SOLDIERX.COM Nobody Can Stop Information Insemination

Wi-fEye is an automated wirelress penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.

Wifi has three main menus :
Cracking menu: contains attacks that could allow us to crack wifi passwords weather is WEP , WPA or WPA2:
Enable monitor mode
View avalale Wireless Networks
Launch Airodump-ng on a specific AP
WEP cracking: here you can perform a number of attacks to crack WEP passwords :
Interactive packet replay.
Fake Authentication Attack.
Korek Chopchop Attack.
Fragmentation Attack.
Hirte Attack (cfrag attack).
Wesside-ng.

WPA Cracking: here you can perform a number of attacks to crack WPA passwords , this menu is devided into two sections:
launch a brute force attack against a WPS-enabled network to crack WPA/WPA2 without a dictionary.
Obtain handshake: This will automatically attempt to obtain the handshake
Cracking: After obtaining the handshake or if you have the handshake ready then you can attempt to crack it in this section , you can choose to use you wordlist straight away with aircrack-ng or you can add to a table and then crack the password.

MITM: this menu will allow you to do the following Automatically:
Enable IP forwarding.
ARP Spoof.
Launch ettercap (Text mode).
Sniff SSL/HTTPS traffic.
Sniff URLs and send them to browser.
Sniff images.
DNS Spoof.
HTTP Session Hijacking (using Hamster).

Others: this menu will allow you to o the following automatically:
Change MAC Address.
Create a fake access point.
Hijack software updates (using Evilgrade).

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.

Still, the tool remains useful. With the proper reporting in place, you are immediately warned when a new CVE has been released that might match your system. You can then take the appropriate steps (acknowledge report, verify incident, fix package or mark as false positive).

Ip phone Scanning Made Easy (ISME) scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN. It seeks to get the phone's configuration file directly from a TFTP server, enable SIP/SIPS (TCP/UDP), communicate with an embedded Web server and Web server banner, identify the editor by MAC address, and identify potential default login/password combinations which should be changed.

The following libraries are needed:
· LWP::UserAgent; # http://search.cpan.org/~gaas/libwww-perl-
6.03/lib/LWP/UserAgent.pm
· HTML::Parser; # http://search.cpan.org/dist/HTML-Parser/Parser.pm
· Net::Ping; # http://search.cpan.org/~smpeters/Net-Ping-2.36/lib/Net/Ping.pm
· Net::Netmask; # http://search.cpan.org/dist/Net-Netmask/
· Net::Subnets;
· Net::TFTP; # http://search.cpan.org/~gbarr/Net-TFTP-0.16/TFTP.pm
· Net::DHCP::Packet; # http://search.cpan.org/~djzort/Net-DHCP-
0.69/lib/Net/DHCP/Packet.pm
· Net::DHCP::Constants; # http://search.cpan.org/~djzort/Net-DHCP-
0.69/lib/Net/DHCP/Constants.pm
· Net::Libdnet::Arp;
· Crypt::SSLeay; #http://search.cpan.org/~nanis/Crypt-SSLeay/SSLeay.pm
· LWP::Protocol::https ; #http://search.cpan.org/~gaas/LWP-Protocol-https-
6.02/lib/LWP/Protocol/https.pm
· Mozilla ::CA;#s http://search.cpan.org/~abh/Mozilla-CA-
20111025/lib/Mozilla/CA.pm
· HTTP::Request::Common; # http://search.cpan.org/~gaas/HTTP-Message-
6.02/lib/HTTP/Request/Common.pm
· Net::Subnets
· Tk; #http://search.cpan.org/~ni-s/Tk-804.027/pod/UserGuide.pod
· Net::RawIP; #http://search.cpan.org/~saper/Net-RawIP-0.25/lib/Net/RawIP.pm
· Net::SSH
· SIP/Digest
Take care, even if libraries are not explicitly declared in the script, there are needed
nonetheless.
Java must be installed on the computer if you intend to use Fuzzing SIP – Protos.

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information, installed packages and possible configuration errors.

This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits.

Using Lynis : Basics
To run Lynis you should meet a few requirements:
- You have to be root (log in as normal user, su to root)
or have equivalent rights (for example by using sudo).
- Have write access to /var/log (for using a log/debug and report file)
- Have write access to /tmp (temporary files)

Depending on the installation or the path you run Lynis from, you can start it with 'lynis' (if installed and the file is available in
your binary path) or 'sh lynis' or './lynis'.

Without parameters, Lynis will give you a valid list of parameters and return back to the shell prompt. At least the '-c' (--check-all) parameter is needed, to start the scan process.

Notes:
- For the update check, outgoing DNS requests should be allowed. Lynis will try to query a TXT record (for example lynis-lv.rootkit.nl).
- Lynis needs write access to /var/log/lynis.log (unless logging is disabled, which disables debugging information as well).

Parameters:
--auditor "Given name Surname"
Assign an auditor name to the audit (report)
--checkall
-c
Start the check
--check-update
Check if Lynis is up-to-date
--cronjob
Run Lynis as cronjob (includes -c -Q)
--help
-h
Shows valid parameters
--manpage
View man page

A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at your own risk!

Features:
Interactive Console
Real Time Passwords Found
Real Time Hosts Enumeration
Tuned Injections & Client Side Attacks
ARP Poisoning & SSL Hijacking
Automated HTTP Report Generator

ATTACKS IMPLEMENTED:
MITM (Arp Poisoning)
Sniffing (With & Without Arp Poisoning)
SSL Hijacking (Full SSL/TLS Control)
HTTP Session Hijaking (Take & Use Session Cookies)
Client Browser Takeover (with Filter Injection in data stream)
Browser AutoPwn (with Filter Injection in data steam)
Evil Java Applet (with Filter Injection in data stream)
DNS Spoofing
Port Scanning

POST ATTACKS DATA OBTAINED:
Passwords extracted from data stream
Pcap file with whole data stream for deep analysis
Session flows extracted from data stream (Xplico & Chaosreader)
Files extracted from data stream
Hosts enumeration (IP,MAC,OS)
URLs extracted from data stream
Cookies extracted from data stream
Images extracted from data stream
List of HTTP files downloaded extracted from URLs

DEPENDENCIES (aka USED TOOLS):
Chaosreader (already in bin folder)
Xplico
Ettercap
Arpspoof
Arp-scan
Mitmproxy
Nmap
Tcpdump
Beef
SET
Metasploit
Dsniff
Macchanger
Hamster
Ferret
P0f
Foremost
SSLStrip
SSLSplit