Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Sunday, March 22, 2015

Best / Open Source Wordpress Vulnerability Scanner

WPScan :

                 is a black box WordPress vulnerability scanner.


WPScan comes pre-installed on the following Linux distributions:
Prerequisites:
  • Ruby >= 1.9.2 - Recommended: 2.2.1
  • Curl >= 7.21 - Recommended: latest - FYI the 7.29 has a segfault
  • RubyGems - Recommended: latest
  • Git
 Download Link : https://github.com/wpscanteam/wpscan

Flunym0us :

                   is a Vulnerability Scanner for Wordpress and Moodle.





                 Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle.


Flunym0us requires python.

Arguments allowed:
-h, --help: Show this help message and exit
-wp, --wordpress: Scan WordPress site
-mo, --moodle: Scan Moodle site
-H HOST, --host HOST: Website to be scanned

Download Link : https://code.google.com/p/flunym0us/downloads/list

 Timthumb :

                Vulnerability Scanner plugin will scan your entire wp-content directory for instances of any outdated and insecure version of the timthumb script, and give you the option to automatically upgrade them with a single click. Doing so will protect you from hackers looking to exploit this particular vulnerability.

            Scans your wp-content directory for vulnerable instances of timthumb.php, and optionally upgrades them to a safe version.


Download Link : https://downloads.wordpress.org/plugin/timthumb-vulnerability-scanner.zip

 Vane :

          is a GPL fork of the now non-free popular WordPress vulnerability scanner WPScan.




Prerequisites

  • Windows not supported
  • Ruby => 1.9
  • RubyGems
  • Git
Download Link : https://github.com/delvelabs/vane


WordPress Security Scan

                           Online WordPress Security Scanner to test vulnerabilities of a WordPress installation. Checks include application security, WordPress plugins, hosting environment and web server.

Online URL : http://hackertarget.com/wordpress-security-scan/

 






Friday, March 20, 2015

Best / Open Source Tools for Security / Network Monitoring

Nagios:

              is a powerful monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes. 
              
             Nagios is a powerful, enterprise-class host, service, application, and network monitoring program. Designed to be fast, flexible, and rock-solid stable. Nagios runs on *NIX hosts and can monitor Windows, Linux/Unix/BSD, Netware, and network devices.








             Designed with scalability and flexibility in mind, Nagios gives you the peace of mind that comes from knowing your organization's business processes won't be affected by unknown outages.


             Nagios is a powerful tool that provides you with instant awareness of your organization's mission-critical IT infrastructure. Nagios allows you to detect and repair problems and mitigate future issues before they affect end-users and customers.

Download Link : http://sourceforge.net/projects/nagios/

or

http://www.nagios.org/download/

 

OpenSMART :

Open (Source|System) Monitoring and Reporting Tool, can do that for you.

OpenSMART is a rich featured monitoring and reporting tool, including:
  • easy to use web frontend
  • many predefined checks for application and system monitoring
  • abiltiy to monitor HA cluster applications
  • notification of administrators by email / SMS or anything else you can script
  • collection and ad-hoc reporting of many system figures like disk space or CPU consumption
  • many checks for application monitoring report their response time, too

OpenSMART saves its data (monitoring data and reporting data) in a database. This enables you to
  • get your SLA reporting data from your database
  • get your monthly/weekly/daily performance data from your database
  • do trend analyses with your response times.
 Download Link : http://opensmart.sourceforge.net/index.php/downloads

 Icinga :

               is an enterprise grade open source monitoring system which keeps watch over networks and any conceivable network resource, notifies the user of errors and recoveries and generates performance data for reporting. Scalable and extensible, Icinga can monitor complex, large environments across dispersed locations.


Features

  • Monitor host and service status
  • View the whole network and map dependencies
  • Gather performance and utilization data
  • Build in redundancy with distributed monitoring
  • Customize multiple users access, notifications and views

Download Link : https://www.icinga.org/download/

or

http://sourceforge.net/projects/icinga/

 

 Cacti :

              is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.


 
               Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and  populate them with data in a MySQL database. The frontend is completely PHP driven.
 


Download Link : http://www.cacti.net/download_cacti.php

or 

http://sourceforge.net/projects/cacti/

NeDi :

         is a lightwheight network management framework, which is based on a scheduled discovery, a SQL backend and a web based user interface.

         NeDi proofs to be a valuable tool for the security team as well. Keep track of wired and wireless clients throughout your entire network. You’ll be able to see IP changes and which hosts have more than one address. The upcoming host identification feature, expands NeDi’s awareness beyond the network layers and can locate vulnerable SSH servers for example…



Download Link : http://www.nedi.ch/download/

or

http://sourceforge.net/projects/nedi/?source=navbar

Observium :

                 is an autodiscovering PHP/MySQL based network monitoring system focused primarily on Cisco and Linux networks but includes support for a wide range of network hardware and operating systems.


                 Observium is an autodiscovering network monitoring platform supporting a wide range of hardware platforms and operating systems including Cisco, Windows, Linux, HP, Juniper, Dell, FreeBSD, Brocade, Netscaler, NetApp and many more. Observium seeks to provide a powerful yet simple and intuitive interface to the health and status of your network.
                 Observium Community is available free and open source. Observium Professional adds rapid patches, security fixes and additional features and hardware support for a small yearly license fee.





Download Link : http://observium.org/wiki/Download

or

http://sourceforge.net/projects/projectobserver/

ZABBIX :

                is an enterprise-class open source distributed monitoring solution designed to monitor and track performance and availability of network servers, devices and other IT resources. It supports distributed and WEB monitoring, auto-discovery, and more.

An enterprise-class distributed monitoring solution for networks & apps




Zabbix Features

  •     Monitor Everything
  •     Enterprise Ready
  •     Proactive Monitoring
  •     Capacity Planning
  •     True Open Source
  •     Business Solutions


Download Link : http://www.zabbix.com/download.php

or

http://sourceforge.net/projects/zabbix/
 

Saturday, August 23, 2014

Remote & Local file Inclusion Testing Tools

Fimap:

              A little tool for local and remote file inclusion auditing and exploitation.

              Fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable.

              The goal of fimap is to improve the quality and security of your website.


What works currently?

  • Check a Single URL, List of URLs, or Google results fully automaticly.
  • Can identify and exploit file inclusion bugs.
    • Relative\Absolute Path Handling.
    • Tries automaticly to eleminate suffixes with Nullbyte and other methods like Dot-Truncation.
    • Remotefile Injection.
    • Logfile Injection. (FimapLogInjection)
  • Test and exploit multiple bugs:
    • include()
    • include_once()
    • require()
    • require_once()
  • You always define absolute pathnames in the configs. No monkey like redundant pathes like:
    • ../etc/passwd
    • ../../etc/passwd
    • ../../../etc/passwd
  • Has a Blind Mode (--enable-blind) for cases when the server has disabled error messages. BlindMode
  • Has an interactive exploit mode which...
    • ...can spawn a shell on vulnerable systems.
    • ...can spawn a reverse shell on vulnerable systems.
    • ...can do everything you have added in your payload-dict inside the config.py
  • Add your own payloads and pathes to the config.py file.
  • Has a Harvest mode which can collect URLs from a given domain for later pentesting.
  • Goto FimapHelpPage for all features.
  • Works also on windows.
  • Can handle directories in RFI mode like:
    • <? include ($_GET["inc"] . "/content/index.html"); ?>
    • <? include ($_GET["inc"] . "_lang/index.html"); ?>
    • where Null-Byte is not possible.
  • Can use proxys.
  • Scans and exploits GET, POST and Cookies.
  • Has a very small footprint. (No senseless bruteforcing of pathes - unless you need it.)
  • Can attack also windows servers! (WindowsAttack)
  • Has a tiny plugin interface for writing exploitmode plugins (PluginDevelopment)
  • Non Interactive Exploiting (FimapNonInteractiveExec
 Download Link : https://code.google.com/p/fimap/downloads/list

Uniscan:
             is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.

Uniscan is a Remote File Include and Local File Include and Remote Command Execution vulnerability scanner.

This tool identify six vulnerability :-

* Blind SQL-Injection

* Remote File Include (RFI)

* Local File Include (LFI)

* Remote Command Execution (RCE)

* Cross-Site Scripting (XSS)

* SQL-Injection (SQL-i)



Download Link : http://sourceforge.net/projects/uniscan/

 Darkjumper.py:
                       This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server.

Features

  • scan sql injection, rfi, lfi, blind sql, rce injection
  • autosql injector
  • proxy support
  • verbocity added
  • autoftp bruteforcer
  • IP or Proxy checker and GeoIP

 Download Link : http://sourceforge.net/projects/darkjumper/


 Simple Local File Inclusion:

     
Description
The Simple Local File Inclusion Exploiter helps you to exploit LFI vulnerabilities. After you found one, simply pass the URL of the affected website and the vulnerable parameter to this tool. You can also use this tool to scan a parameter of an ULR for a LFI vulnerability.

Usage
./lfi_sploiter.py –exploit-url= –vulnerable-parameter=

Usage example
./lfi_sploiter.py –exploit-url=http://www.example.com/page.php?file=main –vulnerable-parameter=file

Usage notes
- Always use http://….
- When you pass a vulnerable parameter, this tool assumes that it is really vulnerable.
- If you do not know if a parameter is vulnerable, simply pass it to this script and let the scanner have a look.
- Only use one vulnerable parameter at once.
- This tool does not work with SEO URLs, such as http://www.example.com/news-about-the-internet/.
- If you only have a SEO URL, try to find out the real URL which contents parameters.

Feature list
- Provides a random user agent for the connection.
- Checks if a connection to the target can be established.
- Tries catch most errors with error handling.
- Contains a LFI scanner (only scans one parameter at once).
- Finds out how a LFI vulnerability can be exploited (e.g. directory depth).
- Supports nullbytes!
- Exploit features: Dumps a list of interesting files to your hard disk.
- Supports common *nix targets, but no Windows systems.

Download Link : http://www.xenuser.org/my-tools/


                                   

Monday, September 30, 2013

VoIP Vulnerability Scanner / Penetration Testing Tool

VoIP ( Voice Over IP ) Security Assessment Tool :

  Viproy :
              Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
10 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and registration tester. All attacks could perform before and after authentication to fuzz SIP services and value added services.

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf
Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf
Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf
Video :

 More Info : http://viproy.com/voipkit/

Download Link : https://github.com/fozavci/viproy-voipkit/archive/master.zip

SIPVicious : ( Tools for auditing SIP based VoIP systems )

          SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:

  • svmap - this is a sip scanner. Lists SIP devices found on an IP range
  • svwar - identifies active extensions on a PBX
  • svcrack - an online password cracker for SIP PBX
  • svreport - manages sessions and exports reports to various formats
  • svcrash - attempts to stop unauthorized svwar and svcrack scans

Download Link : http://code.google.com/p/sipvicious/downloads/list

VAST : ( VIPER Assessment Security Tools )

                          VAST is a Linux-based security distribution specifically designed for pentesting VoIP and UC networks. It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment. With VAST, a security consultant has every tool necessary to carry out a successful onsite or remote penetration test or vulnerability assessment against a UC network. VAST is built on Mint Linux 13 and includes all of the open source VIPER Lab tools, in addition to some other network pentest tools.



SiVuS - VoIP vulnerability scanner

                        SiVuS is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations and it is used by VoIP product vendors, security consultants, network architects, researchers and students. We encourage our community to provide us with feedback so we can enhance the current implementation and support the efforts to strengthen the security of VoIP networks.





More Info : http://nil.uniza.sk/sip/tools/sivus-voip-vulnerability-scanner
 


FreeSentral :

              is a full IP PBX consisting of a Linux Distribution, an IP PBX and a Web Graphical User Interface for easy configuration.


Features
  • Define, group extensions
  • Set dial plan
  • Direct Inward Calling
  • Set Auto Attendant
  • Music on hold
  • Short Dialing
  • Set call forwarding
  • Voicemail


                                   For all security audits on VoIP systems, FreeSental can make a quick and easy solution to implement. It can therefore be used as a training platform for testing VoIP vulnerabilities and issues. See here our VoIP tools collection to help you auditing and scanning.

 Download Link : http://www.freesentral.com/index.php/Download/Download

 Thanks,

RRN Technologies



Wednesday, September 25, 2013

Kvasir By Cisco - Web-Based Open Source Penetration Testing Tool

Kvasir : ( Penetration Test Data Management )

            is a web2py application and can be installed for each customer or task. This design keeps data separated and from you accidentally attacking or reviewing other customers. 

             This tool was developed primarily for the Cisco Systems Advanced Services Security Posture Assessment (SPA) team. While not every method used by the SPA team may directly relate we hope that this tool is something that can be molded and adapted to fit almost any working scenario.

                Kvasir is a vulnerability / penetration testing data management system designed to help mitigate the issues found when performing team-based assessments. Kvasir does this by homogenizing data sources into a pre-defined structure. Currently the following sources are supported:
 
Kvasir is here to help you with. Here's what you'll need to get started:
  • The latest version of web2py (http://www.web2py.com/)
  • A database (PostgreSQL known to work)
  • A network vulnerability scanner (Nexpose/Nmap supported)
  • Additional python libraries




                                Kvasir is a web-based application with its goal to assist “at-a-glance” penetration testing. Disparate information sources such as vulnerability scanners, exploitation frameworks, and other tools are homogenized into a unified database structure. This allows security testers to accurately view the data and make good decisions on the next attack steps.

                               Multiple testers can work together on the same data allowing them to share important collected information. There’s nothing worse than seeing an account name pass by and finding out your co-worker cracked it two days ago but didn’t find anything “important” so it was never fully documented.
 

Supported Data Sources:


 At current release, Kvasir directly supports the following tools:

There are obviously some gaps here but these are the primary tools we use. Support for scanners such as Nessus, QualysGuard, SAINT, and others are in various stages of development already, just not completed at this time.

Snapshot :

                               Initial screen of Kvasir shows two bar graphs detailing the distribution of vulnerabilities based on severity level count and host/severity count as well as additional statistical data:




                          Kvasir’s Host Listing page displays details such as services, vulnerability counts, operating systems, assigned groups, and engineers:.

                          
                              Kvasir supports importing exploit data from Nexpose (Exploit Database and Metasploit) and CANVAS. Link to exploits from vulnerabilities and CVE assignments are made so you can get an immediate glance at what hosts/services have exploitable vulnerabilities:


                           Host detail page provides an immediate overview of valuable information such as services, vulnerability mapping, user accounts, and notes, all shared between testing engineers:





                      
                              Of course as you collect user accounts and passwords it’s nice to be able to correlate them to hosts, services, hashes and hash types, and sources:




Source code / Download is available now at https://github.com/KvasirSecurity/Kvasir


Thanks ,

RRN Technologies Team.

Thursday, May 2, 2013

IPv6 port scanner Tool - Topera

 Topera:
           is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.

                        Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools (Juniper or Checkpoint ones) use it as detection engine also.


Mocking snort detection capabilities could suppose a high risk in some cases.
   
                          We keep researching on the security implications that the "new" IPv6 protocol will have in different environments.

                      Get local IPv6 address - Get local ethernet interface - sniffer packet counter - Some minor fixes. You can see an example of execution of Topera in demo videos below,


Latest Video :


 Sample Snapshot :

                                   In next pictures you can see some executions screenshots:











Topera in TCP port scanner mode:

Run with default options:

# python topera.py -M topera_tcp_scan -t fe80:b100:::c408
 
Run specifing: ports to scan, delay between connections, and number os extensions headers:

# python topera.py -M topera_tcp_scan -t fe80:b100:::c408 \
-p 21,22,23,80,8080 --scan-delay 0 --headers-num 0 -vvv
 

Download Link : Topera

Mirror Download Link 1 : Topera
Mirror Download Link 2 : Topera