[0verCheck] Script para comprobar si una dirección e-mail existe o no

Script para comprobar si una dirección de e-mail existe o es falsa. Admite listas de correo.

Mi idea es extraer el dominio a partir del correo  y comprobar a través de los DNS cual es el servidor SMTP (mirando los registros MX). Una vez que sabemos el servidor SMTP procedemos a lanzar unos sockets para conectarnos a él y proceder a intentar mandarle un e-mail a la cuenta que queremos comprobar si es válida. Mirando los códigos de respuesta, vemos que si el correo es válido nos devolverá un 250, y si no (en teoría) nos devuelve un 550.

Descargar 0verCheck

[Gojira] Herramienta para facilitar las auditorías en entornos WordPress

Gojira es una herramienta para facilitar las auditorías en entornos WordPress. Está en pañales todavía ;). Por ahora:

• -Permite crear un diccionario con los plugins más populares.
• -Enumera plugins instalados a partir del diccionario.
• -Extrae los usuarios registrados.
• -Deduce la versión del WordPress a través de Readme.html, links del HTML y el meta generator.
• -Comprueba el archivo robots.txt y comprueba cada ruta.

Download Gojira

[Dumb0] A simple tool to dump users in popular forums and CMS

A simple tool to dump users forums popular forums and CMS like:

• WordPress
• SMF
• vBulletin
• IP Board
• XEN forums
• myBB
• useBB
• vanilla
• bbPress
• etc...

Download Dumb0

[FGscanner] Find hidden contents using dictionary-like attack

FGscanner is a completely rewritten version of littlescanner script.

FGscanner is an opensource advanced web directory scanner to find hidden contents on a web server using dictionary-like attack with proxy and tor support.

Quick reference for switches

Usage: ./fgscan.pl --host=hostname [--proxy=filepath] [--sec=n] [--dump] [--dirlist=filepath] [--wordlist=filepath] [--tor] [--tordns] [--debug] [--help]

--debug    : Print debug information
--dirs     : Specify the directory list file
--pages    : Specify the wordlist file
--uarnd    : Enable User Agent randomization
--host     : Specify hostname to scan (without http:// or https://)
--proxy    : Specify a proxy list
--sec    : Seconds between requests. Value 999 will randomize delay between requests from 1 to 30 seconds
--dump     : Save found pages on disk
--tor      : Use TOR as proxy for each request
--tordns   : Use TOR to resolve hostname. Without this options DNS queries will be directed to default DNS server outside TOR network
--help     : Show this help

Download FGscanner

[ExifTool] Read, Writing Meta Information Tools

ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files.ExifTool supports many different metadata formats including EXIF, GPS, IPTC, XMP, JFIF, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP and ID3, as well as the maker notes of many digital cameras by Canon, Casio, FLIR, FujiFilm, GE, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta, Nikon, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One, Reconyx, Ricoh, Samsung, Sanyo, Sigma/Foveon and Sony.

Features

•     Powerful, fast, flexible and customizable
•     Supports a large number of different file formats
•     Reads EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP, ID3 and more...
•     Writes EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, ICC Profile, Photoshop IRB, AFCP and more...
•     Reads and writes maker notes of many digital cameras
•     Decodes a riddle wrapped in a mystery inside an enigma
•     Numerous output formatting options (including tab-delimited, HTML, XML and JSON)
•     Multi-lingual output (cs, de, en, en-ca, en-gb, es, fi, fr, it, ja, ko, nl, pl, ru, sv, tr, zh-cn or zh-tw)
•     Geotags images from GPS track log files (with time drift correction!)
•     Generates track logs from geotagged images
•     Shifts date/time values to fix timestamps in images
•     Renames files and organizes in directories (by date or by any other meta information)
•     Extracts thumbnail images, preview images, and large JPEG images from RAW files
•     Copies meta information between files (even different-format files)
•     Reads/writes structured XMP information
•     Deletes meta information individually, in groups, or altogether
•     Sets the file modification date (and creation date in Windows) from EXIF information
•     Supports alternate language tags in XMP, PNG, ID3, Font, QuickTime, ICC Profile, MIE and MXF information
•     Processes entire directory trees
•     Creates text output file for each image file
•     Creates binary-format metadata-only (MIE) files for metadata backup
•     Automatically backs up original image when writing
•     Organizes output into groups
•     Conditionally processes files based on value of any meta information
•     Ability to add custom user-defined tags
•     Support for MWG (Metadata Working Group) recommendations
•     Recognizes thousands of different tags
•     Tested with images from thousands of different camera models
•     Advanced verbose and HTML-based hex dump outputs

Download ExifTool

[Proxyp] Multithreaded Proxy Enumeration Utility

Proxyp is a small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. 

This script started as a way to speed up use of proxychains, which is why I've added an append option for resulting live IP addresses to be placed at the end of a file if need be.

Requires IP::Country module and root/administrator privileges.

Download Proxyp

[DAVOSET] Tool for conducting DDoS attacks

DAVOSET – it is console (command line) tool for conducting DDoS attacks on the sites via Abuse of Functionality vulnerabilities at other sites.

Changelog v1.1.5

• Added error handler in GetCookie().
• Added new services into lists of zombies.
• Removed non-working services from lists of zombies.

Usage
1. Start the program: davoset.pl
2. Enter URL of the site to attack: Site: http://site
3. Get the site attacked via your list of zombie-servers.
Or from command line:

perl davoset.pl u=http://site
perl davoset.pl u=http://site l=list.txt m=1 c=100

Download DAVOSET v1.1.5

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround (i.e. EMPTY FRAGMENT) applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reason why RC4 ciphersuite was widely chosen as highest preferred ciphersuite for the primary workaround.

$ ./beast.pl

===============================================

SSL/TLS BEAST Vulnerability Check
 by YGN Ethical Hacker Group, http://yehg.net/

===============================================

Usage: beast.pl host [port]

port = 443 by default {optional}

$ ./beast.pl www.hotmail.com

===============================================

SSL/TLS BEAST Vulnerability Check
 by YGN Ethical Hacker Group, http://yehg.net/

===============================================

Target: www.hotmail.com:443

## The target is PRONE to BEAST attack. ##

Protocol: TLS v1
Server Preferred Cipher: AES128-SHA
Vulnerable: YES

$ ./beast.pl www.google.com

===============================================

SSL/TLS BEAST Vulnerability Check
 by YGN Ethical Hacker Group, http://yehg.net/

===============================================

Target: www.google.com:443

## The target is NOT vulnerable to BEAST attack. ##

Protocol: TLS v1
Server Preferred Cipher: ECDHE-RSA-RC4-SHA
Vulnerable: NO

Download Beast-Check

[IP-reputation-snort-rule-generator] A tool to generate Snort rules based on public IP reputation data

A tool to generate Snort rules or Cisco IDS signatures based on public IP/domain reputation data.

Usage

./tepig.pl [ [--file=LOCAL_FILE] | [--url=URL] ] [--csv=FIELD_NUM] [--sid=INITIAL_SID] [--ids=[snort|cisco]] | --help

LOCAL_FILE is a file stored locally that contains a list of malicious domains, IP addresses and/or URLs. If omitted then it is assumed that a URL is provided. URL is a URL that contains a list of malicious domains, IP addresses or URLs. The default is https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist. FIELD_NUM is the field number (indexing from 0) that contains the information of interest. If omitted then the file is treated as a simple list. INITIAL_SID is the SID that will be applied to the first rule. Every subsequent rule will increment the SID value. The default is 9000000.

Examples

Malicious IP address

./tepig.pl --url=https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist is a plain text file containing a list of known bad IP addresses. At the time of writing, the first entry is 108.161.130.191. The first rule output would be:
alert ip any any <> 108.161.130.191 any (msg:"Traffic to known bad IP (108.161.130.191)"; reference:"url,https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist"; sid:9000000; rev:0;)
This rule looks for any traffic going to or coming from the bad IP address.

Malicious Domain

./tepig.pl --url=http://doc.emergingthreats.net/pub/Main/RussianBusinessNetwork/Storm_2_domain_objects_3-11-2011.txt
http://doc.emergingthreats.net/pub/Main/RussianBusinessNetwork/Storm_2_domain_objects_3-11-2011.txt is a plain text file containing a list of known bad domain names. At the time of writing the first entry is *.bethira.com. The first rule output would be:
alert udp any any -> any 53 (msg:"Suspicious DNS lookup for *.bethira.com"; reference:"url,http://doc.emergingthreats.net/pub/Main/RussianBusinessNetwork/Storm_2_domain_objects_3-11-2011.txt"; content:\"|01 00 00 01 00 00 00 00 00 00|\"; depth: 10; offset: 2; content:"|07|bethira|03|com"; nocase; distance:0; sid:9000000; rev:0;)
This rule looks for any DNS lookup for the bad domain.

Download IP-reputation-snort-rule-generato

[autosploit] Scripts that combine Nmap and Metasploit

Scripts that will combine Metasploit and Nmap without using Lua.

Download autosploit

[Web-Sorrow v1.5] Versatile security scanner for the information disclosure and fingerprinting phases of pentesting

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks.

Web Services: a CMS and it's version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints

Authentication areas: logins, admin logins, email webapps

Bruteforce: Subdomains, Files and Directories

Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host

AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)

Download Web-Sorrow v1.5

[pweb-suite] Perl based web application penetration testing tools

Written completely in Perl, this suite of tools covers a lot of the basics for penetration testing and vulnerability detection automation. This Suite (formerly known as the "pCrack Suite") of tools is used primarily or web application vulnerability testing.

xssPlay in Action! (YouTube)

Download pweb-suite

[SQLi Dorking] script en perl para búsqueda de SQLi

sqliDorking.pl es un script en Perl de Crozz Cyborg que busca páginas vulnerables a inyecciones SQL usando dorks de Google o Bing. También acepta lista de dominios.

Uso: sqliDorking.pl [-d/-bd ] -p [-l Links.txt]  [-f Logs.txt]

Opciones:
  -gd : Google Dork
  -bd : Bing Dork
  -l : Archivo con links para analizar
  -p : Numero de paginas para buscar
  -f : Archivo donde se guardaran los logs

Ejemplos de uso:
sqliDorking.pl -gd inurl:product.php?id= -p 3 -f VulneSQL.txt
sqliDorking.pl -l links.txt -f VulneSQL.txt
sqliDorking.pl -bd inurl:product.php?id= -p 3
sqliDorking.pl -l links.txt

Descargar SQLi Dorking

[360-FAAR v0.4.1] Firewall Analysis Audit And Repair

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file!

Changes: This release adds the 'mergelog' mode to merge binary log entries from one config with another and significantly updates the user interface. All configs can be loaded from the 'load' menu instead of specifying them on the command line. Added 'verbose' switches to 'print' and 'rr' modes so that screen output can be switched off, and all 'end.' key words have been changed to simply '.' to reduce the number of keystrokes needed. Entering '0' now adds all options and '.' chooses the default if available. The Netscreen output stage now uses a default zone if none are specified.

Read Policy and Logs for:

Checkpoint FW1 (in odumper.csv / logexport format),

Netscreen ScreenOS (in get config / syslog format),

Cisco ASA (show run / syslog format),

360-FAAR uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalisation at the same time as removing unused connectivity.

360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to seamlessly move rules to where you need them.

Download 360-FAAR Firewall Analysis Audit And Repair 0.4.1