Tools (27th Aug)

A weekly update on new and updated Information Security tools that I have come across or use. The tools are mainly those for PenTesting although other tools are sometimes included.

Security Shepherd v1.2
http://sourceforge.net/projects/owaspshepherd/files/
Security Shepherd is a computer based training application for web application security vulnerabilities. This project strives to hurde the lost sheep of the technological world back to the safe and sound ways of secure practises. Security Shepherd can be deployed as a CTF (Capture the Flag) game or as an open floor educational server.

SQLI Hunter v1.1
http://sourceforge.net/projects/sqlihunter/files/
SQLI Hunter is an automation tool to scan for an Sql Injection vulnerability in a website.
It automates the search of sqli vulnerable links from Google using google dorks!
SQLI Hunter can also find admin page of any website by using some predefined admin page lists.

Kautilya 0.3.0 Released

https://code.google.com/p/kautilya/downloads/list

Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby.

• The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7.
• The Linux payloads are mostly shell scripts (those installed by default) in combination with commands. These are tested on Ubuntu 11.
• The OS X payloads are shell scripts (those installed by default) with usage of native commands. Tested on OS X Lion running on a VMWare