Sharing my Penetration Testing Tools with Source

This topic contains 2 replies, has 3 voices, and was last updated by  Henry864 3 years ago.

  • Author
    Posts
  • #8622
     swissfondue 
    Participant

    After conducting PT’s over the last 15 years i have a huge collection of windows and linux tools (a few i already shared here: http://www.netprotect.ch/tools.html) which help you to conduct penetration tests. They cover what backtrack tools, nessus, metasploit and many other cool dev’s did not do the job for me.

    Tool categories are:
    webscanner, smtp scanner, ipv6 scanner, android trojans, stealth keyloggers, stealth remote control software undetectable by AV, vpn scanner, dns scanner, inside out tools to fetch data within protected enviroments, tunneling tools, penetration checklists etc. etc. etc.

    All of them have never been published before. I will release them one after the other including source code. Most of them are really easy to use. I started uploading them to code.google.

    Here are some of the first uploads:
    http://code.google.com/p/dns-information-gathering-tool/
    http://code.google.com/p/android-security-demo-app/
    http://code.google.com/p/ipv6-portable-portscanner/
    http://code.google.com/p/smtp-security-scanner/
    http://code.google.com/p/swat-web-security-scanner/

    The more sophisticated (and dangerous ones) will come later….

  • #53667
     prats84 
    Participant

    Thanx 🙂

  • #53668
     Henry864 
    Participant

    It’s the method of testing where the areas of weakness in software systems in terms of security are put to test to determine, if ‘weak-point’ is indeed one, that can be broken into or not.

    Step #1. It starts with a list of Vulnerabilities/potential problem areas that would cause a security breach for the systems.
    Step #2. If possible, this list of items has to be ranked in the order of priority/criticality
    Step #3. Devise penetration tests that would work (attack your system) from both within the network and outside (externally) to determine if you can access data/network/server/website unauthorized.
    Step #4. If the unauthorized access is possible, the system has to be corrected and the series of steps need to be re-run until the problem area is fixed.

    1) Metasploit
    2) Wireshark
    3) w3af
    4) CORE Impact
    5) Back Track

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?