Sunday 5 October 2014

Information Gathering

As per OWASP Testing Guide v4, the first phase in security assessment is focused on collecting as much information as possible about a target application. Information Gathering is the most critical step of an application security test. The security test should endeavour to test as much of the code base as possible. Thus mapping all possible paths through the code to facilitate thorough testing is paramount.

This task can be carried out in many different ways.

By using public tools (search engines), scanners, sending simple HTTP requests, or specially crafted requests, it is possible to force the application to leak information, e.g., disclosing error messages or revealing the versions and technologies used.

Below are the list of tools, are used to gather information.
  • acccheck
  • ace-voip
  • Amap
  • Automater
  • bing-ip2hosts
  • braa
  • CaseFile
  • CDPSnarf
  • cisco-torch
  • Cookie Cadger
  • copy-router-config
  • DMitry
  • dnmap
  • dnsenum
  • dnsmap
  • DNSRecon
  • dnstracer
  • dnswalk
  • DotDotPwn
  • enum4linux
  • enumIAX
  • exploitdb
  • Fierce
  • Firewalk
  • fragroute
  • fragrouter
  • Ghost Phisher
  • GoLismero
  • goofile
  • hping3
  • InTrace
  • iSMTP
  • lbd
  • Maltego Teeth
  • masscan
  • Metagoofil
  • Miranda
  • Nmap
  • ntop
  • p0f
  • Parsero
  • Recon-ng
  • SET
  • smtp-user-enum
  • snmpcheck
  • sslcaudit
  • SSLsplit
  • sslstrip
  • SSLyze
  • THC-IPV6
  • theHarvester
  • TLSSLed
  • twofi
  • URLCrazy
  • Wireshark
  • WOL-E
  • Xplico

Friday 3 October 2014

Kali Linux NetHunter


NetHunter, built on top is Kali Linux, is Andriod penetration testing platform that works on Nexus devices. With all the features of Kali tools, NetHunter has the ability to get a full VNC session from your phone to a graphical Kali chroot. A joint effort between the Kali community member “BinkyBear” and Offensive Security. NetHunter supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setup, HID keyboard (Teensy like attacks), as well as BadUSB MITM attacks – and is built upon the sturdy shoulders of the Kali Linux distribution and toolsets.

Supported Devices:
  • Nexus 4 (GSM)
  • Nexus 5 (GSM/LTE)
  • Nexus 7 [2012] (Wi-Fi)
  • Nexus 7 [2012] (Mobile)
  • Nexus 7 [2013] (Wi-Fi)
  • Nexus 7 [2013] (Mobile)
  • Nexus 10
Current Release: v1.0.2
Download Link: NetHunter

LiveCD List

The LiveCD List is an exclusive resource portal for different operating system where you can sort out the right one. It currently tracks LiveCDs, LiveDVDs and LiveUSB operating systems.

Download Link: http://www.livecdlist.com