Friday, 17 August 2012

Tools (Aug 17th)

A new post on computer security tools after a period of reduced activity of posting on this blog. These are tools that I have come across or use in my role as a Information Security Consultant.

BackTrack 5 release 3 was released 13th August.
http://www.backtrack-linux.org/downloads/
there are around 60 new tools in the Backtrack 5r3 release, the cyber arms blog has listed some of them http://cyberarms.wordpress.com/

Attack Surface Analyzer 1.0 Released 2nd August
http://blogs.msdn.com/b/sdl/archive/2012/08/02/attack-surface-analyzer-1-0-released.aspx
The purpose of this tool is to help software developers, Independent Software Vendors (ISVs) and IT Professionals better understand changes in Windows systems’ attack surface resulting from the installation of new applications.

NetworkMiner v1.4 released 12th AUg
http://sourceforge.net/projects/networkminer/files/
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
The purpose of NetworkMiner is to collect data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames).

An interesting tool that I will be looking at is for post exloitation
Nishang
http://code.google.com/p/nishang/downloads/list
Nishang is a collection of scripts and post exploitation framework in PowerShell. The aim is to increase the usage of PowerShell in offensive security and penetration test. Nishang is a result of my own requirements during real life pen tests. Since it is a post exploitation thingy it is assumed that you have a shell access on the machine or using a HID like Teensy to drop the script on the victim.

No comments:

Post a Comment