Windows
Scuba
31 January, 2014 - 10:54 — cisc0ninjaScuba is a free tool that scans leading enterprise databases for security vulnerabilities and configuration flaws, including patch levels. Reports deliver actionable information to quickly reduce risk, and regular vulnerability updates ensure that Scuba keeps pace with new threats.
Scuba offers nearly 1,200 tests that can be run without experiencing downtime or performance degradation because Scuba does not exploit the vulnerabilities it finds. From configuration flaws such as weak passwords, to known security risks and missing critical patches, Scuba delivers a snapshot analysis of the security posture of your databases and database infrastructure.
Use Scuba to:
Automate vulnerability discovery
Secure infrastructure and measure compliance
Prioritize risk and focus remediation resources
Safely test enterprise class databases
(this tool would be better if there wasn't a "register your email for a download link")
DAVOSET
31 January, 2014 - 10:27 — cisc0ninja(Translation provided by google)
DDoS attacks via other sites execution tool (DAVOSET) - a tool for use by Abuse of Functionality and XML External Entities vulnerabilities at some sites for attacks on other sites (including DoS and DDoS attacks). Which was developed by me in 2010.
On these attacks, I wrote the article sites use to attack other sites . In the article the effectiveness of the attacks on sites through the use of other sites I announced DAVOSET and explored the effectiveness of these attacks. I also wrote about the benefits of these attacks .
This tool is written in perl.
# DAVOSET v.1.1.4
# Tool for conducting of DDoS attacks on the sites via other sites
# Copyright (C) MustLive 2010-2013
# Last update: 03.12.2013
# <a href="Http://websecurity.com.ua<br />
#" title="Http://websecurity.com.ua<br />
#">Http://websecurity.com.ua<br />
#</a> # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Program summary
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
SSH Back
31 January, 2014 - 10:20 — cisc0ninjaSSH Back is a set of shell scripts that assist you in shuffling an ssh connection over socat and ssl.
.-----.-----.| |--.| __ \.---.-.----.| |--.
|__ --|__ --|| || __ <| _ | __|| <
|_____|_____||__|__||______/|___._|____||__|__|
Copyright (C) 2014
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Have you ever needed to have access to an ssh server from behind
a NAT'ed firewall? Now you can. SSHBack allows you to have reverse
ssh connections connect back to you.
Made from 100% FOSS recycled materials, this software is made to
withstand the most demanding conditions, including, but not
limited to: __FILL_IN_BLANK_HERE__
(For amusement purposes only. Do not abuse or misuse this product.
Do not ruin anyone's day with this software, please!)
sshback client machine: has openssh-server on
sshback sever machine: has openssh-client on
NOTE: "Server_Common_Name" must be able to DNS resolve
on the client machine, e.g.
$ host <a href="http://www.servercommonname.com<br />
www.servercommonname.com" title="www.servercommonname.com<br />
www.servercommonname.com">www.servercommonname.com<br />
www.servercommonname.com</a> has address xxx.xxx.xxx.xxx
run
$ ./sshback_make_certs.sh
to make all the certs
then move client.pem, server.crt, and sshback_client.sh to the
machine with openssh-server installed
make sure 'socat' is installed
chmod +x sshback_client.sh
miranda
20 January, 2014 - 13:27 — cisc0ninjaMiranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities. Some of its features include:
Interactive shell with tab completion and command history
Passive and active discovery of UPNP devices
Customizable MSEARCH queries (query for specific devices/services)
Full control over application settings such as IP addresses, ports and headers
Simple enumeration of UPNP devices, services, actions and variables
Correlation of input/output state variables with service actions
Ability to send actions to UPNP services/devices
Ability to save data to file for later analysis and collaboration
Command logging
Miranda v1.3
The interactive UPnP client
Craig Heffner, http://www.devttys0.com
Command line usage: miranda.py [OPTIONS]
-s Load previous host data from struct file
-l Log user-supplied commands to log file
-i Specify the name of the interface to use (Linux
only, requires root)
-b Process commands from a file
-u Disable show-uniq-hosts-only option
-d Enable debug mode
-v Enable verbose mode
-h Show help
Alucard
20 January, 2014 - 13:24 — cisc0ninjaAlucard is a UPnP port redirection application that allows a user to open ports on a UPnP enabled router.
To build first install MiniUpnpc from http://miniupnp.tuxfamily.org/
Then type "make"
Then run "./alucard 192.168.1.200 1044" to redirect all traffic from port 1044/TCP outside the NAT to port 1044/TCP on 192.168.1.200
dnsgrep
20 January, 2014 - 12:58 — cisc0ninjaDNS hostname enumerator tool using zone transfer.
dnsgrep v0.16 beta by geinblues ( [email protected] ) usage : ./dnsgrep -d *ta
rget domain -m *
dictionary mode:
-D
-sS : stealth mode
-sN : normal mode
-sQ : quick mode
-o
Capstone
16 January, 2014 - 16:27 — cisc0ninjaCapstone is a lightweight multi-platform, multi-architecture disassembly framework.
Multiple architectures
Capstone is one of a very few disassembly frameworks that can support multi-architectures. So far, it can handle 4 most important architectures: ARM, ARM64 (aka ARMv8/AArch64), Mips & X86. More will be added in the future when possible.
Updated
As far as we are aware, in all 4 architectures, Capstone can handle more instructions than other frameworks. Especially, it even supports most modern CPU extensions & is guaranteed to remain updated in the future.
Clean, simple & intuitive architecture-neutral API
Clean & intuitive is the key principle in designing the API for Capstone. The interface has always been as simple as possible. It would take a new user just few minutes to understand & start writing his own tool based on available samples accompanying Capstone source code.
Even better, the API is independent of the hardwares, so your analysis tool can work in the same way across all the architectures.
Detailed instruction information
Capstone breaks down instruction information, making it straightforward to access to instruction operands & other internal instruction data.
This feature is called “decomposer” by some alternatives, but Capstone is the only framework having this across all the architectures, in seamless way.
Instruction semantics
Capstone provides some important semantics of the disassembled instruction, such as list of implicit registers read & written, or if this instruction belongs to a group of instructions (such as ARM Neon group, or Intel SSE4.2 group). Now writing your own machine code normalization becomes easier than ever.
Zero barrier
Implemented in pure C language, Capstone is easy to be adopted for your low-level tool. Furthermore, lightweight & efficient bindings for popular languages such as Python, Ruby, OCaml, C#, Java & Go are also available.
Vega Web Security Scanner
16 January, 2014 - 11:43 — cisc0ninjaVega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.
Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript.
Core:
Automated Crawler and Vulnerability Scanner
Consistent UI
Website Crawler
Intercepting Proxy
SSL MITM
Content Analysis
Extensibility through a Powerful Javascript Module API
Customizable alerts
Database and Shared Data Model
Modules:
Cross Site Scripting (XSS)
SQL Injection
Directory Traversal
URL Injection
Error Detection
File Uploads
Sensitive Data Discovery
Hook Analyser Malware Tool
16 January, 2014 - 11:35 — cisc0ninjaMalware Analyser is a freeware tool to perform static and dynamic analysis of the malwares.
Author: Beenu Arora
The features are:
String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.
Display detailed headers of PE with all its section details, import and export symbols etc.
On distros, can perform an ASCII dump of the PE along with other options (check –help argument).
For windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
ASCII dump on windows machine.
Code Analysis (disassembling)
Online malware checking (www.virustotal.com)
Check for Packer from the Database.
Tracer functionality: Can be used to identify
Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.
Signature Creation: Allows to create signature of malware.
Batch Mode Scan to Scan all DLL and Exe in directories and sub-directories
Recent updates:
--Added Traces signatures
--Improved parsing
--Added ThreatExpert for online scanning option
--Packed libraries onto single executable
--Improved Traces signatures
Tunna
26 December, 2013 - 17:36 — cisc0ninjaTunna is a tool designed to bypass firewall restrictions on remote webservers. It consists of a local application (supporting Ruby and Python) and a web application (supporting ASP.NET, Java and PHP).
Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on the remote web server or any other server in the DMZ. The local application communicates with the webshell over the HTTP protocol. It also exposes a local port for the client application to connect to.
Since all external communication is done over HTTP it is possible to bypass the filtering rules and connect to any service behind the firewall using the webserver on the other end.
Tunna framework
Tunna framework comes witht he following functionality:
SECFORCE - penetration testing Ruby client - proxy bind: Ruby client proxy to perform the tunnel to the remote web application and tunnel TCP traffic.
SECFORCE - penetration testing Python client - proxy bind: Python client proxy to perform the tunnel to the remote web application and tunnel TCP traffic.
SECFORCE - penetration testing Metasploit integration module, which allows transparent execution of metasploit payloads on the server
SECFORCE - penetration testing ASP.NET remote script
SECFORCE - penetration testing Java remote script
SECFORCE - penetration testing PHP remote script
Author
Tunna has been developed by Nikos Vassakis.
