Penetrax - Security Consulting Home   |   Services   |   DIY Tools   |   FAQ   |   About Us   |   Contact Us  
       
 

DIY Tools

 


   The Iris Network Traffic Analyzer captures network traffic and can automatically reassemble it to its native format, making it much easier to analyze the data going across the network. Security and IT professionals can read the actual text of an email exactly as it was sent, or reconstruct exact HTML pages that a user has visited. Iris also provides a variety of statistical measurements allowing companies to proactively identify — and take the steps to eliminate — performance issues before they can result in downtime.

 


   N-Stalker Web Application Security Scanner 2006 is a state-of-the-art security assessment tool developed by N-Stalker. By incorporating the well-known N-Stealth HTTP Security Scanner and its 35,000 Web Attack Signature database, along with a patent-pending Component-oriented Web Application Security Assessment technology, N-Stalker is capable of sweeping your Web Application for a large number of vulnerabilities common to this environment, including Cross-site Scripting and SQL injection, Buffer Overflow and Parameter Tampering attacks and much more.

 


   NMapWin ("Network Mapper for Windows") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

 


   Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry. It can read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer™ (compressed and uncompressed), Sniffer™ Pro, NetXray™, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others.

 


   Zombie Zapper[tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. The new 1.2 version works against Trinoo (including the Windows Trinoo agent), TFN, Stacheldraht, and Shaft. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

 


   The Security Auditor's Research Assistant (SARA), in its simplest (and default) mode, gathers as much information about remote hosts and networks as possible by examining such network services as finger, NFS, NIS, ftp and tftp, rexd, and other services. It integrates the National Vulnerability Database (NVD). The real power of SARA comes into play when used in exploratory mode. Based on the initial data collection and a user configurable ruleset, it will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts, allowing the user to examine the real implications inherent in network trust and services and help them make reasonably educated decisions about the security level of the systems involved.

 


   Black Widow is an Internet scanning and downloading tool. It can download pictures or any kind of files, a whole web site, or just build the structure of a site in an explorer view; monitor your internet activity, listing all the links you have visited, including images and downloaded files; reproduce the web site directory structure, as if you were to look at the site using Windows Explorer; View the web page source codes, even those in frames or blocked; find broken links, mistyped links, server errors such as configuration errors etc.

 


   Instant Source lets you take a look at a web page's source code, to see how things are done. Also, you can edit HTML directly inside Internet Explorer! While this has always been possible using the IE View Source command, Instant Source changes the concept entirely, and allows you to view the code for the selected elements instantly, without having to open the entire source. The program integrates into Internet Explorer and opens a new toolbar window which instantly displays the source code for whatever part of the page you select in the browser window.

 


   Brutus is one of the fastest, most flexible remote password crackers you can get your hands on - it's also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page. Development continues so new releases will be available in the near future. Brutus was written originally to help its author check routers etc. for default and common passwords.

 


   ObiWaN is an application for performing a brute force authentication attack against a Webserver with authentication requests - and in fact to break in insecure accounts. A webserver with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a HTTP connection to a host with basic authentication can try username-password combinations as long as he/she like it. ObiWaN uses wordlists and alternations of numeric or alpha-numeric characters as possible passwords. Since Webservers allow unlimited requests it is a question of time and bandwith to break in a server system.

 

  
     
  Copyright © 2006, Penetrax Security Consulting. All Rights Reserved.