Archive for the ‘Pentesting’ Category

DSploit Android Toolkit for Security Testing

dSploit is a very comfortable tool that you can install on Android to run a pentest or network security assessment. The toolkit allows fingerprinting the remote operating systems and identifying different hosts, scans the network for system vulnerabilities and performing MITM to sniff sensitive information such as user’s password. The features included in dSploit are: [...]

Share

Watcher Web passive vulnerability scanner

Web applications are one of the most targeted systems as they are directly exposed to internet. There is no web server without serious vulnerabilities, it is enough that you open exploit DB where you will find how it is simple to exploit vulnerable CMS or web applications. Hackers are often searching and having those bugs [...]

Share

Kali Linux Advanced Offensive Distribution

The penetration testing distribution BackTrack has changed its name to Kali and moved from Ubuntu based operating system to Debian. Kali can be used for penetration testing and security assessment different systems. It is completely similar to what BackTrack provides but with changes to tools and operating system.  Features of this distribution: More than 300 [...]

Share

Weevely 1.1 – PHP Webshell

Weevely – is a PHP webshell that provides SSH connection to manage website remotely. it can be used as a backdoor system to PoC during a pentest or a web shell to manage legit web accounts. The shell consists of more then 30 modules to automate both administrative and post-operational tasks including: Execute commands and [...]

Share

BackBox 3.05 – Penetration Testing Distribution!

Over this week the Linux Foundation announced a new distribution for BackBox Linux 3.05, which contains the kernel of Linux 3.2. This distribution is similar to backtrack and comes to test the security level of a system. According to the developers, the operating system, which became the basis for Ubuntu 12.04, comes with a set [...]

Share

HookME 0.2 – API Spying Tool

Hooking API calls on operating system allows to intercept useful information, new release of HookMe have been issued to add more stability to the application , a way to choose what API functions to hook and some fixes to the program. HookMe provides a nice graphic user interface allowing you to change the packet content [...]

Share

Scylla – Framework for Penetration Testing

Scylla is another tool that you can use for penetration testing protocols used by different applications. Scylla works with three basic stages, the pre-hack stage where the tool can readily obtain information about the remote application without resorting to brute-force attacks (something like enumeration). Here is where anti-anti-Brute Force techniques are implemented, such as getting [...]

Share