Web

Anything related to websites

JSwat

JSwat is a graphical Java debugger front-end, written to use the Java Platform Debugger Architecture and based on the NetBeans Platform. JSwat is open-source software and is freely available in both binary and source code form. Its features include sophisticated breakpoints; colorized source code display with code navigator; movable display panels showing threads, call stack, visible variables, and loaded classes; command interface for more advanced features; and Java-like expression evaluation, including method invocation.

TorTunnel

tortunnel is a partial Onion Proxy implementation designed for building single-hop circuits through Tor exit nodes.

Ssldump

ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.

Tinyproxy

Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Designed from the ground up to be fast and yet small, it is an ideal solution for use cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable. Tinyproxy is free software, and is distributed using the GNU GPL license

Sslscan

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

Sslsniff

This tool was originally written to demonstrate and exploit IE's vulnerabilityto a specific "basicConstraints" man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes.

It is designed to MITM all SSL connections on a LAN, and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide.

SSLTest

SSLTest is a command line tool used to test SSL based servers to determine the SSL ciphers and protocols they support. These types of tests are commonly performed during penetration tests and compliance reviews (DSD ISM, PCI-DSS) that include a SSL server in scope. It is a Perl program, that works on Linux, Windows and Mac OS X, and is originally based on Cryptonark by Chris Mahns. It uses OpenSSL to make SSL connections, and test for supported ciphers and protocols.

Weevely Php Backdoor

Weevely is a stealth PHP web shell that simulate an SSH-like connection. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Official website:
http://epinna.github.com/Weevely/

Getting started with a quick Tutorial:
https://github.com/epinna/Weevely/wiki/Tutorial

Or show list of available Modules and backdoor Generators:
https://github.com/epinna/Weevely/wiki/Modules-list
https://github.com/epinna/Weevely/wiki/Generators-list

Main features:
* More than 30 modules to automate administration and post exploitation tasks:
o Execute commands and browse remote filesystem, even with PHP security restriction
o Audit common server misconfigurations
o Run SQL console pivoting on target machine
o Proxy your HTTP traffic through target
o Mount target filesystem to local mount point
o File transfer from and to target
o Spawn reverse and direct TCP shells
o Bruteforce SQL accounts through target system users
o Run port scans from target machine
o And so on..

* Backdoor communications are hidden in HTTP Cookies
* Communications are obfuscated to bypass NIDS signature detection
* Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection

Weevely author keep Dissecting, a security related blog:
http://disse.cting.org/

Phantom JS

PhantomJS is a headless WebKit with JavaScript API. It has fast and native support for various web standards: DOM handling, CSS selector, JSON, Canvas, and SVG. It works like a web proxy that allows you to view and edit DOM, CSS, JSON and other code.

SSLsplit

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. SSLsplit removes HPKP response headers in order to prevent public key pinning.

Usage
% sslsplit -h
Usage: sslsplit [options...] [proxyspecs...]
-c pemfile use CA cert (and key) from pemfile to sign forged certs
-k pemfile use CA key (and cert) from pemfile to sign forged certs
-C pemfile use CA chain from pemfile (intermediate and root CA certs)
-K pemfile use key from pemfile for leaf certs (default: generate)
-t certdir use cert+chain+key PEM files from certdir to target all sites
matching the common names (non-matching: generate if CA)
-O deny all OCSP requests on all proxyspecs
-P passthrough SSL connections if they cannot be split because of
client cert auth or no matching cert and no CA (default: drop)
-g pemfile use DH group params from pemfile (default: keyfiles or auto)

Syndicate content