Toolswatch Team NJ OUCHN & MJMJ SOLERSOLER Tools! Lots of Tools Released!

Newsletter - May 2014

ToolsWatch Team NJ OUCHN & MJMJ SOLERSOLER Tools! Lots of Tools Released!

During May 2014, we published 33 Posts with 13 News Tools.

Organized by Date

• Cuckoo Sandbox v1.1 Released • SpiderFoot v2.1.5 Released • SAMHAIN v3.1.1 Released • WPScan v2.4 Released • w3af v1.6 Released • Tor Browser v3.6 Released • Arachni v0.4.7 – Web User Interface v0.4.4 Released • Tails v1.0 – The Amnesic Incognito Live System Released • Lynis v1.5.2 Auditing Tool Released • Nmap v6.46 Released • IPv6 Toolkit v1.5.3 Released • [New Tool] QuatraScan V3000 Web Application Vulnerability Scanner (SaaS) Released • [New Tool] Inception v0.3.5 Beta – Attacking FireWire Devices Released • [New Tool] Parsero v0.71 – Attacking Robots.txt Files Released • [New Tool] DepDep v1.0 Determine Critical Data In Network Sharing – Released • [New Tool] RedoWalker Beta Version Released • [New Tool] argus v3.0.6 – Real Time Flow Monitor Released • [New Tool] Tastic RFID Thief – Proximity Badge Released • Hook Analyser v3.1 Released • Desenmascara.me (unmaskme) PoC Security Awareness Web • APK Binder Script v0.1 Released • NTO Mobile On-Demand Service Released • oclHashcat v1.21 Released • [New Tool] Interactive Network Packet Builder v1.0 • Kali Linux v1.0.7 Released • p0f v3.07b Released • [New Tool] Webfwlog Firewall Log Analyzer v1.0 Released • [New Tool] OWASP PCI Toolkit Beta Version Released • [New Tool] OWASP OWTF – Offensive (Web) Testing Framework v0.45.0 Released • OWASP ZAP v2.3.1 Released • ThreadFix v2.1M1 Released • [New Tool] ByWaf v1.0 – Web Application Penetration Testing Framework Released • [New Tool] Big Iron Recon & Pwnage (BIRP) for Mainframe Released Cuckoo Sandbox v1.1 Released

Cuckoo Sandbox is a malware analysis system. It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.

http://www.toolswatch.org/?p=44036

SpiderFoot v2.1.5 Released

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the footprinting process to the greatest extent possible, freeing up a penetration tester's time to focus their efforts on the security testing itself. SpiderFoot has written in Python and runs on Linux, *BSD and Windows.

http://www.toolswatch.org/?p=44048

SAMHAIN v3.1.1 Released

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.

http://www.toolswatch.org/?p=44055

WPScan v2.4 Released

WPScan is a black box WordPress vulnerability scanner.

http://www.toolswatch.org/?p=44062 w3af v1.6 Released w3af, is a Web Application Attack and Audit Framework. The w3af core and its plugins are fully written in python, it identifies more than 200 vulnerabilities and reduce your site's overall risk exposure. Identify vulnerabilities like SQL Injection, Cross-Site Scripting, Guessable credentials, unhandled application errors and PHP misconfigurations.

http://www.toolswatch.org/?p=44091

Tor Browser v3.6 Released

The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

http://www.toolswatch.org/?p=44106

Arachni v0.4.7 – Web User Interface v0.4.4 Released

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

http://www.toolswatch.org/?p=44115

Tails v1.0 – The Amnesic Incognito Live System Released

Tails, The Amnesic Incognito Live System, is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly.

http://www.toolswatch.org/?p=44117

Lynis v1.5.2 Auditing Tool Released

Lynis is an auditing tool which tests and gathers (security) information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.

http://www.toolswatch.org/?p=44121 Nmap v6.46 Released

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks.

http://www.toolswatch.org/?p=44128

IPv6 Toolkit v1.5.3 Released

A security assessment and troubleshooting tool for the IPv6 protocols.

http://www.toolswatch.org/?p=44144

[New Tool] QuatraScan V3000 Web Application Vulnerability Scanner (SaaS) Released

QuatraScan is a next generation Security as a Service platform provides you with advanced website application security. It discovers, catalogs and scan vast numbers of web applications to ensure the highest level of protection against vulnerabilities and intrusion.

http://www.toolswatch.org/?p=44146

[New Tool] Inception v0.3.5 Beta – Attacking FireWire Devices Released

Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost* any powered on machine you have physical access to. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.

http://www.toolswatch.org/?p=44149

[New Tool] Parsero v0.71 – Attacking Robots.txt Files Released

Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries are the URL path of directories or files hosted on a web server which the administrators don't want to be indexed by the crawlers.

http://www.toolswatch.org/?p=44163 [New Tool] DepDep v1.0 Determine Critical Data In Network Sharing – Released

Depdep is a merciless sentinel which will seek sensitive files containing critical info leaking through your network. Basically, it is a fast and practical sensitive data search tool maintaining personal & commercial data privacy for companies and institutions.

http://www.toolswatch.org/?p=44179

[New Tool] RedoWalker Beta Version Released

RedoWalker is a tool to explore Oracle database transaction logs, otherwise known as redo logs. Any time changes are made to the database server, for example after an INSERT, DELETE or UPDATE, they are recorded in the redo log.

http://www.toolswatch.org/?p=44243

[New Tool] argus v3.0.6 – Real Time Flow Monitor Released

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.

http://www.toolswatch.org/?p=44288

[New Tool] Tastic RFID Thief – Proximity Badge Released

The Tastic RFID Thief is a silent, long-range RFID reader that can steal the proximity badge information from an unsuspecting employee as they physically walk near this concealed device. Specifically, it is targeting 125KHz, low frequency RFID badge systems used for physical security, such as those used in HID Prox and Indala Prox products.

http://www.toolswatch.org/?p=44291 Hook Analyser v3.1 Released

Hook Analyser is a freeware application which allows an investigator/ analyst to perform "static & run-time / dynamic" analysis of suspicious application, also gather (analyse & co- related) threat intelligence related information (or data) from various open sources on the Internet.

http://www.toolswatch.org/?p=44386

Desenmascara.me (unmaskme) PoC Security Awareness Web

Desenmascara.me is a tool yet in it's early PoC stage but fully functional. The goal of this tool is to raise security awareness among web owners in order to help decrease the constant rise of compromised websites. (unmaskme means desenmascarame in Spanish).

http://www.toolswatch.org/?p=44388

APK Binder Script v0.1 Released apk_binder_script allows us to unify two apk's in one or add a service apk smali code to the target. This copy smali code, active and manifest. Implements a receiver acting loader loading the class specified as a parameter (a service).

http://www.toolswatch.org/?p=44392

NTO Mobile On-Demand Service Released

NTOMobile On-Demand combines static analysis security testing (SAST), NTOSpider’s dynamic application security testing (DAST) and expert pen testers to deliver comprehensive and effective mobile application security testing services. Leveraging the power of NTOSpider’s DAST capabilities, NTOMobile On-Demand is the only mobile security solution available capable of effectively and automatically testing the web services that power mobile back ends and that leverage new technologies like REST, JSON and SOAP.

http://www.toolswatch.org/?p=44458 oclHashcat v1.21 Released oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as mask attack), combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack.

http://www.toolswatch.org/?p=44462

[New Tool] Interactive Network Packet Builder v1.0

With Interactive Network Packet Builder you can visually build "any" syntactically correct IP packet for a number of well-known protocols via simple point-and-click operations. Supported protools are SSH, FTP, HTTP, SIP, iSCSI, SMBv1, etc. The output is a binary payload (PDU).

http://www.toolswatch.org/?p=44467

Kali Linux v1.0.7 Released

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for VCS.

http://www.toolswatch.org/?p=44483 p0f v3.07b Released

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.

http://www.toolswatch.org/?p=44495

[New Tool] Webfwlog Firewall Log Analyzer v1.0 Released

Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP®. Webfwlog also supports logs saved in a database using the ULOG or NFLOG targets of the linux netfilter project, or any other database logs mapped with a view to the ulogd schema. Versions 1 and 2 of ulogd database schemas are supported. Webfwlog is licensed under the GNU GPL.

http://www.toolswatch.org/?p=44497 [New Tool] OWASP PCI Toolkit Beta Version Released

OWASP PCI Toolkit is an Open Source c# Windows form project, that will help you to scope the PCI-DSS requirements for your System Components.

http://www.toolswatch.org/?p=44517

[New Tool] OWASP OWTF – Offensive (Web) Testing Framework v0.45.0 Released

OWASP OWTF, Offensive (Web) Testing Framework is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient, written mostly in Python. The purpose of this tool is to automate the manual, uncreative part of pen testing: For example, spending time trying to remember how to call "tool X", parsing results of "tool X" manually to feed "tool Y", etc.

http://www.toolswatch.org/?p=44523

OWASP ZAP v2.3.1 Released

OWASP Zed Attack Proxy (ZAP) An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

http://www.toolswatch.org/?p=44525

ThreadFix v2.1M1 Released

ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and applications. ThreadFix is licensed under the Mozilla Public License (MPL) version 2.0.

http://www.toolswatch.org/?p=44527 [New Tool] ByWaf v1.0 – Web Application Penetration Testing Framework Released

ByWaf is a Web Application Penetration Testing Framework (WAPTF). It consists of a command-line interpreter and a set of plugins. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License.

http://www.toolswatch.org/?p=44535

[New Tool] Big Iron Recon & Pwnage (BIRP) for Mainframe Released

BIRP, Big Iron Recon & Pwnage, is a tool that will assist in the security assessment of mainframe applications served over TN3270. This tool has been released at #HITB2014AMS

http://www.toolswatch.org/?p=44547

Papers

OWASP AppSensor Guide v2.0 Released

The AppSensor project defines a conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into an existing application.

http://www.toolswatch.org/?p=44104

Do you have or know tools to be published?

Don't hesitate and contact us, send it!

http://www.toolswatch.org/submit-a-tool/ Arsenal around the World

Rooted Warfare 2014 Spain Wrap-up Part 1

ToolsWatch was present at Rooted CON, the most important security conference in Spain to organize the Rooted Warfare, similar to the Black Hat Arsenal edition, allowing auditors, penetration testers and security experts present and show their tools to the community and interact with attendees.

During these days were presented 12 amazing tools!

http://www.toolswatch.org/?p=43864

Upcoming Posts / Tools

• In the upcoming days, we will announce the Black Hat Arsenal Speakers List. Stay tuned! The Call for Tools will close on June 3, 2014. Hurry up!

• News, videos and tools released at Rooted CON. We are just preparing some information. :-)

vFeed The Open Source Cross-linked Local Vulnerability Database • Security Standards: CVE, CWE, CPE, OVAL, CAPEC, CVSS, and more!

• Vulnerability Assessment & Exploitation IDs.

• Vendors Security Alerts. https://github.com/toolswatch/vFeed Advertising Campaign

We want to keep growing, being possible for us share the best tools and stay always updated with these news releases. Offering free services for the community and a space to independent pentesters, auditors, etc. to show their tools.

For that reason we started with an advertising campaign in our web site, www.ToolsWatch.org; allowing only a few companies to publish their banners during a defined period of months. None of those companies will share the same services or kind of tool.

F.A.Q.:

• How long is the period of time? This is flexible, could be for 3, 6, 12 months or what do you want. • Will be another banners? Yes, a few, but not so much. • How is possible to pay it? Paypal.

Notice that none of those companies will share the same services or kind of tool.

Are you interested? Ping @maxisoler, for more information. :)