-server||RR class||Query||Query Type||Answer||TTL||Count
1322849924.408856||10.1.1.1||8.8.8.8||IN||upload.youtube.com.||A||74.125.43.117||46587||5
1322849924.408857||10.1.1.1||8.8.8.8||IN||upload.youtube.com.||A||74.125.43.116||420509||5
1322849924.408858||10.1.1.1||8.8.8.8||IN||www.adobe.com.||CNAME||www.wip4.adobe.com.||43200||8
1322849924.408859||10.1.1.1||8.8.8.8||IN||www.adobe.com.||A||193.104.215.61||43200||8
1322849924.408860||10.1.1.1||8.8.8.8||IN||i1.ytimg.com.||CNAME||ytimg.l.google.com.||43200||3
1322849924.408861||10.1.1.1||8.8.8.8||IN||clients1.google.com.||A||173.194.32.3||43200||2

Download Passivedns

Read More

PyHttpShell - Python HTTP Shell

PyHttpShell is a shell written in python, traffic is over http protocol using a server in the middle.

Video: https://vimeo.com/91085876

Features

• Transport over HTTP/HTTPS.
• Supports System Proxy Settings.
• Multiple Hosts/Connections.
• Download files to client machine.
• Change Sleep time remotely.
• Works on Win/MAC/Linux

Download PyHttpShell

Read More

Sysdig - Linux System Troubleshooting Tool

Sysdig is open source, Linux System Troubleshooting Tool: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a little Lua cherry on top.

Sysdig was born from a team’s constant frustration. System level troubleshooting is just way more of a pain than it should be — especially in distributed, virtualized, and cloud-based environments. So they took the lessons they learned while building network monitoring tools like WinPCap and Wireshark and created a new kind of system troubleshooting tool for Linux.

Sysdig captures system calls and other system level events using a linux kernel facility called tracepoints, which means much less overhead than strace.

It then “packetizes” this information, so that you can save it into trace files and filter it, a bit like you would do with tcpdump. This makes it very flexible to explore what processes are doing.

Sysdig is also packed with a set of scripts that make it easier to extract useful information and do troubleshooting.

Download Sysdig

Read More

Scout - Download and analyze webpage components to identify infected files

Uses the Pinpoint engine to download and analyze webpage components to identify infected files. Scout has a built-in HTTP Request Simulator that will render user-specified HTML files, catch the resulting HTTP requests, then drop the responses. Scout includes the ability to screenshot the webpage using PhantomJS (download PhantomJS and copy the .exe to the same folder as Scout). Use Scout in a VM since it could potentially cause your computer to become infected.

Download Scout

Read More

Mylar - Platform for building secure web applications

Web applications rely on servers to store and process confidential information. However, anyone who gains access to the server (e.g., an attacker, a curious administrator, or a government) can obtain all of the data stored there. Mylar protects data confidentiality even when an attacker gets full access to servers. Mylar stores only encrypted data on the server, and decrypts data only in users' browsers. Simply encrypting each user's data with a user key does not suffice, and Mylar addresses three challenges in making this approach work. First, Mylar allows the server to perform keyword search over encrypted documents, even if the documents are encrypted with different keys. Second, Mylar allows users to share keys and data securely in the presence of an active adversary. Finally, Mylar ensures that client-side application code is authentic, even if the server is malicious. Results with a prototype of Mylar built on top of the Meteor framework are promising: porting 6 applications required changing just 35 lines of code on average, and the performance overheads are modest, amounting to a 17% throughput loss and a 50 msec latency increase for sending a message in a chat application.

Download Mylar

Read More

Agnitio - Manual Security Code Review Tool

A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.

The major changes in v2.1 are listed below:

• Windows x64 support
• Automatically decompile Android .apk application to easily analyse the apps source code
• Application profiles now have an application type of either web or mobile which allows only relevant checklist items to be displayed during the security code review
• Create new checklist questions and mark them as web or mobile
• C# and Java rules from the OWASP Code Crawler project have been imported into the Agnitio database and linked to relevant checklist questions

Download Agnitio v2.1

Read More

SNMPCheck - Enumerate the SNMP devices

 Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on "Athena-2k" script by jshaw.

Features

snmpcheck supports the following enumerations:

•  contact
• description
• detect write access (separate action by enumeration)
• devices
• domain
• hardware and storage informations
• hostname
• IIS statistics
• IP forwarding
• listening UDP ports
• location
• motd
• mountpoints
• network interfaces
• network services
• processes
• routing information
• software components
• system uptime
• TCP connections
• total memory
• uptime
• user accounts

Download SNMPCheck

Read More

Linkedin Password Decryptor - Linkedin Password Recovery Software

Linkedin Password Decryptor is the all-in-one software to recover Linkedin passwords stored by popular Web Browsers.

 

These days, most of the web browsers store the website login passwords to prevent hassale of entering the password again and again. Each web browser use their own encryption mechanism and storage methods to securely store these login passwords including your Linkedin account passwords.

'Linkedin Password Decryptor' automatically crawls through each of these browsers installed on your system and instantly recovers all the stored Linkedin account password.

It has both GUI and command line interface in one tool making it useful for Penetration testers & Forensic investigators.

It works on wide range of platforms starting from Windows XP to latest operating system Windows 8.

Download Linkedin Password Decryptor v3.5 

Read More