Flawfinder este un program ce examnieaza un cod sursa si genereaza rapoarte.Acestea sunt categorisite dupa nivelul de risc.
Este usor de folosit, tot ce trebuie sa faci dupa instalare este:

flawfinder directorul_cu_codul_sursa

Cum functioneaza?

Flawfinder works by using a built-in database of C/C++ functions with well-known problems, such as buffer overflow risks (e.g., strcpy(), strcat(), gets(), sprintf(), and the scanf() family), format string problems ([v][f]printf(), [v]snprintf(), and syslog()), race conditions (such as access(), chown(), chgrp(), chmod(), tmpfile(), tmpnam(), tempnam(), and mktemp()), potential shell metacharacter dangers (most of the exec() family, system(), popen()), and poor random number acquisition (such as random()). The good thing is that you don’t have to create this database – it comes with the tool.
Flawfinder then takes the source code text, and matches the source code text against those names, while ignoring text inside comments and strings (except for flawfinder directives). Flawfinder also knows about gettext (a common library for internationalized programs), and will treat constant strings passed through gettext as though they were constant strings; this reduces the number of false hits in internationalized programs. .

Link-ul de download:
flawfinder-1.27.tar.gz

flawfinder

Websecurify – Web Security Testing Framework

Ce este Websecurify?

Websecurify este o initiativa de auditare a aplicatiilor web. Acest tool poate fi folosit atat pentru ataca cat si audita o aplicatie web.
Este compatibil atat cu Windows si Linux cat si MAC!(printre primele ce functioneaza si pe Mac).

Cum functioneaza?

JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading browsers.
Multiple Environments – The core technology can run in normal browsers, xulrunner, xpcshell (command line), inside Java or as part of a custom V8 (Chrome’s JavaScript Engine) build. The core is written with extensibility in mind so that more environments can be supported without changing even a single line of code.
Multi-platform – The tool is available and successfully runs on Windows, Mac OS, Linux and other operating systems.
Automatic Updates – Every single piece of the tool is subjected to automatic updates. This means that newer and more advanced versions of the tool can be shipped to your front door without you lifting your finger. This however is completely optional. The automatic update can be turned off if needed.
Extensions – Because the tool comes wrapped in xulrunner by default (keep in mind that we can support any other JavaScript environment) we benefit from all cool features that Firefox has, such as extensions. Extensions are easy to write and maintain and can customize every single aspect of the tool and there are already tones of resources and documentation, including books and what not, out there to teach you exactly how to do that. We will be providing documentation as well.

Download:
Windows – Websecurify 0.3.exe
Linux – Websecurify 0.3.tgz
Mac – Websecurify 0.3.dmg

auditing · hacking tool · Websecurify

HP SWFScan este un tool gratuit produs de cei de la HP Web Security Research Group, ce gaseste vulnerabilitati in aplicatii Flash.

Cum functioneaza?
Pai aceastea aplicatie decompileza apicatiile facute pe platforma Adobe Falsh, si extrage codul ActionScript si apoi analizeaza codul, cautand bug-uri.

Pe scurt, el face audit aplicatiilor fara a avea nevoie de codul sursa.
Download here:
SwfScan.msi

No tags

BarsWF este un tool de cracking pentru parole de MD5. Aceste tool este cel mai rapid, dupa un benchmark ce il puteti vedea aici.

System Requirements
CUDA version only:nVidia GeForce 8xxx and up, at least 256mb of video memory.
LATEST nVidia-driver with CUDA support.Standard drivers might be a bit older (as CUDA 2.0 is still beta)
CPU with SSE2 support (P4, Core2Duo, Athlon64, Sempron64, Phenom).
Recommended 64-bit OS (WinXP 64 or Vista64). 32-bit version is also available.

Homepage: http://3.14.by/en/

No tags

SqlMap 0.7 – Automatic SQL Injection Tool

Daca tot suntem la tool-uri de auditare a bazelor de date, am zis sa va prezint SqlMap 0.7.
SqlMap este un tool automat de detectare si infiltrare a aplicatiilor vulnerabile la SQL Injection.
Odata detectata vulnerabilitatea de tip SQL injection, atacatorul poate alege dintr-o gama variata de optiuni.
Poate afisa baza de date, coloanele, hash-urile parolelor si chiar de a afisa toata baza de date sau doar cateva coloane/tabele.

Ce scoate in evidenta SqlMAP fata de alte ‘tool-uri’ de acest fel?

Pai SqlMap poate citi si scrie fisiere binare pe sistemul vulnerabil la sql injection, si poate insera chiar payload-uri de Metasploit.

Il puteti downloada aici:

Linux: sqlmap-0.7.tar.gz
Windows: sqlmap-0.7_exe.zip

Manualul de folosire aici:

README.pdf

No tags

MySqloit este un tool automat de atacare a bazelor de date ce sufera de SQL injection.
Tinta lui principala este LAMP(Linux, Apache, MySQL, PHO)
Ce este interesant la acest tool este ca el poate executa shellcode de metasploit prin SQL injection.
Deocamdata acest tool este folosit doar pe Linux, dar este in decurs de developare.

Puteti sa iti downloada aici: MySqloitv0.1.tar

automate sql injection · hacking database · sql injection

FreeBSD Local Root Escalation Vulnerability

Da, a aparut si exploit de FreeBSD. De mult nu am mai vazut asa ceva, poate pentru ca nu prea e asa de folosit, si mai greu de configurat.
Ce face acest exploit?!

Pai ‘te face’ root, daca ai acces local la acel sistem.
Cum?
Pai daca gasesti vreo vulnerabilitate pe aplicatia web, sau ai acces ssh.
OFFtopic: i’m back.
Sursa: The Register

Exploits · FreeBSD exploit · FreeBSD local root · FreeBSD local root exploit