All other tools

Ontwikkelaars van de password-cracker John the Ripper hebben een versie uitgebracht waarin Cuda en OpenCL worden gebruikt, waarmee een gpu aan het werk kan worden gezet. Ook worden meer bestandsformaten ondersteund.

Aan John the Ripper zouden sinds de vorige versie 40.000 regels nieuwe code zijn toegevoegd, zo stellen de ontwikkelaars van de opensource password-cracker. De belangrijkste vernieuwing in versie 1.7.9-jumbo-6 is de mogelijkheid om de gpu in te zetten. Daarvoor is zowel ondersteuning voor Nvidias Cuda als OpenCL aanwezig.

De hacktool bevat ook ondersteuning voor meer bestandsformaten en versleutelingen. Zo kan John the Ripper zijn tanden zetten in met wachtwoord beveiligde bestanden van Office 2007 en Office 2010, terwijl ook OpenDocument-bestanden aangevallen kunnen worden. Verder kan de tool overweg met de master passwords van Firefox en Thunderbird, zijn wpa-psk-sleutels te analyseren en kunnen wachtwoorden in OS X-keychains bemachtigd worden.

Volgens ontwikkelaar Solar Designer is het gebruik van de gpu bij het kraken van wachtwoorden met name nuttig bij wpa-psk-versleuteling en password-hashes op Unix-systemen. Daarnaast zou John the Ripper de gpu ook benutten als de snelheidswinst relatief gering is. De ontwikkelaar stelt dat soortgelijke pakketten dit bewust nalaten omdat de snelheidclaims onvoldoende zouden zijn. Als voorbeeld noemt Solar Designer de sha512crypt-versleuteling die door Ubuntu wordt gebruikt. John the Ripper zou op een GeForce GTX 570-gpu tot 11.000 hashes per seconden behalen, circa vijf maal sneller dan een cpu met acht cores.

Bron: Tweakers.net

1. BackTrack 5
So tell me.. Who doesn't know about BackTrack? Some windows users do but almost all penetration testers and Linux users are familiar with this pentesting distro based on Ubuntu. BackTrack used to be a KDE pentesting distro but with the release of BackTrack 5, a Gnome Desktop Environment was also released for those users who dislike KDE. In fact with the release of BackTrack 5, the developer (phillips321) of GnackTrack decided to stop his project after careful consideration. Hence, bt5-fixit.sh was released by phillips321 for improving and adding more tools for BackTrack 5. BackTrack is one of my favorite pentesting distros that can run on a live CD or flash drive. Ideal for wireless cracking, exploiting, web application assessment, learning, or social-engineering a client. 

Famous for its awesome line: "The quieter you become, the more you are able to hear". Download BT5R2 here.


2. BackBox Linux
BackBox Linux captured my heart because of its sleek performance and its flexibility as what the project claims to be. Its new version which is BackBox 2.01 uses these components: Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The new version has cool features which include Forensic Analysis, Documentation & Reporting and Reverse Engineering and updated tools like dradis, ettercap, john, metasploit, nmap , Social Engineering Toolkit, sleuthkit, w3af, weevely, wireshark, etc. This pentesting distro is part of Open Soluzioni's project which is founded by Raffaele Forte. 

Download this project and see for yourself. What makes their forum cool is that the admin is open for tools request. In fact, Raffaele added reaver (WiFi Protected Setup Attack Tool) in their repository after I made a request in their forum a few months ago.

35 Pentest tools used for Web Vulnerability Assessment

1. w3af
w3af or Web Application Attack and Audit Framework is an open source penetration testing tool for finding web vulnerabilities and an exploit tool that comes with cool plugins like sqlmap, xssBeef, and davShell. w3af automatically updates itself every time you launch the tool making it a very reliable tool for website hacking.  For more information just check out their website hosted at SourceForge.

2. Acunetix Web Vulnerability Scanner Acunetix WVS or Web Vulnerability Scanner is a pentesting tool for Windows users so that they may be able to check for SQL Injection, Cross Site Scripting (XSS), CRLF injection, Code execution, Directory Traversal, File inclusion, checks for vulnerabilities in File Upload forms and other serious web vulnerabilities. You can download this tool here.

3. SQLninja
SQLninja is a an sql injection tool for web applications that use Microsoft SQL Server as its back-end though it runs only in Linux, Mac and BSD. It requires perl modules; NetPacket, Net-Pcap, Net-DNS, Net-RawIP, and IO-Socket-SSL. You can download this tool here.

4. Nikto
Nikto is an open source web server scanner “which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files or CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers." The good thing about Nikto is that it easy to use and and performs scanning faster. Nikto is coded in Perl and written by Chris Sullo and David Lodge. Although not all checks are really a big security problem but most are like XSS (Cross Site Scripting) Vulnerabilities, phpmyadmin logins, etc. Nikto alerts and gives you security tips in order to prevent your website from various attacks.

5. SQLmap
SQLmap is an open source automatic SQL injection and database takeover tool that fully supports MySQL, Oracle, PostgreSQL and Microsoft SQL Server. It partially supports Microsoft Access, DB2, Informix, Sybase and Interbase. Download sqlmap here.   

6. Pangolin 3.2.3
Pangolin is another sql injection scanner for web applications using Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008, MySQL, Oracle, PostgreSQL, Sqlite3, and Sybase. Its features include keyword auto analysis, supports HTTPS, has bypass firewall setting, injection digger, data dumper, etc. You can download its zip file here. 

7. Havij v1.15 Advanced SQL Injection
Havij is another famous automatic sql injection tool that has a free and premium version. The free version only supports a few injection methods like MsSQL 2000/2005 with error, MsSQL 2000/2005 no error union based, MySQL union based, MySQL Blind, MySQL error based, MySQL time based, Oracle union based, MsAccess union based, and Sybase (ASE). It also includes an admin finder and an md5 cracker. 

8. SQL Power Injector
SQL Power Injector is a web pentesting application created in .Net 1.1 that helps the penetration tester and hackers find and exploit SQL injections on a web application that uses SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing Database Management System when using the inline injection or normal mode. You can download the latest version of this tool which includes a Firefox plugin here.

9. VulnDetector
VulnDetector is a project coded in python which scans a website and detects various web based security vulnerabilities in the website. It was developed by Brad Cable who is into coding open source tools. You can download the script here.

10. SQLIer 0.8.2b
SQLIer is another project of Brad Cable and is a shell script that determines all the necessary information to build and exploit an SQL Injection vulnerability to a URL by itself without user interaction unless it can't guess the table or field names for the database correctly. SQLIer can build a UNION SELECT query designed to brute force passwords out of the database. This script also does not use quotes in the exploit to operate, meaning it will work for a wider range of sites. Download the shell script here.

Een nieuwe tool voor forensisch onderzoekers maakt het mogelijk om met PGP versleutelde harde schijven en versleutelde Office 2010-documenten te 'kraken'. Passware Kit 11.7 gebruikt geen brute force-aanval, maar weet de encryptiesleutels te achterhalen door het geheugen van de computer te analyseren. Het proces zou zo snel verlopen, dat de versleuteling meteen ontsleuteld is.