Jump to content
Nytro

Portcullis Labs Tools

By Nytro, in Programe hacking

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Tools

  • FreeRDP-pth (20/10/2013)
    - FreeRDP-pth is a slightly modified version of FreeRDP that tries to authenticate using a password hash instead of a password. This work only against RDP v8.1 servers (Windows 2012 R2 at the time of writing) and even then, only for members of the administrators groups. Refer to companion blog post for more information about Restricted Mode and pass-the-hash.
  • UDP Protocol Analysis – Interactive Python Tool (9/9/2013)
    - UDP protocol analysis is a python module which can be used in scripted analysis or interactively using ipython.
  • Local MySQL Password Bruteforcer (15/2/2013)
    - Local MySQL Password Bruteforcer is a python script to assess the strength of the local MySQL access passwords.
  • HeaderCheck (15/2/2013)
    - HeaderCheck is a python script used to check the security settings of various headers returned by web servers.
  • ssl-cipher-suite-enum (13/2/2013)
    - ssl-cipher-suite-enum is a perl script to enumerate supported SSL cipher suites supported by network services (principally HTTPS).
  • UNIXSocketScanner (31/1/2013)
    - UNIXSocketScanner is a perl script to locally enumerate UNIX domain sockets.
  • get-dhcp-opts (12/12/2012)
    - get-dhcp-opts is a tool to discover DHCP/BOOTP servers on your LAN, and dump the DHCP/BOOTP options.
  • VulnApp (15/9/2012)
    - VulnApp is a vulnerable web application written in ASP.net.
  • rdp-sec-check (15/7/2012)
    - rdp-sec-check is a perl script to enumerate security settings of an RDP Service (AKA Terminal Services).
  • nopc (3/7/2012)
    - nopc is a Nessus based UNIX patch checker. It utilises Nessus’ nasls and instructs you on what data you need to manually get from the system to perform that patch check. This was developed for situation when network connectivity to the systems under review is not possible.
  • secdump (24/3/2012)
    - secdump is a simple meterpreter module that uploads and runs gsecdump. Nothing fancy, just a time saver.
  • SSHatter (16/2/2011)
    - SSHatter is a perl script to perform brute force attacks on SSH.
  • hoppy (9/10/2009)
    - hoppy is python script to probe HTTP options and perform scanning for information disclosure issues.
  • ManySSL (9/12/2008)
    - ManySSL is a perl script to enumerate supported SSL cipher suites supported by network services (principally HTTPS).
  • udp-proto-scanner (26/11/2008)
    - udp-proto-scanner is a perl script which discovers UDP services by sending triggers to a list of hosts
  • MS08-067 check (18/11/2008)
    - MS08-067 check is python script which can anonymously check if a target machine or a list of target machines are affected by MS08-067 vulnerability.
  • polenum (30/10/2008)
    - polenum is a python script which can be used to get the password policy from a Windows machine.
  • vessl (30/10/2008)
    - vessl is a bash script that can fetch and verify the SSL certificate of a remote server.
  • enum4linux (16/9/2008)
    - A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.
  • phrasen|drescher (27/6/2008)
    - A tool for bruteforce guessing pass phrases, password hashes or remote accounts of various services.
  • BSQL brute forcer V2 (18/6/2008)
    - Updated version of the Blind SQL Injection Brute Forcer from www.514.es. Works against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries.
  • acccheck (9/4/2008)
    - The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.
  • MIBparse (7/4/2008)
    - MIBparse.pl has been designed as an offline parser to quickly parse output from SNMP tools such as ‘snmpwalk’.
  • nbtscan-1.5.2 (3/4/2008)
    - NBTscan is a program for scanning IP networks for NetBIOS name information.
  • XSS Tunnel (2/4/2008)
    - XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system. Any tool that is configured to use it will tunnel its traffic through the active XSS Channel on the XSS Shell server.
  • Banner Grab (2/4/2008)
    - BannerGrab is a tool that performs connection, trigger-based and basic information collection from network services.
  • viewstate (2/4/2008)
    - Viewstate is an ASP.Net viewstate decoder, checker, parser and encoder.
  • Sun Patch Check (2/4/2008)
    - Sun Patch Check lists missing security patches by comparing the output from the Sun Solaris “showrev” command to that from the Sun recommended patch list.
  • XSS Shell (2/4/2008)
    - XSS Shell is a powerful XSS backdoor, in XSS Shell one can interactively send requests and get responses from victim and it allows you to keep the control of session.
  • sucrack (31/3/2008)
    - sucrack is a multithreaded Linux/UNIX tool for brute-force cracking local user accounts via su.
  • rmiInfo (31/3/2008)
    - A tool for extracting information from Java Remote Method Invocation (RMI) services.
  • onesixtyone (31/3/2008)
    - An enhanced version of Solar Eclipse’s SNMP Community string guessing tool.
  • http-dir-enum (28/3/2008)
    - A command-line tool for bruteforce-guessing directory and filenames on web servers.
  • BSQL Hacker (16/1/2008)
    - BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.

Sursa: http://labs.portcullis.co.uk/tools/

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...