cisco-global-exploiter – Simple and fast security testing tool

Tool Description

Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool.

Tool Source: http://www.blackangels.it/

Kali Repo: http://git.kali.org/gitweb/?p=packages/cisco-global-exploiter.git;a=summary

General Details

[email protected]:~# cge.pl

Usage :
perl cge.pl <target> <vulnerability number>

Vulnerabilities list :
[1] - Cisco 677/678 Telnet Buffer Overflow Vulnerability
[2] - Cisco IOS Router Denial of Service Vulnerability
[3] - Cisco IOS HTTP Auth Vulnerability
[4] - Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability
[5] - Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability
[6] - Cisco 675 Web Administration Denial of Service Vulnerability
[7] - Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability
[8] - Cisco IOS Software HTTP Request Denial of Service Vulnerability
[9] - Cisco 514 UDP Flood Denial of Service Vulnerability
[10] - CiscoSecure ACS for Windows NT Server Denial of Service Vulnerability
[11] - Cisco Catalyst Memory Leak Vulnerability
[12] - Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability
[13] - 0 Encoding IDS Bypass Vulnerability (UTF)
[14] - Cisco IOS HTTP Denial of Service Vulnerability

Usage Example

Attack the target host (192.168.99.230) using the Cisco IOS HTTP Auth Vulnerability (3):

[email protected]:~# cge.pl 192.168.99.230 3

Vulnerability successful exploited with [http://192.168.99.230/level/17/exec/....] ...

 Video Tutorial: Coming Soon!

cisco-auditing-tool – Scans Cisco routers for common vulnerabilities

Tool Description

Perl script which scans cisco routers for common vulnerabilities.

Tool Source: http://www.scrypt.net/

Kali Repo: http://git.kali.org/gitweb/?p=packages/cisco-auditing-tool.git;a=summary

General Details

[email protected]:~# CAT

Cisco Auditing Tool - g0ne [null0]
Usage:
    -h hostname (for scanning single hosts)
    -f hostfile (for scanning multiple hosts)
    -p port #   (default port is 23)
    -w wordlist (wordlist for community name guessing)
    -a passlist (wordlist for password guessing)
    -i [ioshist]    (Check for IOS History bug)
    -l logfile  (file to log to, default screen)
    -q quiet mode   (no screen output)

Usage Example

Scan the host (-h 192.168.99.230) on port 23 (-p 23), using a password dictionary file (-a /usr/share/wordlists/nmap.lst):

[email protected]:~# CAT -h 192.168.99.230 -p 23 -a /usr/share/wordlists/nmap.lst 

Cisco Auditing Tool - g0ne [null0]

Checking Host: 192.168.99.230


Guessing passwords: 

Invalid Password: 123456
Invalid Password: 12345

Video Tutorial: Coming Soon!

BurpSuite – Platform for security testing of web applications

Tool Description

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

Tool Source: http://portswigger.net/burp/

Kali Repo: http://git.kali.org/gitweb/?p=packages/burpsuite.git;a=summary

Video Tutorial: Coming Soon!

Armitage – Red Team collaboration tool

Tool Description

Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Through one Metasploit instance, your team will:

  • Use the same sessions
  • Share hosts, captured data, and downloaded files
  • Communicate through a shared event log.
  • Run bots to automate red team tasks.

Armitage is a force multiplier for red team operations.

Tool Source: http://www.fastandeasyhacking.com/manual#0

Kali Repo: http://git.kali.org/gitweb/?p=packages/armitage.git;a=summary

Included Tools:

  • Armitage
  • Teamserver

Video Tutorial: Coming Soon!

 

BBQSQL – SQL injection exploitation tool

Tool Description

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customisation for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

Similar to other SQL injection tools you provide certain request information. You must provide the usual information:

  • URL
  • HTTP Method
  • Headers
  • Cookies
  • Encoding methods
  • Redirect behavior
  • Files
  • HTTP Auth
  • Proxies

Then specify where the injection is going and what syntax we are injecting.

Tool Source: https://github.com/Neohapsis/bbqsql/

Kali Repo: http://git.kali.org/gitweb/?p=packages/bbqsql.git;a=summary

General Details:

Video Tutorial: Coming Soon