database exploiting tool

fuzzdb: Attack and Discover Pattern Databases for Web Application Fuzz Testing!

April 29, 2010 13:37 pm · 0 comments

by Black

in Open Source,Penetration Testing,Security Reconnaissance,Security tools,Web Application Penetration Testing

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for intelligent brute force testing and exploit condition identification of web applications, categorized by attack type, platform, and application.

Because of the popularity of a small number of server types, platforms, and package formats, resources such as logfiles and administrative directories are typically located in a small number of predictable locations. A comprehensive database of these, sorted by platform type, makes brute force fuzz testing a scalpel-like approach.

fuzzdb

Since system errors contain predictable strings, fuzzdb contains lists of error messages to be pattern matched against server output in order to aid detection software security defects.

Primary sources used for attack pattern research:
- researching old web exploits for repeatable attack strings
- scraping scanner patterns from http logs
- various books, articles, blog posts, mailing list threads
- patterns gleaned from other open source fuzzers and pentest tools
- analysis of default app installs
- system and application documentation
- error messages

As it is in the beta version, we would like to have some kind of reporting output for better understanding and as it relies on database exploits, we would also like to add, edit the exploit database in its alpha edition.

- fuzzdb-1.07.tgz Lots more sqli.
Discovery patterns of common files containing passwds and common login filenames

Download fuzzdb version 1.07 here

Searches leading to this post:
attack on discover, attack pattern tool, fuzzing attack, open source web application fuzzer, Spiderpig fuzz download

Tagged as: , , ,

Be the first to comment!

Toolza : SQL Injection Tool with Many Options!

March 22, 2010 11:14 am · 0 comments

by Black

in Open Source,Penetration Testing,Security Reconnaissance,Web Application Penetration Testing

Features of toolza:
LFI/Reader/Loade_file() bruter
- Scan site for folders & files
- FTP checker
- FTP bruter
- Proxy checker
- Proxy grabber

Post/Get/Proxy/SOCKS4-5/Cookies/Timeout/Multithread/HTTPS+Authorization supported

38801ade4623f3ab17cf7a518a516104 Toolza : SQL Injection Tool with Many Options!

- Select POST or GET
- Support for proxy (file proxy.txt) – avtocheking, working with the first working
- Support for SOCKS4-5 (file socks.txt) – avtocheking, auto-sensing type socks (4-5), without authorization, working with the first working
- Select a timeout connection
- Ability to insert cookies
- Ability to change user agent
- Ability to change the referrer
- Ability to select HTTP-protocol (0 – HTTP/1.0; 1 – HTTP/1.1; Default – 1)

Site scanner for folders & files:
- Multithreaded
- Dictionary of 3455 items
- Ability to edit errors in response to a request from the site when no existing URL (file scaner_errors_list.txt)
- Ability to replenish Dictionary (file scaner_folder_list.txt, a new position with a new line without slashes at the beginning)

LFI / READER / Load_file () bruter:
Multi-threaded, supporting GET | POST, proxy (not for all modes)

6 modes of work:
[1] LFI / Reader – visual error when wrong query
[2] LFI / Reader – unvisual error when wrong query
[3] Mysql load_file – visual error when wrong query, magic_quotes = OFF
[4] Mysql load_file – unvisual error when wrong query, magic_quotes = OFF
[5] Mysql load_file – visual error when wrong query, magic_quotes = ON
[6] Mysql load_file – unvisual error when wrong query, magic_quotes = ON

SQL injection DB supported: Mysql, Mssql, Sybase, Postgresql, Access, Oracle, Firebird/Interbase

Include Blind Mysql injection + alternative methods.

This tool is very use for advance users who like to go in deep to find vulnerability and exploit it. For beginners there are nice video tutorials.

It is wirtten in perl, so no Operating system dependency. You need to have perl 5 or above.

Download Toolza version 1 here

Searches leading to this post:
toolza, lfi injection tool, sql injection options, tool mysql injection, toolza pl

Tagged as: , , ,

Be the first to comment!

No more and 1=1 – Sql injection testing tool

February 15, 2010 10:46 am · 0 comments

by Black

in Open Source,Penetration Testing,Portable,Security Reconnaissance,Security tools

When doing WebApp testing we have had to retype million times the same old commands to test SQL I, XSS and all that stuff. Sometimes, you even have to recollect what were the characters involved in header injection for example we might have to do a search for it. In order to minimize the time required to type malicious syntax and have a handy repository of it M and me created this small tool that we hence call No more and 1=1.

2e402b0301ba04b61fc91b69336c9bf2 No more and 1=1 Sql injection testing tool

The tool comes in two flavours the stand alone version (a java app – kind of portable version but requires java installed) and the Webscarab Proxy attached version, the tool will be bundled with more proxies in the near future. The tool is simple, its great value comes in the definitions file which is totally customizable ( now thats great.)

Pre-requirement

- A Java Runtime Machine is required
- Put the definitons.csv file (included in the zip file) in the same directory where this program is being run.
- Do edit that file according to your needs but Respect the file syntax in definitions.csv:
- No commas are allowed in the scope and category names or parsing of definitions file will fail.)

How to use No more and 1=1

- use the jar file: java -jar NoMore_AND_1=1.jar or just double clic on it
- Navigate through the menus to select your injection
- Clic on your desired injection and it will copied to your systems clipboard
- Paste it wherever (+v)

Source code is also available

Operating system

As it is java based its operating system independent.

You will require both No more and 1=1 and defination initially

Download No more and 1=1 Here

Download No more and 1=1 definitions Here

Searches leading to this post:
no more and 1=1, nomore and 1=1, nomore_and_1=1 definitions csv, sql injection tool java

Tagged as: , , ,

Be the first to comment!

Page 1 of 212