Top
Search
Subscribe
Social Media - Mubix
Login
Archives

Entries in tools (4)

Thursday
Feb122009

ShmooCon Tools

DateThursday, February 12, 2009 at 10:58AM
It figures that someone who didn’t go actually made a list of tools. (Probably because they didn’t have to suffer the ShmooFlu)

Check out: http://blog.security4all.be/2009/02/shmoocon-2009-overview-collection-of.html 

Thanks to Security4all for posting it up!

If you see something that he doesn’t have, pictures, videos, links, or tools, please let him know.

FireTalks / PodCasters Meetup audio can be found here soon: http://pcm.libsyn.com/
AuthorRob Fuller | CommentPost a Comment |
tagged , , in
Saturday
Feb072009

The Middler gets released at ShmooCon!

DateSaturday, February 7, 2009 at 3:22PM
The official link is up and here it is.. well, until they release the beta:

http://inguardians.com/tools/middler-alpha.tgz

 Keep up with http://www.inguardians.com/ for all of their great tools.
AuthorRob Fuller | CommentPost a Comment |
tagged , in
Wednesday
Feb042009

Metasploit Across the Net

DateWednesday, February 4, 2009 at 1:13PM
Metasploit is awesome, but some don’t know that their are updates all the time via SVN, and even fewer know of places to get good non-svn modules / scripts. Here are a few of my favorites:

https://www.securinfos.info/metasploit/msfxdc.php

http://metasploit.com/users/mc/

http://darkoperator.blogspot.com

-- newly added, check out the CookieMonster script and a host of others: http://pentest.cryptocity.net

And of course: http://carnal0wnage.blogspot.com/
AuthorRob Fuller | Comment1 Comment |
tagged , in
Tuesday
Feb032009

Ear Trumpet

DateTuesday, February 3, 2009 at 1:35PM
I have had the idea for this app for a long time, expressed it a few times, but never really pushed, and I sure that I am not the only one who has thought of or wanted an app like Ear Trumpet by Robin Wood. Well on Jan 21st Sam Buhlig posted to the PaulDotCom mailing list asking for an app to test a firewall that would answer on all ports. A great discussion spawned off and a couple guys (Dimitrios Kapsalis, and Robin Wood) started work on it.

So what is Ear Trumpet? It’s a server/client app just like Cain and Abel is. But each piece has one very simple task: ear listens on a server on all TCP port, and trumpet tries to get to it on all TCP ports. That’s it.

What does that do for me? Well, here are two instances where it could be useful:

  • As a Firewall / Perimeter Technician, where you use it to test to see if all of your firewall rules are working properly so that no one can get through. (Outside in. Ear internal, Trumpet external)

  • As a Penetration Tester, where you use it to find exfiltration points, ways out of the network. (Inside out, Ear external, Trumpet internal), You could even put Trumpet on multiple computers in this instance and see which systems have different access out. There are sleep methods plugged into Trumpet to allow you to stay under the radar.


 What can you use it for? Simple programs like this always have a million uses. Comment with your idea.
AuthorRob Fuller | CommentPost a Comment |
tagged , , in