NMAP

Nmapsi: A NMAP GUI!

August 18, 2010 11:35 am · 0 comments

by Black

in Penetration Testing,Security Reconnaissance,Tool Updates

Yet another nmap GUI – NmapSi is a complete Qt-based GUI with the design goals to provide a complete nmap interface for users. This is done for in order to provide easy management of all nmap options.

91ed3d0ef7802c9688b8f7897d97856f Nmapsi: A NMAP GUI!

Features:

  • Traceroute
  • Dns Lookup
  • Search Vulnerabilities
  • Full Scan

Currently supports *nix operating systems. Other versions also support the Windows operating systems.

Download Nmapsi4 0.2 beta3 here

Searches leading to this post:
nmap gui, nmap download gui, nmapsi windows

Tagged as: , , ,

Be the first to comment!

UPDATE: Nmap 5.35DC1!

July 19, 2010 17:50 pm · 0 comments

by Black

in Open Source,Penetration Testing,Security Reconnaissance,Tool Updates

fyodor has released Nmap version 5.35DC1! This version has added 17 new NSE scripts, bringing the total to 131! It has been released in time for Defcon!

Nmap (“Network Mapper”) is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).”

In addition to the new NSE scripts, it the OS detection integration database has increased by 262 grown to a total of 2,608 fingerprints! Also, the version detection integration run has increased by 279 signatures. This brings the total of version detection signatures to 6,622! Apart from other additions, this is our favourite addition – dns-cache-snoop.nse. This script performs cache snooping by either sending non-recursive queries or by measuring response times.

Download Nmap version 5.35DC1 here!

Searches leading to this post:
free metasploit download with nmap, is nmap-5 35DC1 any good, upgrade nmap metasploit

Tagged as: , ,

Be the first to comment!

UPDATE: Metasploit Framework v3.4.1!

July 13, 2010 11:54 am · 0 comments

by Black

in Penetration Testing,Security Reconnaissance,Tool Updates

The Metasploit Framework has been updated to version 3.4.1 in less than 3 months!

Metasploit Framework 3.4.1!

Metasploit Framework 3.4.1

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.

Statistics:

  • Metasploit now has 567 exploits and 283 auxiliary modules (up from 551 and 261 in v3.4)
  • Over 40 community reported bugs were fixed and numerous interfaces were improved

General:

  • The Windows installer now ships with a working Postgres connector
  • New session notifications now always print a timestamp regardless of the TimestampOutput setting
  • Addition of the auxiliary/scanner/discovery/udp_probe module, which works through Meterpreter pivoting
  • HTTP client library is now more reliable when dealing with broken/embedded web servers
  • Improvements to the database import code, covering NeXpose, Nessus, Qualys, and Metasploit Express
  • The msfconsole “connect” command can now speak UDP (specify the -u flag)
  • Nearly all exploit modules now have a DisclosureDate field
  • HTTP fingerprinting routines added to some exploit modules
  • The psexec module can now run native x64 payloads on x64 based Windows systems
  • A development style guide has been added in the HACKING file in the SVN root
  • FTP authentication bruteforce modules added

Payloads:

  • Some Meterpreter scripts (notably persistence and getgui) now create a resource file to undo the changes made to the target system.
  • Meterpreter scripts that create logs and download files now save their data in the ~.msf3/logs/scripts folder.
  • New Meterpreter Scripts:
  • enum_firefox – Enumerates Firefox data like history, bookmarks, form history, typed URLs, cookies and downloads databases.
  • arp_scanner – Script for performing ARP scan for a given CIDR.
  • enum_vmware – Enumerates VMware producst and their configuration.
  • enum_powershell – Enumerates powershell version, execution policy, profile and installed modules.
  • enum_putty – Enumerates recent and saved connections.
  • get_filezilla_creds – Enumerates recent and saved connections and extracts saved credentials.
  • enum_logged_on_users – Enumerate past users that logged in to the system and current connected users.
  • get_env – Extracts all user and system environment variables.
  • get_application_lits – Enumerates installed applications and their version.
  • autoroute – Sets a route from within a Meterpreter session without the need to background the sessions.
  • panda_2007_pavsrv53 – Panda 2007 privilege escalation exploit.
  • Support for a dns bypass list added to auxiliary/server/fakedns. It allows the user to specify which domains to resolve externally while returning forged records for everything else. Thanks to Rudy Ruiz for the patch.
  • Railgun – The Meterpreter “RAILGUN” extension by Patrick HVE has merged and is now available for scripts.
  • PHP Meterpreter – A protocol-compatible port of the original Meterpreter payload to PHP. This new payload adds the ability to pivot through webservers regardless of the native operating system
  • Token impersonation now works with “execute -t” to spawn new commands with a stolen token.

This release sees the first official non-Windows Meterpreter payload, in PHP as discussed last month. A new extension called Railgun is now integrated into Meterpreter courtesy of Patrick HVE, giving you scriptable access to Windows APIs and an unprecedented amount of control over post-exploitation. For those of you wishing to contribute to the framework, a new file called HACKING has been introduced that lays out a few guidelines for making it easier.

This release has 16 new exploits, 22 new auxiliary modules and 11 new Meterpreter scripts for your pwning enjoyment.

Download Metasploit Framework v3.4.1 here

Searches leading to this post:
download metasploit express, aurora metasploit 3 4 1, metasploit ftp hack, metasploit how to module update, metasploit logs, metasploit pivot, metasploit resource file, metasploit run enum_firefox, metasploit update vulnerability, metasploit framework scan update, Metasploit Framework 3 4 0 gui, metasploit firefox cookies payload, Metasploit Express Edition download, Metasploit Express download, Metasploit Express 3 4 1, Metasploit Express 3, metasploit 0day module, metasploit, how to connect metasploit 3 4 to database, update metasploit

Tagged as: , , , , , , , , , ,

Be the first to comment!

Page 1 of 7123456...Last »