UBUNTU 11.10 ECHELON EDITION V1R5 RELEASED.

Tool Includes :

Wifi Cracking Tools:

• Cowpatty
• Feeding Bottle
• Wireshark
• Pyrit
• Wifite
• Reaver
• Fern Wifi Cracker
• Python Dictionary File Creator (for WPA and Brute Force)

Network Cracking Tools:

• XHydra
• Snort
• tcpdump
• Netexpect
• Etherape
• Kismet
• Net Tools 5.0
• Deny Hosts
• Zenmap
• Secure Shell
• Umit Network Scanner
• Sec Panel
• Tiger
• hPing
• Python-Scalpy
• nmap
• John the Ripper
• XHydra
• John the Ripper
• nmap
• Kismet
• Snort
• NetExpect
• Python-Scalpy
• Etherape
• w3af

Network Tools:

• pyNeighbourhood
• KPPP Dialup
• KNemo
• DC-QT
• Communication Tools:
• Pidgin + All plugins
• Skype
• TorChat
• Team Speak
• Online Money:
• Bitcoin

DDOS Tools:

• HOIC
• LOIC
• Hive Mind LOIC
• iPWin
• UDP Unicorn
• GoodBye
• XOIC
• …9 more JS LOIC bookmarked in Firefox

Website Tools:

• Heidi SQL
• Filezilla
• WebHTTrack Website Copier
• Putty SSH/Telnet
• Web Browsers:
• Konquerer
• Firefox – Mods Include:
• Noscript, Adblock, Modified Downloadhelper,
• HTTPS Everywhere, Imacros, Foxy Proxy,
• Hidemyass, NewIPNow, Greasemonkey
• And tonnes of bookmarks…

Emulation:

• Wine
• Wine Tricks
• Play on Linux
• Mono
• VirtualBox 4.2
• Security:
• ClamAV
• Tor (Enabled automatically for Firefox, Pidgin and Skype)
• Polpio
• chrootkit
• rkhunter
• Kvpnc
• Firewall Builder

Sound and Video:

• Webcam Utilities
• VLC

Extras:

• Gnome Color Changer
• Ubuntu Tweak
• MyUnity
• Ubuntu Restricted Extras
• KUbuntu Restricted Extras
• XUbuntu Restricted Extras
• Multiple Monitors
• Open JDK Java 6 Runtimes
• Open JDK Java 7 Runtimes
• IcedTea Java Plugin
• PDF Resurrect
• Original 10.04 Style Desktop(Sidebar search removed)
• Amazon results removed.
• Icons are now neatly in folders not just strung around the desktop
• New stamped Grub screen and Desktop

Downlaod :
Part I : Ubuntu Echelon V1R5.part1.exe (524.3 MB)
Part II : Ubuntu Echelon V1R5.part2.rar (524.3 MB)
Part III : Ubuntu Echelon V1R5.part3.rar (524.3 MB)
Part IV : Ubuntu Echelon V1R5.part4.rar (524.3 MB) 
Part V : Ubuntu Echelon V1R5.part5.rar (524.3 MB)
Part VI : Ubuntu Echelon V1R5.part6.rar (219.4 MB) 
sources : https://www.facebook.com/UbuntuEE

OWASP Bricks (Feni) - Web application security learning platform built on PHP and MySQL

Bricks is a deliberately vulnerable web application built on PHP and MySQL. The project focuses on variations of commonly seen application security vulnerabilities and exploits. Each 'brick' has some sort of vulnerability which can be exploited using tools (Mantra and ZAP). The mission is to 'break the bricks' and thus learn the various aspects of web application security.

Download OWASP Bricks - Feni.zip (1.4 MB) UPDATED ON 19/03/2013
Download other versions from here

Source-
http://sourceforge.net/projects/owaspbricks/

Screenshot -

xssf v3.0 (Cross-Site Scripting Framework) released

The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes.

XSSF allows creating a communication channel with the targeted browser (from a XSS vulnerability) in order to perform further attacks. Users are free to select existing modules (a module = an attack) in order to target specific browsers.

XSSF provides a powerfull documented API, which facilitates development of modules and attacks. In addition, its integration into the Metasploit Framework allows users to launch MSF browser based exploit easilly from an XSS vulnerability.

In addition, an interesting though exploiting an XSS inside a victim's browser could be to browse website on attacker's browser, using the connected victim's session. In most of cases, simply stealing the victim cookie will be sufficient to realize this action. But in minority of cases (intranets, network tools portals, etc.), cookie won't be useful for an external attacker. That's why XSSF Tunnel was created to help the attacker to help the attacker browsing on affected domain using the victim's session.

This work is the result of an internship studies conducted for the Faculty of Science and Technology of Limoges (MASTER II Cryptis)within CONIX Security company.

New version is supported by current MSF 4.6.0-dev and Backtrack 5R3 / Ubuntu 12.04 / Kali 1.0 / Windows 7 (at least).

Download & Install
Download can be done directly with the last packaged version in download section. Using the SVN repository is a better way of downloading and updating XSSF as the SVN trunk version is always up-to-date.

Installation is made to be easy and downloaded files only have to be placed within Metasploit installation directory. For people having installation issues, please refer you to the project Wiki pages. Installation on Ubuntu systems is explained here in case Wiki pages are not sufficient.

Download - XSSF-3.0.zip 1.6 MB Download older versions Description: New XSSF version 3.0 XSSF database was becoming hard to maintain within MSF due to fast MSF / Ruby developments and changes. New version replaces former database with simple tables in memory (as model was very simple), and should remove previous issues triggered at each MSF update. As database functionalities are suppressed, two new functions are added 'xssf_save_state [fileName]' and 'xssf_restore_state [fileName]' to save new 'database' state and rebuild it on same computer or different one, keeping already linked victims. Restoring saved state will erase your current victims and logs. This version was only tested on Linux : Ubuntu / Kali platforms for now, please feel free to inform within the issues page any problem or bug with XSSF. Source- https://code.google.com/p/xssf/

update discover.sh backtrack-scripts -Custom bash scripts used to automate various pentesting tasks.

Latest update: March 16

• Added the following to the 'update' alias.
• dnsenum
• goofile

For more details and history see Updates.

---

1. Download scripts to the proper location.

svn co https://backtrack-scripts.googlecode.com/svn/ /opt/scripts

2. Set permissions.

chmod +x /opt/scripts/ -R

3. Run the setup script.

cd /opt/scripts/

./setup.sh

4. Exit Terminal and open a new one. Run the new alias to update the distro and commonly used applications. This should be ran daily.

update

5. Run the main application.

./discover.sh

_____  ___ ______ ______  _____  _    _ ______  _____|     \  |  |____  |      |     |  \  /  |_____ |____/
|_____/ _|_ _____| |_____ |_____|   \/   |_____ |    \_
By Lee Baird


RECON - Names, emails, URLs, whois, DNS, traceroute and load balancing.
1.  Open Source Intelligence Gathering
2.  Scrape

DISCOVER - Host discovery, port scanning, service enumeration and OS
identification using Nmap, Nmap scripts and Metasploit scanners.
3.  Ping Sweep
4.  Single IP, URL or Range
5.  Local Area Network
6.  List
7.  CIDR Notation

WEB8.  Open multiple tabs in Firefox
9.  Nikto
10. SSL Check

MISC11. Crack WiFi
12. Reinstall nmap 13. Start a Metasploit listener14. Exit

---

Open Source Intelligence Gathering.
1.  Company
2.  Person
3.  Previous menu

---

Scrape
1.  Passive
2.  Active
3.  Previous menu

---

Open multiple tabs in Firefox with:
1.  List containing IPs and/or URLs.
2.  Directories from a domain's robot.txt.

3.  Previous menu

Source-
https://code.google.com/p/backtrack-scripts/

Social-Engineer Toolkit (SET) v4.7 – Codename “Headshot” Released.

The Social-Engineer Toolkit (SET) version 4.7 codename “Headshot” has been released. This version of SET introduces the ability to specify multi-powershell injection which allows you to specify as many ports as you want and SET will automatically injectPowerShell onto the system on all of the reverse ports outbound. What’s nice with this technique is it never touches disk and also uses already white listed processes. So it should never trigger anything like anti-virus or whitelisting/blacklisting tools. In addition to multi-powershell injector, there are a total of 30 new features and a large rewrite of how SET handles passing information within different modules.

Change Log  of Version 4.7

* removed a prompt that would come up when using the powershell injection technique, port.options is now written in prep.py versus a second prompt with information that was already provided

* began an extremely large project of centralizing the SET config file by moving all of the options to the set.options file under src/program_junk

* moved all port.options to the central routine file set.options

* moved all ipaddr.file to the central routine file set.options

* changed spacing on when launching the SET web server

* changed the wording to reflect what operating systems this was tested on versus browsers

* removed an un-needed print option1 within smtp_web that was reflecting a message back to user

* added the updated java bean jmx exploit that was updated in Metasploit

* added ability to specify a username list for the SQL brute forcing, can either specify sa, other usernames, or a filename with usernames in it

* added new feature called multi-powershell-injection – configurable in the set config options, allows you to use powershell to do multiple injection points and ports. Useful in egress situations where you don’t know which port will be allowed outbound.

* enabled multi-pyinjection through java applet attack vector, it is configured through set config

* removed check for static powershell commands, will load regardless – if not installed user will not know regardless – better if path variables aren’t the same

* fixed a bug that would cause linux and osx payloads to be selected even when disabled

* fixed a bug that would cause the meta_config file to be empty if selecting powershell injection

* added automatic check for Kali Linux to detect the default moved Metasploit path

* removed a tail comma from the new multi injector which was causing it to error out

* added new core routine check_ports(filename, ports) which will do a compare to see if a file already contains a metasploit LPORT (removes duplicates)

* added new check to remove duplicates into multi powershell injection

* made the new powershell injection technique compliant with the multi pyinjector – both payloads work together now

* added encrypted and obfsucated jar files to SET, will automatically push new repos to git everyday.

* rewrote the java jar file to handle multiple powershell alphanumeric shellcode points injected into applet.

* added signed and unsigned jar files to the java applet attack vector

* removed create_payload.py from saving files in src/html and instead in the proper folders src/program_junk

* fixed a payload duplication issue in create_payload.py, will now check to see if port is there

* removed a pefile check unless backdoored executable is in use

* turned digital signature stealing from a pefile to off in the set_config file

* converted all src/html/msf.exe to src/program_junk/ and fixed an issue where the applet would not load properly

Video -
http://vimeo.com/61896197

Source-

https://www.trustedsec.com/march-2013/social-engineer-toolkit-set-v4-7-codename-headshot-released/

SSLyze v0.6 - Fast and full-featured SSL scanner

SSLyze - Fast and full-featured SSL scanner

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

Key features include -

• SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
• Performance testing: session resumption and TLS tickets support
• Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
• Server certificate validation
• Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
• Client certificate support for servers performing mutual authentication
• Scan results can be written to an XML file for further processing

Installation
Supported platforms include Windows 7, Linux and OS X Mountain Lion, both 32 and 64 bits. SSLyze requires Python 2.6 or 2.7 and OpenSSL 0.9.8+.

Linux / OS X
On Linux and OS X, SSLyze relies on the system's OpenSSL libraries.

Windows
For Windows, specific packages that include the OpenSSL DLLs are provided.

Installation Packages
Installation packages are available at:- http://nabla-c0d3.blogspot.com/2013/01/sslyze-v06.html

Usage
The user manual is available at: https://github.com/iSECPartners/sslyze/wiki
Sample command line:

$ python sslyze.py --regular www.isecpartners.com:443 www.google.com

See the test folder for additional examples.

Source -

https://github.com/iSECPartners/sslyze

Kali Linux : An advanced Penetration Testing and Security Auditing Linux distribution

Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution.

Kali Linux is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution.
Kali Linux is a complete re-build of BackTrack from the ground up, adhering completely to Debian development standards.

Kali Linux Features :-

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.

• More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.
• Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.
• Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.
• FHS compliant: Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.
• Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
• Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.
• Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.
• GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.
• Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
• Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users to customize Kali Linux to their liking, all the way down to the kernel.
• ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, resulting in working installations for both ARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:
• rk3306 mk/ss808
• Raspberry Pi
• ODROID U2/X2
• Samsung Chromebook

Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system.

Download KaliLinux 1.0 
Default root password is same “toor“, you can download Kali Linux here.

For more information pls visit -
http://www.kali.org/news/kali-linux-whats-new/
http://docs.kali.org/category/introduction

Source-
http://www.kali.org/

UPDATES DISCOVER V-12.03.13 – CUSTOM BASH SCRIPTS TO AUTOMATE VARIOUS PENTESTING TASKS.

Latest update: March 12 

1. Added the following to the ‘update’ alias.
- apt-get autoremove and autoclean
- BeEF
- HexorBase
- Nessus
- Sqlninja
- WPScan
2. Scrape > Active
- Fixed bug with email addresses not showing up.
- Added sub-domains to dnsrecon.
3. Open multiple tabs in Firefox
- You can now specify a port.
- Port 21 will use ftp://IP
- Port 80 will use http://IP
- Port 443 will use https://IP
- Misc port will use http://IP:port

______  ___ ______ ______  _____  _    _ ______  _____
|     \  |  |____  |      |     |  \  /  |_____ |____/
|_____/ _|_ _____| |_____ |_____|   \/   |_____ |    \_

RECON
1.  OSIG – open source intelligence gathering
2.  Scrape – names, emails, whois, DNS and traceroute

DISCOVER- Host discovery, port scanning, service enumeration and OS identification using Nmap, Nmap scripts and Metasploit scanners.

• Ping Sweep
• Single Host or URL
• Local Area Network
• List of Hosts
• CIDR Notation

WEB

• Open multiple tabs in Firefox
• Niktos
• SSL Check

MISC

• Check for new Nmap scripts and Metasploit scanners
• Start a Metasploit listener

How To USAGE :

1. Download scripts to the proper location.
svn co https://backtrack-scripts.googlecode.com/svn/  /opt/scripts

2. Set permissions.
chmod 755 /opt/scripts/ -R

3. Run the setup script.
./setup.sh

4. Run the new alias to update the distro and commonly used applications.
update

5. Run the main application.
./discover.sh

Put code Scripting in here : https://backtrack-scripts.googlecode.com/svn/

More information right here : https://code.google.com/p/backtrack-scripts/

CloseTheDoor - indentifies all the listening ports TCP/UDP over IPv4/v6

CloseTheDoor indentifies all the listening ports TCP/UDP over IPv4/v6 and the associated program files. This will help you to detect security holes and close backdoors when you want to prevent remote attacks.

Features

• Enumerate all listening ports for IPv4/IPv6
• Gather informations about the listening ports
• Ability to disable potentially dangerous ports

Download CloseTheDoorSetup-v0.2.1.exe (128.5 kB)
Download older versions from here

Screenshot -

Domain Analyzer Security Tool :Finds all the security information for a given domain name

Domain Analyzer Security Tool :Finds all the security information for a given domain name
Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way

Features

• It creates a directory with all the information, including nmap output files.
• It uses colors to remark important information on the console.
• It detects some security problems like host name problems, unusual port numbers and zone transfers.
• It is heavily tested and it is very robust against DNS configuration problems.
• It uses nmap for active host detection, port scanning and version information (including nmap scripts).
• It searches for SPF records information to find new hostnames or IP addresses.
• It searches for reverse DNS names and compare them to the hostname.
• It prints out the country of every IP address.
• It creates a PDF file with results.
• It automatically detects and analyze sub-domains!
• It searches for domains emails.
• It checks the 192 most common hostnames in the DNS servers.
• It checks for Zone Transfer on every DNS server.
• It finds the reverse names of the /24 network range of every IP address.
• It finds active host using nmap complete set of techniques.
• It scan ports using nmap.
• It searches for host and port information using nmap.
• It automatically detects web servers used.
• It crawls every web server page using our Web Crawler Security Tool.
• It filters out hostnames based on their name.
• It pseudo-randomly searches N domains in google and automatically analyze them!
• Uses CTRL-C to stop current analysis stage and continue working.

Download domain_analyzer_v0.8.tar.gz (42.7 kB)
Screenshot -

Source - http://sourceforge.net/projects/domainanalyzer/