Pentesting VoIP Systems - VIPER VAST 3

Pentesting VoIP Systems: VIPER VAST 3

VAST is a Linux-based security distribution specifically designed for pentesting VoIP and UC networks.

It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment. With VAST, a security consultant has every tool necessary to carry out a successful onsite or remote penetration test or vulnerability assessment against a UC network. VAST is built on Mint Linux 13 and includes all of the open source VIPER Lab tools, in addition to some other network pentest tools.

VAST can be downloaded in .ISO format and VMWare guest image.

Download VIPER VAST 3

Read More

EncFS and TrueCrypt for Android - Cryptonite

Cryptonite brings EncFS and TrueCrypt to Android. You can browse, export and open EncFS-encrypted directories and files on your Dropbox and on your phone. On rooted phones that support FUSE (e.g. CyanogenMod) you can also mount EncFS and TrueCrypt volumes. TrueCrypt is only available as a command-line version at this time.

EncFS and TrueCrypt for Android

Cryptonite is an Android app that brings the FUSE based cryptographic filesystem EncFS and TrueCrypt to Android, you can link it to your Dropbox account with a single tap, after that you will be able to read and write on Dropbox EncFS volumes, exporting, viewing or uploading new files. Dropbox claims to keep data already encrypted in their servers but if anyone finds out your password account they will be able to read the files, encrypting them with Cryptonite you are placing a second security layer on top and block Dropbox built-in backdoor to your data.


To access your files offline sync them to a local folder with an app providing online storage synchronization, e.g. FolderSync. EncFS has a front end interface but Truecrypt is only available as a command line version, rooted phones that support the FUSE kernel, e.g. CyanogenMod, can mount an EncFS or Truecrypt volume, there is a Truecrypt work around to avoid having to use a rooted file browser, by typing “truecrypt –fs-options=”uid=1000,gid=1000,umask=0002″ volume.tc /sdcard/tc“. EncFS will use the encryption ciphers found in the system encryption libraries, Cryptonite allows you to select the encryption method, from a “Quick” Blowfish 128bit up to a “Paranoia” AES256bit with filename block encoding, other preferences include saving temporary files on an external SD card, setting up the mount storage point, clearing the cache and the “Chuck Norris mode” for experienced users that do not want to receive any security warning from the app.

You can browse, export and open encrypted EncFS directories and files on your Dropbox and to your phone, when you open a file from a decrypted EncFS volume Cryptonite will produce a temporary copy in “/data/data/csh.cryptonite/app_open/path_to_your_file”, anyone with access to your phone could recover those files, the app includes a text viewer that works in memory and does not save any temporary copy, there are plans to add an image viewer in the future but right now there isn’t one and if you open an image a temporary copy could be made on the phone outside the encrypted container.

Download  Cryptonite

Read More

Android Security Evaluation Framework - ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a way to automatically evaluate all your apps – even hundreds of them – to harvest their behavioral data, analyze their run pattern, and at the same time provide an interface to facilitate a vast majority of evolving security tests with most practical solutions?

Android Security Evaluation Framework (ASEF) performs this analysis while alerting you about other possible issues. It will make you aware of unusual activities of your apps, will expose vulnerable components and help narrow down suspicious apps for further manual research. The framework will take a set of apps (either pre-installed on a device or as individual APK files) and migrate them to the test suite where it will run it through test cycles on a pre-configured Android Virtual Device (AVD).

Android Security Evaluation Framework

During the test cycles the apps will be installed and launched on the AVD. ASEF will trigger certain behaviors by sending random or custom gestures and later uninstall the app automatically. It will capture log events, network traffic, kernel logs, memory dump, running processes and other parameters at every stage which will later be utilized by the ASEF analyzer. The analyzer will try to determine the aggressive bandwidth usage, interaction with any command and control (C&C) servers using Google’s safe browsing API, permission mappings and known security flaws. ASEF can easily be integrated with other open source tools to capture sensitive information, such as SIM cards, phone numbers and others.

ASEF is an Open Source tool for scanning Android Devices for security evaluation. Users will gain access to security aspects of android apps by using this tool with its default settings. An advanced user can fine-tune this, expand upon this idea by easily integrating more test scenarios, or even find patterns out of the data it already collects. ASEF will provide automated application testing and facilitate a plug and play kind of environment to keep up with the dynamic field of Android Security.

Download ASEF

Read More

Network Forensic Analysis - NetworkMiner

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files

Network Forensic Analysis Features

ºNetwork Forensics
ºNetwork Sniffing
ºPCAP Parser
ºDigital Forensics
ºPacket Sniffer

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble/rebuild transmitted files, directory structures and certificates from PCAP files.


The purpose of NetworkMiner is to collect data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames). NetworkMiner also comes in very handy when analyzing malware traffic, such as C&C (command-and-control) traffic from a BotNet, since uploaded and downloaded files are extracted to disk.

NetworkMiner performs OS fingerprinting based on TCP SYN and SYN+ACK packet by using OS fingerprinting databases from p0f (by Michal Zalewski) and Ettercap (by Alberto Ornaghi and Marco Valleri). NetworkMiner can also perform OS fingerprinting based on DHCP packets (which usually are broadcast packets) by making use of the Satori (by Eric Kollmann) OS fingerprinting database from FingerBank. NetworkMiner also uses the MAC-vendor list from Nmap (by Fyodor).

NetworkMiner can extract files and certificates transferred over the network by parsing a PCAP file or by sniffing traffic directly from the network. This is a neat function that can be used to extract and save media files (such as audio or video files) which are streamed across a network. Supported protocols for file extraction are FTP, HTTP and SMB.

User credentials (usernames and passwords) for supported protocols are extracted by NetworkMiner and displayed under the “Credentials” tab. Please be considerate when displaying the contents of this tab to the public.

Another very useful feature is that the user can search sniffed or stored data for keywords. NetworkMiner allows the user to insert arbitrary string or byte-patterns that shall be searched for with the keyword search functionality.


Version 0.84 (and newer) of NetworkMiner support sniffing and parsing of WLAN (IEEE 802.11) traffic. NetworkMiner does however currently only support WiFi sniffing with AirPcap adapters.

Download  NetworkMiner

Read More

Blind SQL injection - BBQSQL

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.


Similar to other SQL injection tools you provide certain request information.

Must provide the usual information:

ºURL
ºHTTP Method
ºHeaders
ºCookies
ºEncoding methods
ºRedirect behavior
ºFiles
ºHTTP Auth
ºProxies

HTTP Parameters
BBQSQL has many http parameters you can configure when setting up your attack. At a minimum you must provide the URL, where you want the injection query to run, and the method. The following options can be set:

ºfiles
ºheaders
ºcookies
ºurl
ºallow_redirects
ºproxies
ºdata
ºmethod
ºauth

Blind SQL injection: BBQSQL Install

This should be straight forward, but what ever is. Try running:

sudo pip install bbqsql


If that doesn’t work for you, you can install from source. The tool requires gevent,requests.

Download  BBQSQL

Read More

Wireless Security Auditing - Fern Wifi Cracker

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks

Fern Wifi Cracker Features:

ºWEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or ºWPS attack
ºWPA/WPA2 Cracking with Dictionary or WPS based attacks
ºAutomatic saving of key in database on successful crack
ºAutomatic Access Point Attack System
ºSession Hijacking (Passive and Ethernet Modes)
ºAccess Point MAC Address Geo Location Tracking
ºInternal MITM Engine
ºBruteforce Attacks (HTTP,HTTPS,TELNET,FTP)
ºUpdate Support>

Operating System Supported

The Software runs on any Linux machine with the programs prerequisites, But the program has been tested on the following Linux based operating systems:

ºUbuntu KDE/GNOME
ºBackTrack Linux
ºBackBox Linux

Prerequisites

The Program requires the following to run properly:
The following dependencies can be installed using the Debian package installer command on Debian based systems using “apt-get install program” or otherwise downloaded and installed manually

ºAircrack-NG
ºPython-Scapy
ºPython Qt4
ºPython
ºSubversion
ºXterm
ºReaver (for WPS Attacks)
ºMacchanger

Downlaod Fern Wifi Cracker

Read More

Local Pentest Transform Package - Sploitego

Sploitego is a local pen-test transform package that uses the Canari Framework for local transform execution in Maltego. The framework was first introduced at DEFCON 20 and has since picked up steam.

Sploitego has currently been tested on Mac OS X and Linux.


Sploitego is only supported on Python version 2.6. The setup script will automatically download and install most of the prerequisite modules, however, some modules will still need to be installed manually.

Some of the transforms require external command-line tools (e.g. nmap, amap, p0f, etc.). The following command-line tools are currently supported:

ºNmap version 5.51: Download
ºP0f version 3.05b: Download
ºAmap version 5.4: Download
ºMetasploit: Download
ºNessus: Download

Download  Sploitego

Read More

Anonymous - A Guerra no Brasil 2016 (The War in Brazil)

ºWe are Anonymous.
ºWe are Legion.
ºWe do not forgive.
ºWe do not forget.
ºExpect us.

By OffensiveSec

Read More

The movie - They Live (Portuguese) 1988

John (Roddy Piper) is a handyman who comes to Los Angeles and finds work in a factory. During an unprecedented crackdown, police destroyed an entire block of the slum where he lives. In the confusion Nothing is seemingly ordinary sunglasses, but using them can see hideous alien creatures disguised as humans, as well as the subliminal messages they convey through the media in general. Nothing realize that the invaders are already controlling the planet and, along with his co-worker Frank ( Keith David ) , decides to engage in the resistance movement, which is persecuted as subversive by the police.

(Update)By OffensiveSec

Read More