Cookie Cadger – Cookie auditing tool for wired and wireless networks

Tool Description

Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.

Web providers have started stepping up to the plate since Firesheep was released in 2010. Today, most major websites can provide SSL/TLS during all transactions, preventing cookie data from leaking over wired Ethernet or insecure Wi-Fi. But the fact remains that Firesheep was more of a toy than a tool. Cookie Cadger is the first open-source pen-testing tool ever made for intercepting and replaying specific insecure HTTP GET requests into a browser.

Cookie Cadgers Request Enumeration Abilities

Cookie Cadger is a graphical utility which harnesses the power of the Wireshark suite and Java to provide a fully cross-platform, entirely open- source utility which can monitor wired Ethernet, insecure Wi-Fi, or load a packet capture file for offline analysis.

Tool Source: https://www.cookiecadger.com/

Kali Repo: http://git.kali.org/gitweb/?p=packages/cookie-cadger.git;a=summary

Tool Install

This tool does not come pre-built in basic Kali Linux ISO install (unless you customise the install). You need to open a Terminal Window and type:

apt-get install cookie-cadger

This tool will require 37.1 Mb of additional space. There are no additional dependancies required. Your installation should look something like this:

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  cookie-cadger
0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.
Need to get 37.1 MB of archives.
After this operation, 37.1 MB of additional disk space will be used.
Get:1 http://http.kali.org/kali/ sana/main cookie-cadger all 1.06-1kali0 [37.1 MB]
Fetched 37.1 MB in 14s (2,641 kB/s)                                            
Selecting previously unselected package cookie-cadger.
(Reading database ... 324603 files and directories currently installed.)
Preparing to unpack .../cookie-cadger_1.06-1kali0_all.deb ...
Unpacking cookie-cadger (1.06-1kali0) ...
Setting up cookie-cadger (1.06-1kali0) ...

General Details

root@kali:~# cookie-cadger --help
Cookie Cadger, version 1.06
Example usage:
java -jar CookieCadger.jar 
    --tshark=/usr/sbin/tshark
    --headless=on
    --interfacenum=2    (requires --headless=on)
    --detection=on
    --demo=on
    --update=on
    --dbengine=mysql    (default is 'sqlite' for local, file-based storage)
    --dbhost=localhost  (requires --dbengine=mysql)
    --dbuser=user       (requires --dbengine=mysql)
    --dbpass=pass       (requires --dbengine=mysql)
    --dbname=cadgerdata (requires --dbengine=mysql)
    --dbrefreshrate=15  (in seconds, requires --dbengine=mysql, requires --headless=off)

 Usage Example

root@kali:~# cookie-cadger

Video Tutorial: Coming Soon!

 

CDPSnarf – Network sniffer to extract CDP information

Tool Description

CDPSnarf is a network sniffer exclusively written to extract information from CDP packets.
It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.

A feature list follows:

  • Time intervals between CDP advertisements
  • Source MAC address
  • CDP Version
  • TTL
  • Checksum
  • Device ID
  • Software version
  • Platform
  • Addresses
  • Port ID
  • Capabilities
  • Duplex
  • Save packets in PCAP dump file format
  • Read packets from PCAP dump files
  • Debugging information (using the “-d” flag)
  • Tested with IPv4 and IPv6

Tool Source: https://github.com/Zapotek/cdpsnarf

Kali Repo: http://git.kali.org/gitweb/?p=packages/cdpsnarf.git;a=summary

Video Tutorial: Coming Soon!

 

ace-voip – A simple VoIP corporate directory enumeration tool

Tool Description

ACE (Automated Corporate Enumerator) is a simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behaviour of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface. In the same way that the “corporate directory” feature of VoIP headphones enables users to easily dial by name via their VoIP handsets, ACE was developed as a research idea born from “VoIP Hopper” to automate VoIP attacks that can be targeted against names in an enterprise Directory. The concept is that in the future, attacks will be carried out against users based on their name, rather than targeting VoIP traffic against random RTP audio streams or IP addresses. ACE works by using DHCP, TFTP, and HTTP in order to download the VoIP corporate directory. It then outputs the directory to a text file, which can be used as input to other VoIP assessment tools.

Tool Source: http://ucsniff.sourceforge.net/ace.html

Kali Repo: http://git.kali.org/gitweb/?p=packages/ace-voip.git;a=summary

Video Tutorial: Coming Soon!

BurpSuite – Platform for security testing of web applications

Tool Description

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

Tool Source: http://portswigger.net/burp/

Kali Repo: http://git.kali.org/gitweb/?p=packages/burpsuite.git;a=summary

Video Tutorial: Coming Soon!

AIRCRACK-NG

Tool Description

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimisations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Tool Source: http://aircrack-ng.org/

Kali Repo: http://git.kali.org/gitweb/?p=packages/aircrack-ng.git;a=summary

Included Tools:

  • airbase-ng – Configure fake access points
  • aircrack-ng – Wireless password cracker
  • airdecap-ng – Decrypt WEP/WPA/WPA2 capture files
  • airdecloak-ng – Removes WEP cloaking from a pcap file
  • airdriver-ng – Provides status information about the wireless drivers on your system
  • aireplay-ng –  Primary function is to generate traffic for later use in aircrack-ng
  • airmon-ng – This script can be used to enable monitor mode on wireless interfaces
  • airmon-zc – This script can be used to enable monitor mode on wireless interfaces
  • airodump-ng – Used for packet capturing of raw 802.11 frames
  • airodump-ng-oui-update – Downloads and parses IEEE OUI list
  • airolib-ng – Designed to store and manage essid and password lists
  • airserv-ng – A wireless card server
  • airtun-ng – Virtual tunnel interface creator
  • besside-ng -Automatically crack WEP and WPA networks
  • buddy-ng
  • easside-ng – An auto-magic tool which allows you to communicate via an WEP-encrypted access point
  • ivstools – This tool handle .ivs files. You can either merge or convert them
  • kstats
  • makeivs-ng – Generates initialization vectors
  • packetforge-ng – Create encrypted packets that can subsequently be used for injection
  • tkiptun-ng – This tool is able to inject a few frames into a WPA TKIP network with QoS
  • wesside-ng – Auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key
  • wpaclean – Remove excess data from a pcap file

Video Tutorial: Coming Soon!