Posts Tagged ‘penetration testing’

New release Kali Linux 1.0.8

New release have been announced for Kali Linux a distribution that include more then 300 penetration testing tools. the new version is  Kali Linux 1.0.8 and allow user to have the full system embedded in a USB device. This will help to simplify the usage so you don’t need to install the system or use [...]

Share

iRET – iOS Reverse Engineering Toolkit

iRET is an open source tool that you can use to analyze and evaluate iOS applications. The toolkit includes the following features: Binary Analysis where you can check the binary encryption , architecture of the application and if it has stack-smashing protection enabled. Keychain Analysis this to analyze the keychain contents, including passwords, keys, certificates [...]

Share

DSploit Android Toolkit for Security Testing

dSploit is a very comfortable tool that you can install on Android to run a pentest or network security assessment. The toolkit allows fingerprinting the remote operating systems and identifying different hosts, scans the network for system vulnerabilities and performing MITM to sniff sensitive information such as user’s password. The features included in dSploit are: [...]

Share

Surku – mutation-based fuzzer

Fuzz testing is widely used in auditing application by providing some invalid or random data to see how the application will be working with such behavior. The testing usually is automated using some open source program that may assist in fuzzing and monitoring the application in case of crash. One of the tools that you [...]

Share
iOS

Snoop-it tool to assist security assessments and dynamic analysis of iOS Apps

iOS applications may contain security risk that expose user’s sensitive information to attackers. Auditing programs used on mobile devices is important to make sure that they are safe and do not contain security vulnerabilities. Snoop-it is a tool that you can consider for analyzing mobile applications and debugging the software packages. Some of the features [...]

Share

XSS ChEF -Chrome Extension Exploitation Framework

XSS ChEF – is a Chrome Extension Exploitation Framework that you can use during penetration testing to execute scripts in particular vulnerable website with cross site scripting (XSS), take screenshots of the tabs to track browsing history and cookies or checking bookmarks and even change the proxy settings. Main features include the following: Monitor open [...]

Share

Watcher Web passive vulnerability scanner

Web applications are one of the most targeted systems as they are directly exposed to internet. There is no web server without serious vulnerabilities, it is enough that you open exploit DB where you will find how it is simple to exploit vulnerable CMS or web applications. Hackers are often searching and having those bugs [...]

Share