Scan & analysing tools

Facebook Twitter

Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server. Yara-project - A malware identification and classification tool. RIPS - free PHP security scanner using static code analysis. Code search ⋅ search. Protect Your Interwebs. BFT a Browser forensic tool. Labs Research: Solving a Little Mystery. Firmware analysis is a fascinating area within the vast world of reverse engineering, although not very extended.

Labs Research: Solving a Little Mystery

Sometimes you end up in an impasse until noticing a minor (or major) detail you initially overlooked. That's why sharing methods and findings is a great way to advance into this field. Maltego 3 > Maltego Client. Code Exploration Blog. Jsunpack-n - A generic JavaScript unpacker. Jsunpack-n emulates browser functionality when visiting a URL.

jsunpack-n - A generic JavaScript unpacker

It's purpose is to detect exploits that target browser and browser plug-in vulnerabilities. It accepts many different types of input: PDF files - samples/sample-pdf.file Packet Captures - samples/sample-http-exploit.pcap HTML files JavaScript files SWF files. TheHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool. TheHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool

This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources supported are: Google – emails,subdomains/hostnames Google profiles – Employee names Bing search – emails, subdomains/hostnames,virtual hosts Pgp servers – emails, subdomains/hostnames Linkedin – Employee names Exalead – emails,subdomain/hostnames New Features Time delays between requests XML and HTML results export Search a domain in all sources Virtual host verifier Shodan computer database integration Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion) Basic graph with stats. Как расшифровать PHP-скрипт | Raz0r.name — блог о web-безопасности. Тема декодирования зашифрованных PHP-скриптов уже однажды мной затрагивалась в посте PHP и зашифрованный код .

Как расшифровать PHP-скрипт | Raz0r.name — блог о web-безопасности

В нем я описал способ получения значений всех инициализированных переменных и списка объявленных функций в скрипте, зашифрованным протектором ionCube. Тогда, в 2009 году, расшифровать скрипт под ionCube было проблематично – на тот момент существовали лишь платные сервисы. Antepedia. Koders.com. Open Search - Home. FAQ - GrepCode.com - Java Source Code Search 2.0. How do I perform a stack trace search ?

FAQ - GrepCode.com - Java Source Code Search 2.0

Clicking the checkbox labeled "Stack Trace Search" on the GrepCode home page provides a text area where you can paste your Java stack trace. Doing a search after that will take you to a page with the results of your stack trace search. Alternatively, if you are not on the main page, you can click on the link in the header labeled "Stack Trace Search", and perform the same search.

DEFT Linux 7 RC1. List of tools for static code analysis. This is a list of tools for static code analysis.

List of tools for static code analysis

By language[edit] Multi-language[edit] Cppcheck - A tool for static C/C++ code analysis. FindBugs v.2.0 - Find Bugs in Java Programs. Javasnoop - A tool that lets you intercept methods, alter data and otherwise hack Java applications running on your computer. Normally, without access to the original source code, testing the security of a Java client is unpredictable at best and unrealistic at worst.

javasnoop - A tool that lets you intercept methods, alter data and otherwise hack Java applications running on your computer.

With access the original source, you can run a simple Java program and attach a debugger to it remotely, stepping through code and changing variables where needed. Doing the same with an applet is a little bit more difficult. Unfortunately, real-life scenarios don't offer you this option, anyway. Compilation and decompilation of Java are not really as deterministic as you might imagine. Therefore, you can't just decompile a Java application, run it locally and attach a debugger to it.

VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines! Arachni Web scanner (CLI & WEB GUI) ~ Sudhir @ Pentester. Download the CDE package from: Linux users enjoy the privilege of a CDE package which is a compressed archive and contains a full preconfigured Linux environment in the form of a sandbox.

Arachni Web scanner (CLI & WEB GUI) ~ Sudhir @ Pentester

Quick Basic Usage of Arachni: To see help type : p0f v3. Copyright (C) 2012 by Michal Zalewski <lcamtuf@coredump.cx> Yeah, it's back!

p0f v3

1. What's this? Loadbalancer-finder - Load Balancer Finder. Program to detect domains that use load balancers and/or multiple hosts by Alejandro Nolla Blanco (z0mbiehunt3r).

loadbalancer-finder - Load Balancer Finder

Tries to find load balancers using several methods: - Check multiple DNS "A" entries - IPID Analysis - IP TTL value analysis - Server banner analysis - Well-known load balancer cookies checking - HTTP Date header timestamp analysis - ICMP timestamp analysis - TCP timestamp analysis - Multiple DNS queries with different geolocated DNS servers (round-robin, anycast) Thanks to: - Rubén Garrote García (boken) - Daniel García García (cr0hn) - Raúl Siles from Taddong - Buguroo and Écija ethical hacking team - John Matherly (achillean) for Shodan and his help - Adam Maxwell for Citrix Net Scaler cookie decoder.

Wavsep - Web Application Vulnerability Scanner Evaluation Project. A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. AS OF 2014/01/01, The Project File Hosting was migrated to Sourceforge. New downloads (WAVSEP 1.5+) can be obtained from the project sourceforge repository Quickstart: The easiest way to get started with wavsep evaluations is to use a pre-installed instance in one of the following training VMs (note that some of the path traversal test cases only work under windows): Web Security Dojo v2.0+ OWASP Broken Web Apps null's GAMEOVER VM Extras: pico-wavsep (w3af) - a minimalistic way to run wavsep wavsep cookbook (rapid7) - recipes to install and run wavsep on tomcat.

Особенности поведения нового TCP/IP стека Windows / Блог компании Positive Technologies. Начиная с Windows Vista, компания Microsoft в своих операционных системах перешла на новый сетевой стек — Next Generation TCP/IP Stack. Стек включает в себя множество различных плюшек: Windows Filtering Platform, масштабируемое TCP-окно и прочие вкусности, однако речь пойдет совсем не о них, а об одной конкретной особенности поведения нового сетевого стека. Всякий уважающий себя сетевой сканер должен уметь определять ОС сканируемого узла, при этом чем больше параметров используется, тем более точный ожидается результат. Например, сетевой сканер Nmap использует для определения операционной системы весьма широкий набор метрик: разнообразные TCP-метрики (поведение значений timestamp, переупорядочивание TCP-опций), IP-метрики (алгоритм генерации порядкового номера пакета, обработка флагов IP-пакета) и иные метрики.

Online JavaScript beautifier. Metagoofil - Metadata Information Gathering. Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company. The tool will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results it will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the information gathering phase. This new version supports local directory scanning The application has been tested in Linux and OSX.