Unix

OpenBSD, FreeBSD, Solaris, and/or other Unix variants

Jack

Overview:

Jack is a web based ClickJacking PoC development assistance tool.
Jack makes use of static HTML and JavaScript.
Jack is web based and requires either a web server to serve its HTML and JS content or can be run locally. Typically something like Apache will suffice but anything that is able to serve HTML content to a browser will do. Simply download Jack's contents and open "index.html" with your browser locally and Jack is ready to go.

Zarp

Overview:

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and applications. These tools open up the possibility for very complex attack scenarios on live networks quickly, cleanly, and quietly.

Clusterd

Overview:

clusterd is an open source application server attack toolkit. Born out of frustration with current fingerprinting and exploitation methods, clusterd automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. See the wiki for more information.

Birp

Overview:

BIRP is a tool that will assist in the security assessment of mainframe applications served over TN3270. Much like what BURP and other web application proxies do for web application assessments, BIRP aims to do the same for TN3270 application assessments. And, much like with web applications, being able to see and modify fields that the application developer assumed were neither visible nor modifiable allows security assumptions be bypassed.

In particular, BIRP provides two capabilities for the aspiring TN3270 hacker. The first is that it shows all the data returned by the application in the screen. This includes hidden fields. The second is that it allows fields marked as "protected" aka "non modifiable" to be modified. Depending on how the application has been developed, this can allow application functionality to be modified.

MFSniffer

Overview:
Script to capture unencrypted TSO login credentials

Psikotic

Overview:
PSIKOTIK TSO User Enumerator. A fast TSO user enumerator written in straight python without the need for s3270 or x3270.

It should mostly work on any mainframe. If it doesn't get to the TSO logon screen then you need to sniff a real connection to the mainframe and find out what the hex stream looks like when you type 'TSO1' (for example) and change tso_command to reflect that value.

Yeti

Overview:
SensePost's network footprinting and enumeration tool. You can't pwn what you don't know about.
It is a cross-platform, Java application. It’s predecessor, BidiBlah, was only available on Windows platforms and hopefully with Yeti we can now offer Internet intelligence gathering to everyone.

Pastebin Scraper

Overview:
Originally conceived as a method to enumerate various pastebins (slexy,pastie,pastebin,gisthub) as a response to corelans
pastenum – http://www.corelan.be/index.php/2011/03/22/pastenum-pastebinpastie-enume..., its changed slightly to a more general enumerator.
Pastenum is a ruby application that runs client side to enumerate various bins, this just took it a bit further by putting it in a web application
as mine kept crashing trying to load the previous results.

Pastenum

Overview:
Pastenum is a text dump enumeration tool. It currently searches pastebin.com and pastie.org.

Warvox

Overview:
WarVOX is a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processes audio from each call by using signal processing techniques and without the need of modems.[1] WarVOX uses VoIP providers over the Internet instead of modems used by other war dialers.[2] It compares the pauses between words to identify numbers using particular voicemail systems

Syndicate content