Metasploit module : HTTP Form field fuzzer
Introduction About a month after releasing an ftp client fuzzer module for Metasploit, I decided to release yet another fuzzer module I have been working on over the last few weeks. This new module can be used to audit web servers/web server plugins/components/filters, by fuzzing form fields and optionally fuzz some header fields. While this […]
WATOBO – the unofficial manual
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities. WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works […]
Backtrack 4 cheat sheet
Download backtrack from http://www.remote-exploit.org/backtrack_download.html. Current version at the time of writing is BT4 Pre-Final.This document is based on BT4 pre-final. Ergo, some of the instructions below may not work with other versions of BT. FYI : An excellent guide about Backtrack4 can be found at BackTrack 4 – The Definitive Guide 1. Installing Backtrack […]
Juniper : Netscreen/ScreenOS to HTML (ns2html) + audit your firewall config (nipper)
A short while ago, I came across 2 really nice tools that will help – visualizing screenos configs into html pages – auditing firewall configs Converting screenos to html The first tool, called ns2html, was developed by Rodrigo Pace de Barros and can be found at http://ns2html.sourceforge.net/ It is written in perl and both […]
Nessus/OpenVAS wrapper for ike-scan
ike-scan is a great tool to audit VPN/IPSec implementations. This tool, which runs under Lunix, Unix, MacOS and Windows, can be found at www.nta-monitor.com/tools/ike-scan/ (Latest version at time of writing is 1.9). My Nessus ike-scan NASL wrapper may or may not work with earlier versions or newer versions, so test test test) Some of the […]
Donate
Your donation will help funding server hosting.
