I seem to have missed about two updates made to the this mass audit toolkit. My last post about the Leviathan Framework can be found here. We now have the latest - Leviathan Framework v0.1.2! Read more about UPDATE: Leviathan Framework v0.1.2!
Distributions such as Kali Linux make it easier for us to carry out our penetration tests, vulnerability assessments, digital forensics gigs and wireless assessments. However, there are very few tools on such distributions that help you test the security of Internet of Things (IoT) devices as it needs bit of a customization. We now have AttifyOS to fill in the gap and help us test IoT security. Read more about AttifyOS: IoT Devices Testing Distribution!
Internal network exploitation is a completely different ballgame all together. Many resources are trusted by default and security restrictions are minimal in most cases. One such resource which lacks security restrictions is the Microsoft Windows Server Update Services (WSUS). I have seen internal networks which lack SSL protection, because it is "not needed" for internal networks. This is where a script like WSUXploit comes into picture! Read more about WSUXploit: A Weaponized WSUS Exploit Script!
There are a lot of Portable Executable (PE) file explorers in the market - both professional and free. Most of them have similar features but only some of them play well on Microsoft Windows as well as *NIX platform. One such tool that is quickly becoming my favourite is PPEE short for Professional PE File Explorer. It is VERY portable and handles well even on Kali! Read more about PPEE: A Professional PE File Explorer!
All of us know about Snort, the open-source, free and lightweight network intrusion detection system (NIDS) software for Linux & Windows to detect emerging threats. Also, all of us know that if you want to install Snort, Barnyard2 & PulledPork on a lot of machines, it get's a lot more time consuming and well monotonous. This is where Snorter comes in the picture. Read more about Snorter: A automatic Snort, Barnyard2, and PulledPork Installer!
Fresh off the GitHub repository - Leviathan, an open source, wide-range security audit toolkit that helps you with service discovery, brute force, SQL injection detection and running custom exploit. One of the guys behind this project is Utku Sen. If you remember he was the one who wrote open source ransomware - EDA2 and Hidden Tear. Read more about Leviathan: An All In One Security Audit Toolkit!
Kali Linux really needs no introduction today. It is the de-facto open source, Debian-based operating system for penetration testing, vulnerability assessments, digital forensics and wireless assessments. It is one of those operating systems that I see being actively developed and has a huge and helpful community. This post talks about the improvements and new tool additions in the latest open source Kali Linux 2017.1 Rolling release. Read more about Kali Linux 2017.1: The Professional Penetration-Testing Distro!