Secure file deletion - srm

srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely that it can completely prevent that type of recovery. It is, essentially, a paper shredder for sensitive files.

srm is ideal for personal computers or workstations with Internet connections. It can help prevent malicious users from breaking in and undeleting personal files, such as old emails. Because it uses the exact same options as rm(1), srm is simple to use. Just subsitute it for rm whenever you want to destroy files, rather than just unlinking them. For more information on using srm, read the manual page srm(1).

Download  srm 

Read More

Anti Forensic Practice - A study of its impact on computer forensics

Anti- forensic techniques to attack gathers information that can be trace. Be erasi tampering with or hiding the Anti- forensic techniques seek vulnerabilities in the procedures and methods used  as well as in forensic tools. 

By exploiting these vulnerabilities, search delay or even derail an investigation, examination or incident response. It is one of more subjects treated in Computer Forensics, treated often in international and national conferences ( Black Hat, Defcon, H2HC, SegInfo ). 

In addition to extensive research target, the Anti- forensic techniques are being detected with increasing frequency, from modern attacks with malicious code ( Stuxnet, Duqu ) to situations where the suspect himself may benefit by removing traces.

By Offensive Sec

Read More

TECHNICAL APPLICATION OF ANTI- FORENSIC IN COMPUTER FILES NTFS

Anti- forensic techniques to attack gathers information that can be trace. Be erasi tampering with or hiding the Anti- forensic techniques seek vulnerabilities in the procedures and methods used  as well as in forensic tools. 

By exploiting these vulnerabilities, search delay or even derail an investigation, examination or incident response. It is one of more subjects treated in Computer Forensics, treated often in international and national conferences ( Black Hat, Defcon, H2HC, SegInfo ). 

In addition to extensive research target, the Anti- forensic techniques are being detected with increasing frequency, from modern attacks with malicious code ( Stuxnet, Duqu ) to situations where the suspect himself may benefit by removing traces.






By Offensive Sec

Read More

GPU Password Auditing - Cryptohaze

Cryptohaze is the home of high performance, open source, network-enabled, US-based cross-platform GPU and OpenCL accelerated password auditing tools for security professionals. Currently, many security professionals are at a serious disadvantage in auditing as they cannot submit hashes to online hash databases due to the terms of their auditing agreement. Cryptohaze tools are aimed at providing high quality tools that run on any platform – Windows, Linux, or OS X. The tools run on all platforms that support CUDA or OpenCL (currently Windows, Linux, OS X). If you don’t have a GPU – the OpenCL code will run just fine on your host CPU!

GPU Password Auditing


The Cryptohaze tools are designed for both nVidia based graphics cards, and OpenCL devices (nVidia and ATI/AMD graphics cards, and Intel/AMD CPUs). Right now, the old Multiforcer requires CUDA support (so nVidia cards only), but the rainbow table tools and the new Multiforcer work on anything with a CPU, including Atom based devices. For best performance, a top of the line ATI card is recommended. nVidia cards simply do not have the hash performance of ATI right now. The tools do support BFI_INT and other ATI-specific operations to improve performance rather significantly over nVidia cards. That said, if you value your sanity, nVidia may be a better option for these tools. ATI’s driver support, especially under Linux, leaves much to be desired and they do not seem to care to fix it. nVidia support is reliable, tested, and is less likely to leave you balding. And the uptime of an nVidia server may compensate for the reduced performance.

Cryptohaze Multiforcer

The Cryptohaze Multiforcer is a high performance CUDA password cracker that is designed to target large lists of hashes. Performance holds very solid with large lists, such that on a suitable server, cracking a list of 1 000 000 passwords is not significantly slower than cracking a list of 10. For anyone who deals with large lists of passwords, this is a very useful tool! Algorithm support includes MD5, NTLM, LM, SHA1, and many others.

Multiforcer New (MFN)

The Multiforcer New is a total ground up rewrite of the Cryptohaze Multiforcer with CUDA, OpenCL, and CPU (SSE/AVX/etc) support. It remains focused on brute forcing large hash lists, and scales very well. It also is designed for network clustering of machines – no longer are you limited to running your hashes with a single machine! Other tools have varying levels of network support, but Cryptohaze is the only open source tool with easy to use built in networking.

Cryptohaze GPU Rainbow Tables

There has been very little development in the promising Rainbow Table technology over the past several years. Cryptohaze GPU Rainbow table are a totally fresh implementation of rainbow tables, leveraging the strengths of the nVidia GPUs and OpenCL devices to allow for much larger table spaces and coverage. While the stock RainbowCrack tables use chain lengths of 10 000, the Cryptohaze tables use a chain length of 200 000. This allows much larger attack spaces – NTLM tables for full US charset (95 characters) length 8 are available, and other tables will become available as they are created. While doing this, cracking times on a high performance server remain very reasonable – in some cases, under 2 minutes per password!


OpenCL support is present for the rainbow table tools, and is present in the new alpha Multiforcer. If you are interested in helping to port the tools to OpenCL, drop author a line!

Download Cryptohaze

Read More

Vulnerabile Evaluation Platform - WAVSEP

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.


Vulnerabilities:

ºPath Traversal/LFI: 816 test cases, implemented in 816 jsp pages (GET & POST)
ºRemote File Inclusion (XSS via RFI): 108 test cases, implemented in 108 jsp pages (GET & POST)
ºReflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
ºError Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST)
ºBlind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST)
ºTime Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)
ºPassive Information Disclosure/Session Vulnerabilities (inspired/imported from ZAP-WAVE): 3 test cases of erroneous information leakage, and 2 cases of improper authentication / information disclosure – implemented in 5 jsp pages
ºExperimental Tase Cases (inspired/imported from ZAP-WAVE): 9 additional RXSS test cases (anticsrf tokens, secret input vectors, tag signatures, etc), and 2 additional SQLi test cases (INSERT) – implemented in 11 jsp pages (GET & POST)

False Positives:

º7 different categories of false positive Reflected XSS vulnerabilities (GET & POST )
º10 different categories of false positive SQL Injection vulnerabilities (GET & POST)
º8 different categories of false positive path traversal/LFI vulnerabilities (GET & POST)
º6 different categories of false positive remote file inclusion vulnerabilities (GET & POST)

Additional Features:

ºA simple web interface for accessing the vulnerable pages
ºAn auto-installer for the mysql database schema (/wavsep-install/install.jsp)
ºSample detection & exploitation payloads for each and every test case
ºDatabase connection pool support, ensuring the consistency of scanning results

Download WAVSEP

Read More

VoIP Sniffer - UCSniff

UCSniff is a Proof of Concept tool to demonstrate the risk of unauthorized recording of VoIP and Video – it can help you understand who can eavesdrop, and from what parts of your network. It is intended for next generation enterprise VoIP/UC Infrastructures that rely on Voice VLANs to segment UC applications for QoS requirements.

UCSniff was born from pentesting and the “VoIP Hopper” tool as an idea to combine automated Voice VLAN Discovery and VLAN Hop with MitM, along with targeted VoIP attacks against users in the VoIP Corporate Directory. Eavesdropping is one of many potential UC-specific attacks that can take place, and UCSniff can be used by other researchers and security professionals as a base tool to explore this idea. UCSniff is a text and GUI application, written in C/C++, that runs in the Linux and Windows OS environment. It is freely available under the GPLv3 license for anyone to download and use.

UCSniff bundles a hodgepodge of previously available open-source applications into a single software package that helps penetration testers assess the security of VoIP calls carried over a client’s network. It also introduces several new features that make eavesdropping on specific targets a point-and-click undertaking.

UCSniff runs on a laptop that can be plugged in to the ethernet port of the organization being probed. From there, a VLAN hopper automatically traverses the virtual local area network until it accesses the part that carries VoIP calls. Once the tool has gained unauthorized access, UCSniff automatically injects spoofed ARP, or address resolution protocol, packets into the network, allowing all voice traffic to be routed to the laptop.

UCSniff streamlines eavesdropping by allowing an attacker to zero in on the conversations of particular users. Targets can be selected by extension number or dial-by-name features, making it easy to listen to all calls made by a specific individual – such as an organization’s CEO. Eavesdropping can be further fine-tuned by listening only to calls


“It’s silently intercepting all the traffic and forwarding it to the phone, so a regular phone user would not be able to tell the difference,”

VoIP Sniffer: UCSniff Features

ºUC Sniffer with VoIP and IP Video Support
ºRealtime Video and VoIP Monitor (SIP)
ºAutomated Voice VLAN Discovery (CDP)
ºVLAN Hop Support
ºSniffing across Ethernet Switches
ºAutomatic creation of forward and reverse RTP audio streams into a single wav file
ºAutomatic creation of two avi files (forward and reverse video) for H.264 Video codec
ºAutomatic recording and saving of conversations using G.711 u-law and a-law codecs
ºAutomatic recording and saving of conversations using G.722, G.729, G.726, G.723 and ºWebRTC iSAC codecs (Note: G.729, G.723, G.726 codecs only work with a 32-bit Linux OS)
ºMitM ARP Poisoning and host management support
ºMonitor Mode (Span Session, Hub)
ºTracking and tracing of users, with logging
ºSupport for Cisco SIP, Cisco Skinny, RFC 3261 SIP
ºSupport for Cisco UCM 6.1, 7.0, 7.1, 8.0.2 Skinny (SCCP)
ºTarget Mode (Target User)
ºCorporate Directory Tool and functions (ACE)
ºARP Saver Tool to restore network in emergencies
ºGratuitous ARP Disablement Bypass
ºTFTP MitM Modification of IP Phone Settings
ºGUI Support in Windows and Linux
ºGUI Skin or Theme selection
ºOnly requires 1 phone (not both) in source VLAN in order to capture entire conversation
ºNew VideoSnarf tool outputs media files (audio, video) from pcap
ºSniffing and logging of Microsoft OCS IM Conversations
ºSupport for eavesdropping on Avaya SIP, Avaya H.323 media re-construction
ºUC Keystroke logger, for interception of dialed keypad digits (SCCP only)
ºAbility to enable/disable audio/video file mixing via checkbox in GUI
ºSupport for user specified command to mix audio and video files

Download UCSniff

Read More

Bluetooth scanner - Bluelog

Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in the area. It has also proven to be very well suited to Bluetooth traffic monitoring applications.

Bluetooth scanner

While there are many different Bluetooth scanners available, none I found did exactly what I wanted, most seemed focused on pulling down various bits of information from the target devices (like SDP records). I was also having trouble locating a scanner that didn’t have a UI of some sort, which was a problem since I wanted to scan continuously without user intervention. After trying out all of the Linux Bluetooth scanners I could find, I eventually decided to simply write my own.

Bluelog is a Linux Bluetooth scanner with optional daemon mode and web front-end, designed for site surveys and traffic monitoring. It’s intended to be run for long periods of time in a static location to determine how many discoverable Bluetooth devices there are in the area.

Since Bluelog is meant to be run unattended, it doesn’t have a user interface or require any interaction once started. It features a fully configurable log file format, as well as the ability to log to syslog for centralized logging over the network.


Bluelog was meant to be lean and portable (its only requirement is BlueZ), and runs well on x86, MIPS, and ARM architectures. Bluelog is included in Kali Linux (www.kali.org), and on the Pwn Pad and Pwn Plug penetration testing devices from Pwnie Express (www.pwnieexpress.com). It’s also available in the official OpenWRT repository and Arch Linux AUR community repository.

Download Bluelog

Read More

A Guerra que a Televisão não Mostra - Um Documentário Revelador - (DUBLADO).

A Guerra que a Televisão não Mostra - Um Documentário Revelador

Este filme é sobre a guerra que você não vê. Baseado na experiência pessoal de John Pilger, como correspondente de guerra, vai abordar principalmente a televisão, tentando se concentrar nos canais mais populares nos EUA e Grã-Bretanha. O filme vai indagar acerca do papel da mídia em guerras de rapina como a do Iraque e a do Afeganistão. Como os crimes de guerra foram narrados e justificados se são crimes?

Source: Oculto Revelado

By OffensiveSec

Read More

Open Source Vulnerability Scanner - OpenVAS

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The powerful and comprehensive OpenVAS solution is available as Free Software and maintained on a daily basis.

Open Source Vulnerability Scanner: OpenVAS

The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 30,000 in total (as of April 2013).


Features

ºOpenVAS Scanner
ºMany target hosts are scanned concurrently
ºOpenVAS Transfer Protocol (OTP)
ºSSL support for OTP (always)
ºWMI support (optional)
ºOpenVAS Manager
ºOpenVAS Management Protocol (OMP)
ºSQL Database (sqlite) for configurations and scan results
ºSSL support for OMP (always)
ºMany concurrent scans tasks (many OpenVAS Scanners)
ºNotes management for scan results
ºFalse Positive management for scan results
ºScheduled scans
ºFlexible escalators upon status of a scan task
ºStop, Pause and Resume of scan tasks
ºMaster-Slave Mode to control many instances from a central one
ºReports Format Plugin Framework with various plugins for: XML, HTML, LateX, etc.
ºUser Management
ºFeed status view
ºFeed synchronisation
ºGreenbone Security Assistant (GSA)
ºClient for OMP and OAP
ºHTTP and HTTPS
ºWeb server on its own (microhttpd), thus no extra web server required
ºIntegrated online-help system
ºMulti-language support
ºOpenVAS CLI
ºClient for OMP
ºRuns on Windows, Linux, etc.
ºPlugin for Nagios


All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).

Download OpenVAS

Read More