Category: Penetration Testing

Penetration Testing articles, HowTos, Techniques, Posts, Questions, Answers.

Categories
Penetration Testing Security Reconnaissance

Network Miner 1.0

Network-Miner-Packet-sniffer
Network Miner

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.

Network Miner is for those who are not much familiar with using WireShark. Network Miner made easy to sniff packets from the network and categories and sort it in different tabs so you can interesting sniffed stuff. You can also analyze pcap files which are dumped using WireShark.

Some cool features can be found :

  • Fully GUI application run on Windows platform.
  • Open source application.
  • Sniff User names of any mailing or social website e.g facebook,twitter,gmail and paypal so on…
  • All sort of cookies can be sniffed with one click.
  • Extraction of Facebook, Twitter, Yahoo, Windows Live(Hotmail) messages. (You don’t need password of someone to see his emails 😉 )

and more detailed features can be seen on official Network Miner web

Network miner has recently launched payware Professional version which provide some extra features e.g reporting, geo localization, command line script support.

Although the free version is so powerful, you will love it. We have been using it for long time.

Latest version is announced today.

Download :

Application : NetworkMiner_1-0.zip

Source code : NetworkMiner_1-0_source.zip

ChangeLog : ChangeLog

Categories
Penetration Testing Web Application Analysis

Netsparker – False Positive Free Web Application Security Scanner

Netsparker-False-Positive-Free-Web-Application-Security-Scanner
Netsparker- False Positive Free Web Application Security Scanner

 

False-Positive Free

All web application security scanners report false-positives, which means they report vulnerabilities that don’t exist.

Netsparker will try lots of different things to confirm identified issues. If it can’t confirm it and if it requires manual inspection, it’ll inform you about a potential issue generally prefixed as [Possible], but if it’s confirmed, that’s it. It’s a vulnerability. You can trust it.

Netsparker confirms vulnerabilities by exploiting them in a safe manner. If a vulnerability is successfully exploited it can’t be a false-positive. Exploitation is carried out in a non-destructive way.

Technical Details

When Netsparker identifies an SQL Injection, it can identify how to exploit it automatically and extract the version information from the application. When the version is successfully extracted Netsparker will report the issue as confirmed so that you can make sure that the issue is not a false-positive.

Same applies to other vulnerabilities such as XSS (Cross-site Scripting) where Netsparker loads the injection in an actual browser and observes the execution of JavaScript to confirm that the injection will actually get executed in the browser.

Some of great features supported by Netsparker

  • JavaScript / AJAX / Web 2.0 Support
  • Detailed Issue Reporting
  • Automation
  • Logging
  • Reporting

XML
RTF / Word
PDF

  • Integrated Exploitation Engine

Exploitation of SQL Injection Vulnerabilities
Getting a reverse shell from SQL Injection vulnerabilities
Exploitation of LFI (Local File Inclusion) Vulnerabilities
Downloading source code of all crawled pages via LFI (Local File Inclusion)
Downloading known OS files via LFI (Local File Inclusion)
Post-Exploitation

  • Authentication

Basic Authentication
Form Authentication

  • Custom 404 Detection
  • Heuristic URL Rewrite Detection
  • List of Vulnerability Checks
  • List of issues Netsparker is looking for.
  • SQL Injection
  • XSS (Cross-site Scripting)
  • XSS (Cross-site Scripting) via Remote File Injection
  • XSS (Cross-site Scripting) in URLs
  • Local File Inclusions & Arbitrary File Reading
  • Remote File Inclusions
  • Remote Code Injection / Evaluation
  • OS Level Command Injection
  • CRLF / HTTP Header Injection / Response Splitting
  • Find Backup Files
  • Crossdomain.xml Analysis
  • Finds and Analyse Potential Issues in Robots.txt
  • Finds and Analyse Google Sitemap Files
  • Detect TRACE / TRACK Method Support
  • Detect ASP.NET Debugging
  • Netsparker identifies if ASP.NET Debugging is enabled.
  • Detect ASP.NET Trace
  • Netsparker detects if ASP.NET Tracing is enabled and accessible.
  • Checks for CVS, GIT and SVN Information and Source Code Disclosure Issues
  • Finds PHPInfo() pages and PHPInfo() disclosure in other pages
  • Finds Apache Server-Status and Apache Server-Info pages
  • Find Hidden Resources
  • Basic Authentication over HTTP
  • Source Code Disclosure
  • Auto Complete Enabled
  • ASP.NET ViewState Analysis
  • ViewState is not Signed
  • ViewState is not Encrypted
  • E-mail Address Disclosure
  • Internal IP Disclosure
  • Cookies are not marked as Secure
  • Cookies are not marked as HTTPOnly
  • Directory Listing
  • Stack Trace Disclosure
  • Version Disclosure
  • Access Denied Resources
  • Internal Path Disclosure
  • Programming Error Messages
  • Database Error Messages

For more detailed features screen shots & demo click here