Showing posts with label Audit. Show all posts
Showing posts with label Audit. Show all posts

Tuesday, April 2, 2013

[360-FAAR v0.4.1] Firewall Analysis Audit And Repair


360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file!

Changes: This release adds the 'mergelog' mode to merge binary log entries from one config with another and significantly updates the user interface. All configs can be loaded from the 'load' menu instead of specifying them on the command line. Added 'verbose' switches to 'print' and 'rr' modes so that screen output can be switched off, and all 'end.' key words have been changed to simply '.' to reduce the number of keystrokes needed. Entering '0' now adds all options and '.' chooses the default if available. The Netscreen output stage now uses a default zone if none are specified.
Read Policy and Logs for:
Checkpoint FW1 (in odumper.csv / logexport format),
Netscreen ScreenOS (in get config / syslog format),
Cisco ASA (show run / syslog format),

360-FAAR uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalisation at the same time as removing unused connectivity.

360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to seamlessly move rules to where you need them.

Download 360-FAAR Firewall Analysis Audit And Repair 0.4.1



Posted by at No comments:
Labels: , , , , , , , , ,

Sunday, January 20, 2013

[DllHijackAuditor] Smart Tool to Audit the Dll Hijacking Vulnerability



Dll Hijack Auditor is the smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application.

This is one of the critical security issue affecting almost all Windows systems. Though most of the apps have been fixed, but still many Windows applications are susceptible to this vulnerability which can allow any attacker to completely take over the system.

DllHijackAuditor helps in discovering all such Vulnerable Dlls in a Windows application which otherwise can lead to successful exploitation resulting in total compromise of the system.

With its simple GUI interface DllHijackAuditor makes it easy for anyone to instantly perform the auditing operation. It also presents detailed technical Audit report which can help the developer in fixing all vulnerable points in the application.

DllHijackAuditor is a standalone portable application which also comes with Installer for local Installation & Uninstallation of software.

It works on wide range of platforms starting from Windows XP to latest operating system, Windows 8.

Features
Here are some of the smart features of DllHijackAuditor,
  • Directly & Instantly audit any Windows Application.
  • Allows complete testing to uncover all Vulnerable points in the target Application
  • Smart Debugger based 'Interception Engine' for consistent and efficent performance without intrusion.
  • Support for specifying as well as auditing of application with custom & multiple Extensions.
  • Timeout Configuration to alter the waiting time for each Application.
  • Generates complete auditing report (in HTML format) about all vulnerable hijack points in the Application.
  • GUI based tool, makes it easy for anyone with minimum knowledge to perform the auditing operation.
  • Does not require any special privilege for auditing of the application (unless target application requires)
  • Free from Antivirus as it does not use any shellcodes or exploit codes which trigger Antivirus to terminate the operation.
  • Fully portable tool which can be run directly on any system.
  • Support for local Installation and uninstallation of the software.    



Video Demonstrations
Here is the short Video demonstration of DllHijackAuditor auditing the Wireshark for Dll Hijack Vulnerability.
Here is another short video on detecting 'Slow Dll Hijack' vulnerability using DllHijackAuditor
Screenshots
Here are the screenshots of DllHijackAuditor in action showing various phases of Auditing operation.
 Screenshot 1: DllHijackAuditor ready for the auditing operation
DllHijackAuditor
Screenshot 2: DllHijackAuditor after the completion of Phase 1 (Vulnerability Testing) of auditing operation of WireShark.exe
DllHijackAuditor
Screenshot 3: DllHijackAuditor after the completion of Phase 2 (Exploitation) of auditing operation of WireShark.exe
DllHijackAuditor
Screenshot 4: Complete Audit report generated by DllHijackAuditor as last phase of auditing operation of WireShark.exe
DllHijackAuditor





Download
FREE Download Dll Hijack Auditor v3.0
  
License  : Freeware
Platform : Windows XP, 2003, Vista, Windows 7, Windows 8

Download 
Posted by at No comments:
Labels: , , , , ,

Sunday, November 4, 2012

[Cookie Cadger] v.0.9

An auditing tool for Wi-Fi or wired Ethernet connections 

Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.


Cookie Cadger works on Windows, Linux, or Mac, and requires Java 7. Using Cookie Cadger requires having “tshark” – a utility which is part of the Wireshark suite, to be installed. Usually simply installing Wireshark will be sufficient. Additionally, to capture packets promiscuously requires compatible hardware. Capturing Wi-Fi traffic requires hardware capable of monitor mode, and the knowledge of how to place your device into monitor mode.

Download
Posted by at No comments:
Labels: , , , , , , ,

Friday, November 2, 2012

[Scylla] v1 Penetration Testing Tool - Because there's no patch for human stupidity

Scylla+v1+Penetration+Testing+Tool

When there's no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works.

Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs dynamically. Scylla aims to be a better tool for security auditors, extremely fast, designed based on real scenarios, developed by experienced coders and constructed with actual IT work methods.
The words “Configuration Tracer” are the best definition for Scylla, a tool to help on IT audits. Scylla is a tool to audit different online application protocols and configurations, built over a brute-force core.

This tool acts as a tool for unifying auditing techniques, in other words, it does what oscanner, winfingerprint, Hydra, DirBuster, and other tools do, and also what those tools don't do.


Supported Protocols


  • Terminal (Telnet, SSH, telnets)
  • FTP (FTPS, FTP, SFTP)
  • SMB (Also Windows RPC)
  • LDAP
  • POP3 (POP3S)
  • SMTP (SMTPS)
  • IMAP
  • MySql
  • MSSQL
  • Oracle (Database and TNS Listener)
  • DB2 (Database and DAS)
  • HTTP(HTTPS; Basic AUTH Brute Force, Digest AUTH Brute Force, Form Brute Force, Directory and files Brute Force)
  • DNS (DNS snooping)
  • Postgres SQL
Basic features:
- User, password list based Brute force
- Multiple hosts support
- Multiple session support
- Nmap integration
- Non-synchronized threads (proof to be a bit faster)
- Ability to restore sessions
- Session auto-saving (based on SQL Server CE)
- Easy to use
- Auto configured options
- Hacker oriented
- Free, and always free
- Database browser (who have hacked a DB and don’t have a DB client to connect to it- And worse if you don’t have internet)
- Open source tool

Screen Shots, lots of screen shots
Scylla 
 AboutMSSQLReport 
 NmapWrapper 
 AfterNmapWrapper 
 DB2 
 DB2DBBrowse FTP HTTP MSSQL MSSQLExec MySQL Oracle 
 Postgres 
 ReportViewerOracle 
 SMB 
 SMTP 
 DBBrowserResults
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)