< Prev 1 2 3 4 5 6 7 8 9 10 11 Next >
Category: Auditing » Host
WebSleuth is an early Alpha release of what will be the first tool of the black-box testing toolkit, and is built to help a user manually understand various security issues of his / her system. It is not intended to replace or compete with commercial tools, and there is certainly no shiny red-button automating attacks. However it is an investigative learning tool that with some patience and knowledge, helps you to find and learn about issues you may have in your web applications. It is written to allow people to code plug-ins for specific issues and this release has a form validation plug-in as a demonstration. We currently have plug-ins for SQL Injection being developed by Chip Andrews from SQLSecurity.com, and Session ID prediction being developed by Dave Endler from iDefense.com.
The Leviathan Auditor is an enumeration and penetration testing tool which runs on and against Microsoft machines. It dumps Users, Groups, Services, Shares, Transport devices and MAC addresses over port 139 or 445. It enumerates RPC portmapper entries over port 135 and also tries to exploit MS SQL servers if it is presented. With its built-in SQL Server exploit you can execute remote commands as Local System. Source code is freely available on demand.
Oracle Auditing Tools
The Oracle Auditing Tools are to be run against Oracle servers on the Microsoft Windows platform. The OAT use CREATE LIBRARY to be able to access the WinExec function in the kernel32.dll. Having access to this function makes it possible to execute anything on the server with same permissions as the user who has started the Oracle Service. So basicaly all accounts with default passwords, or easy guessable password, having this privelege can do this The OAT have a builtin TFTP server for making file transfers easy. The tftp server is based on the server source from www.gordian.com. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
pcAudit is a security evaluation program, for personal computers, developed by Internet Security Alliance, to allow any PC user to determine whether their personal computer is vulnerable to outside intruders. This might be the case even if you are behind a corporate or a personal firewall.
capsel is a Linux kernel 2.2.x module designed to increase system security. It works with Linux capabilities and decreases number of suid binaries and daemons working with root privileges. It prevents breaking the chroot jail even for privileges processes. It also does additional security checks before executing new binaries to prevent users from taking control of their execution.
SQL Auditing Tools
SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server. The tools are still in development but tend to be quite stable. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. The tool temporarily restores the xp_cmdshell if it is removed and the dll is still left on the system. SQLAT works over port 1433, it doesn't do named pipes. It doesn't do integrated security either. This because it is based on the FreeTDS driver from www.freetds.org.
The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
userinfo, scan netbios informations (accounts, bf password check, scan c-subnets etc..)
Instructor is a 32 bit instruction set auditor. By sequentially executing every 32 Bit OpCode, one can find instructions that might have adverse effects on operating environments. For example, Instructor was used to find the non-privileged halt instruction
Browse by category