Thursday, May 31, 2012

MaxPatrol Network Security Scanner - Positive Technologies

MaxPatrol - Network & Web Application Security Testing Tool:

MaxPatrol Core Features:

Web-server and Web Application structure analysis.

        MaxPatrol analyzes the structure of Web Applications to determine
        weaknesses and potential vulnerabilities in both the Web Server
        Configuration and the Web Application. Discovers available web server
        technologies. Inspects the HTTP version banners and looks for
        vulnerable products and other..

Intelligent recognition of vulnerabilities in known web-server scripts.

    Automatically detects web vulnerabilities:

        - SQL injection
        - Blind SQL injection
        - Cross Site Scripting
        - UTF-7 Cross Site Scripting
        - HTTP Response Splitting
        - Code execution
        - File inclusion
        - Directory traversal
        - Input validation
        - Authentication attacks
          (brute force login/password and etc)
        - Script source code disclosure
        - Discovers directories with weak permissions
          (finds directory listings and etc)
        - Looks for common files,
          back-up files, logs or directories

Detection of vulnerabilities arising from configuration errors including
    cases of unprotected authorization, revealing of information by services,


Download Link: Maxpatrol
Freeware Tools:   Click Here

Wednesday, May 30, 2012

Penetration Testing Using Mobile Phones & Tablets

Network Penetration Testing Using Mobile Phones:

Two Penetration Testing Suite Listed Below:
  • ANTI - Android Network Toolkit - Android & Apple Phone
  • Pwnie Express - Nokia phone

ANTI - Android Network Toolkit:

                                  Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti Using Anti is very intuitive - on each run, Anti will map your network, scan for active devices and vulnerabilities, and will display the information accordingly: Green led signals an 'Active device', Yellow led signals "Available ports", and Red led signals "Vulnerability found". Also, each device will have an icon representing the type of the device. When finished scanning, Anti will produce an automatic report specifying which vulnerabilities you have or bad practices used, and how to fix each one of them.

In-order to download the App (version 2.1) click on Register & Download, Choose email/password and you may download straight to your phone.

Make sure 3rd party application is enabled on your phone via Settings -> Applications -> Unknown Sources.

Download Link : ANTI

The app is also available via Android Market (lite version without *ANY* offensive capabilities in-order to fully comply with Android/Google ToS), named : "AntiLite".

Pwnie Express - Nokia phone

A Nokia N900-based penetration testing platform

  • Includes Aircrack-NG, Metasploit, Kismet, GrimWEPa, SET, Fasttrack, Ettercap, nmap, and more
  • Custom pentesting desktop with shortcuts to all tools!
  • One-click evil AP, WEP cracker, and packet capture!
  • Built-in wireless chipset supports packet injection, monitor mode, and promiscuous mode.
  • Includes phone, all standard accessories, 2 batteries, & coupler for USB host mode.

 Testing Tools manual : Click here

Download Link :  Pwnie Express

 Enjoy & Thank you for all the feedback/support!!