보안 프로그램2013. 10. 30. 17:28

cucksandbox agent.py

agent.py

 

'보안 프로그램' 카테고리의 다른 글

Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Backtrack IP 설정  (0) 2011.12.13
Packet Generator Tool  (0) 2011.11.21
nc 응답 테스트  (1) 2011.04.19
Penetration Testing Tools  (0) 2009.10.14
Posted by regexkorea
보안 프로그램2012. 6. 25. 08:30

'보안 프로그램' 카테고리의 다른 글

cukcoo_sandbox agent.py  (0) 2013.10.30
Backtrack IP 설정  (0) 2011.12.13
Packet Generator Tool  (0) 2011.11.21
nc 응답 테스트  (1) 2011.04.19
Penetration Testing Tools  (0) 2009.10.14
Posted by regexkorea
보안 프로그램2011. 12. 13. 20:01

ifconfig eth0 192.168.x.xx netmask 255.255.255.0 up
route add default gw 192.168.x.1
echo nameserver 8.8.8.8 > /etc/resolv.conf


Backtrack IP 고정
vi /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.x.xx
gateway 192.168.x.1
netmask 255.255.255.0
network 192.168.x.0
broadcast 192.168.x.255

Backtrack 네트워크 인터페이스 재시작
/etc/init.d/networking restart

'보안 프로그램' 카테고리의 다른 글

cukcoo_sandbox agent.py  (0) 2013.10.30
Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Packet Generator Tool  (0) 2011.11.21
nc 응답 테스트  (1) 2011.04.19
Penetration Testing Tools  (0) 2009.10.14
Posted by regexkorea
보안 프로그램2011. 11. 21. 17:05

퓨쳐시스템에서 Packet Generator Tool 을 만들어서 공개했네요..

제일 맘에 드는것은 기존 IPv4 패킷을 IPv6 패킷으로 헤더변경해서 전송해준다는 것입니다.

밴더들에게는 가장 좋은 툴이 되지 않을까 싶습니다.

 파일을 첨부했지만 아래 퓨쳐시스템 블로그를 통해서도 다운로드 가능합니다.

참고로 블로그 디자인이 제대로 되어있지 않습니다..^^;

 http://certteamfast.blogspot.com/2011/11/tool-replaypcap.html?showComment=1321861582916#c7771848252068166697

수고했다...협아..^^

'보안 프로그램' 카테고리의 다른 글

Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Backtrack IP 설정  (0) 2011.12.13
nc 응답 테스트  (1) 2011.04.19
Penetration Testing Tools  (0) 2009.10.14
토마 호크 설치 하기  (1) 2009.09.22
Posted by regexkorea
보안 프로그램2011. 4. 19. 15:41
패턴 탐지 테스트를 하다보면 Response 패킷에 대한 탐지 테스트를 하는 경우가 종종있다.
이때는 nc 를 이용하면 프로그래밍 없이 편하게 사용할 수 있다.

예) A 가 B 의 110/TCP Response 패킷에서 test 문자열을 탐지하려고 한다.
     1. B에서 nc -l -p 110 < test.txt 명령으로 LISTENING 상태로 만든다. (test.txt 파일 안에 test 문자열을 넣는다.)
     2. A에서 telnet을 이용하여 110/TCP 포트에 접근을 한다. telnet B의 IP주소 110

아스키는 가능한데 헥사는 어떻게 하지?? ^^;

'보안 프로그램' 카테고리의 다른 글

Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Backtrack IP 설정  (0) 2011.12.13
Packet Generator Tool  (0) 2011.11.21
Penetration Testing Tools  (0) 2009.10.14
토마 호크 설치 하기  (1) 2009.09.22
Posted by regexkorea
보안 프로그램2009. 10. 14. 11:56

Packet
Shaper:

  • Nemesis:
    a command line packet shaper
  • Packit:
    The Packet Toolkit – A network packet shaper.
  • Hping
    by Antirez: a command line TCP/IP packet shaper
  • Sing:
    stands for ‘Send ICMP Nasty Garbage’; sends fully customizeable ICMP
    packets
  • Scapy:
    a new python-based packet generator

Password
Cracker/Login Hacker:

  • John
    the Ripper
    : a well-known
    password cracker for Windows and *nix Systems
  • Djohn:
    a distributed password cracker based on "John
    the Ripper
    "
  • Cain
    & Abel
    : an advanced
    password recovery tool for windows systems. It sniffs the network
    packets an cracks authentication brute-force or with dictionary
    attacks.
  • Project
    RainbowCrack
    : Advanced instant
    NT password cracker
  • Rainbowtables: The
    shmoo group provides pre-generated rainbow tables for bittorrent
    download. The tables are generated with RainbowCrack (see above).
  • Windows
    NT
    password recovery tool
    by Peter
    Nordahl
  • THC-Dialup
    Login Hacker
    by THC. It tries to
    guess username and password against the modem carrier. As far as I know
    the only available dialup password guesser for *NIX.
  • Hydra
    by THC: a multi-protocol login hacker. Hydra is also integrated with Nessus.
  • Medusa: parallel network login auditor
  • THC
    imap bruter
    : a very fast imap
    password brute forcer
  • x25bru:
    a login/password bruteforcer for x25 pad
  • Crowbar: a generic web brute force tool (Windows only; requires .NET Framework)
  • MDCrack-NG: a very fast MD4/MD5/NTLMv1 hash cracker; works optionally with precomputed hash tables

Advanced
Sniffers:

  • Wireshark (formerly known as Ethereal): an open source network protocol analyzer
  • Dsniff
    by Dug Song: a combination of very useful sniffer and man-in-the-middle
    attack tools
  • Ettercap:
    a multipurpose sniffer/interceptor/logger for switched LAN environments
  • aimsniffer:
    monitors AOL instant messager communication on the network
  • 4G8:
    a tool ,similar to ettercap, to capture network traffic in switched
    environments
  • cdpsniffer:
    Cisco discovery protocol (CDP) decoding sniffer

Port
Scanner / Information Gathering:

  • nmap:
    the currently most well-known port scanner. Since version 3.45 it
    supports version
    scans
    . Have a look at PBNJ for diffing different nmap scans.
  • ISECOM
    released their nmap wrapper NWRAP,
    which shows all known protocols for the discovered ports form the Open
    Protocol Resource Database
  • Nmap::Scanner:
    Perl output parser for nmap
  • Amap
    by THC: An advanced portscanner which determines the application behind
    a network port by its application handshake. Thus it detects well-known
    applications on non-standard ports or unknown applications on
    well-known ports.
  • vmap
    by THC: version mapper to determine the version (sic!) of scanned daemons
  • Unicornscan:
    a information gathering and correlation engine
  • DMitry (Deepmagic Information Gathering Tool): a host information gathering tool for *nix systems
  • Athena:
    a search engine query tool for passive information gathering

Security
Scanner:

  • Nessus
    - In version 2 an OpenSource network scanner. Version 3 is only available in binary form and under a proprietary license.
  • OpenVAS: a fork of Nessus 2.2.5 (formerly known as GNessUs)

  • Nessj: a java based nessus (and compatibles) client (formerly known as Reason)
  • Paul
    Clip from @stake released AUSTIN,
    a security scanner for Palm OS 3.5+.

Webserver:

  • Nikto:
    a web server scanner with anti IDS features. Based on Rain Forest
    Puppies libwhisker
    library.
  • Wikto: a webserver assessment tool (Windows only; requires .NET framework)
  • WSDigger:
    a black box web pen testing tool from Foundstone (Windows based)
  • Metis:
    a java based information gathering tool for web sites

Fingerprinting:

  • SinFP: a fingerprinting tool which requires only an open tcp port and sends maximum 3 packets
  • Winfingerprint:
    much more than a simple fingerprinting tool.It scans for Windows
    shares, enumerates usernames, groups, sids and much more.
  • p0f
    2
    : Michal Zalewski announced his
    new release of p0f 2, a passive OS fingerprinting tool. p0f 2 is a
    completely rewrite of the old p0f code.
  • xprobe2:
    a remote active operating system fingerprinting tool from Ofir Arkin
    and the xprobe2 team
  • Cron-OS:
    an active OS fingerprinting tool based on TCP timeout behavior. This
    project was formerly known as "RING" and is now published as a nmap
    addon.

Proxy
Server:

  • Burp
    proxy
    : an interactive HTTP/S
    proxy server for attacking and debugging web-enabled applications
  • Screen-scraper:
    a http/https-proxy server with a scripting engine for data manipulation
    and searching
  • Paros:
    a man-in-the-middle proxy and application vulnerability scanner
  • WebScarab: a framework for analyzing web applications. One of it’s basic functionality is the usage as intercepting proxy.


War Dialers:

  • IWar: a classic war dialer. One of a few wardialers for *nix operation systems, and the only with VOIP functionality (to my knowledge)
  • THC-Scan: a war dialer for DOS, Windows and DOS emulators

Malware / Exploit Collections:

  • packetstormsecurity.org:
    Huge collections of tools and exploits
  • ElseNot Project: The project tries to publish an exploit for each MS Security Bulltin. A script kiddie dream come true.
  • Offensive Computing: Another malware collection site
  • Securityforest: try the ExploitTree to get a collection of exploit code; have a look at the ToolTree for a huge list of pentest stuff


Databases / SQL:

  • sqlninja: a tool to exploit sql injection vulnerabilities in web applications with MS SQL Servers (alpha stage)
  • CIS
    Oracle Database Scoring Tool
    :
    scans Oracle 8i for compliance with the CIS Oracle Database
    Benchmark
  • SQLRecon:
    an active and passive scanner for MSSQL server. Works on Windows 2000,
    XP and 2003.
  • absinthe: a
    gui-based tool that automates the process of downloading the schema
    & contents of a database that is vulnerable to Blind SQL Injection
    (see here
    and here).
  • SQL Power Injector: a GUI based SQL injector for web pages (Windows, .Net Framework 1.1 required, Internet Explorer 5.0+ required)

Voice over IP (VOIP):

  • vomit (voice over misconfigured internet telephones): converts Cisco IP phone conversations into wave files
  • SiVuS: a VOIP vulnerability scanner – SIP protocol (beta, Windows only)
  • Cain & Abel: mostly a password cracker, can also record VOIP conversations (Windows only)
  • sipsak (SIP swis army knife): a SIP packet generator
  • SIPp: a SIP test tool and packet generator
  • Nastysip: a SIP bogus message generator
  • voipong: dumps G711 encoded VOIP communications to wave files. Supports: SIP, H323, Cisco Skinny Client Protocol, RTP and RTCP
  • Perl based tools by Thomas Skora: sip-scan, sip-kill, sip-redirectrtp, rtpproxy and ipq_rules
  • rtptools: a toolset for rtp recording and playing

Networkbased Tools:

  • yersinia: a network tool
    designed to take advantage of some weakeness in different network
    protocols (STP, CDP, DTP, DHCP, HSRP, 802.1q, VTP)
  • Netsed:
    alters content of network packets while
    forwarding the packets

  • ip6sic:
    a IPv6 stack integrity tester

VPN:

  • ike-scan:
    an IPSec enumeration and fingerprinting tool
  • ikeprobe:
    ike scanning tool
  • ipsectrace:
    a tool for profiling ipsec traffic in a dump file. Initial alpha release
  • VPNMonitor:
    a Java application to observer network traffic. It graphically
    represents network connections and highlights all VPN connections. Nice
    for demonstrations, if somewhat of limited use in a real pen test.
  • IKECrack:an IKE/IPSec cracker for pre-shared keys (in aggressive mode authentication [RFC2409])

DNSA:
DNS Auditing tool by Pierre Betouin

Hunt:
a session hijacking tool with curses GUI

SMAC:
a Windows MAC Address Modifying Utility. Supports Windows 2000 and XP.

The
WebGoat Project
: a web
application written in Java with intentional vulnerabilities. Supports
an interactive learning environment with individual lessons.

TSCrack:
a Windows Terminal Server brute forcer

Ollie
Whitehouse from @stake released some new cellular phone based
pentesting tools for scanning
(NetScan,
MobilePenTester).
All tools
require a Sony Ericsson P800 mobile phone. Unfortunately, @stake seems
no longer to support much of their free
security tools. So, use instead the alternativ download links above.

THC-FuzzyFingerprint:
generates fuzzy fingerprints that look almost nearly equal to a given
fingerprint/hash-sum. Very useful for MITM attacks.

BeatLM,
a password finder for LM/NTLM hashes. Currently, there is no support
for NTLM2 hashes. In order to get the hashes from network traffic, try ScoopLM.

THC
vlogger
: a linux kernel based
keylogger

The
Metasploit Framework
: an
"advanced open-source platform for developing, testing, and using
exploit code".

ATK (Attack Tool Kit): a comination of security scanner and exploit framework (Windows only)

Pirana: an exploitation framework to test the security of email content filters. See also the whitepaper

PassLoc:
a tool which provides the means to locate keys within a buffer. Based
on the article "Playing
hide and seek with stored keys
"
by Adi Shamir.

Dl-Hell:
identifies an executables dynamic link library (DLL) files

DHCPing:
a security tool for testing dhcp security

ldapenum:
a perl
script for enumeration against ldap servers.

Checkpwd: a dictionary based password checker for oracle databases

NirCmd from NirSoft: a windows command line tool to manipulate the registry, initiate a dialup connection and much more

Windows Permission Identifier: a tools for auditing user permissions on a windows system

MSNPawn: a toolset for footprinting, profiling and assesment via the MSN Search. Windows-only, .NET required

snmpcheck:a tool to gather information via snmp. Works on Linux, *BSD and Windows systems.

pwdump6: extract NTLM and LanMan hashes from Windows targets

출처 : lonerunners.net
원문 : http://www.lonerunners.net/1188-penetration-testing-tools.html

'보안 프로그램' 카테고리의 다른 글

Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Backtrack IP 설정  (0) 2011.12.13
Packet Generator Tool  (0) 2011.11.21
nc 응답 테스트  (1) 2011.04.19
토마 호크 설치 하기  (1) 2009.09.22
Posted by regexkorea
보안 프로그램2009. 9. 22. 10:18

여기서 말하는 토마호크는 군사용 미사일이 아니다..^^
 패킷을 재생시켜주는 도구 이다.. 예를 들어 CC 인증시 탐지 테스트를 할때 각 패턴에 대해서 모의 해킹 형식으로 해서 탐지테스트를 할것인가? 그러기 위해서는 여러 PC들이 필요하고 각종 취약성이 설치되어야하는 번거로움이 생긴다..
패턴을 개발시 테스트했던 트래픽을 가지고 재생하면 얼마나 편한가.. 뭐 그런용도는 아마 토마호크의 일부분일 것이다..

토마호크가 무엇인지, 설치하기 위해 무엇이 필요한지에 대해 아래 사이트에서 확인 할 수 있다.
http://tomahawk.sourceforge.net/ 

Download

To compile Tomahawk, you'll need to get Libnet 1.02a and Libpcap 0.8.1, as well as the Tomahawk source:

For your convenience, the following binaries are available:


우선 토마호크를 설치하기위한 사양은 다음과 같다.
     o 1.4+ GHz processor
     o At least 512 MB RAM
     o Two gigabit test NICs.  The Intel Pro1000 adapters are inexpensive
        and work well.  If you have only one PCI slot, the Intel dual port
        Pro1000 can be used.
     o One NIC for management

운영체제는 기본적으로 리눅스를 이용하면 되며,  Libnet 1.02a, Libpcap 0.8.1 이 필수적으로 설치가 되어있어야 한다.

Libpcap 0.8.1
http://sourceforge.net/projects/libpcap/

Libnet 1.02a
http://www.filewatcher.com/m/libnet-1.0.2a.tar.gz.140191.0.0.html

Release 1.1 또는 Release 1.0을 선택해서 설치하면된다.
유의해야할 사항은 Libpcap 0.8.1 과 Libnet 1.02a, Tomahawk 는 /usr/local 경로에서 설치하여야한다..
자세한 사항은 Tomahawk 파일을 풀어서 INSTALL 을 읽고 따라하면된다.

소스 컴파일이 안된다면 For your convenience, the following binaries are available:  가있다.
Redhat 7 또는 이후의 리눅스에서 컴파일한 바이너리를 다운로드 받아서 그냥 /bin 파일에 올려 놓으면 된다..

다 귀찮으면 그냥 Redhat 7 계열 리눅스 설치하고 Tomahawk 바이너리 다운로드 받으면 해결된다..^^

'보안 프로그램' 카테고리의 다른 글

Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline-sift  (0) 2012.06.25
Backtrack IP 설정  (0) 2011.12.13
Packet Generator Tool  (0) 2011.11.21
nc 응답 테스트  (1) 2011.04.19
Penetration Testing Tools  (0) 2009.10.14
Posted by regexkorea