Saturday, June 15, 2013

Burp Suite Professional v1.5.12 released

2:01 AM No comments

PortSwigger announced the Burp Suite Professional v1.5.12 release with various enhancements and bug fixes. Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. From new version, pentester is able to define Proxy interception rules based on the listener port number and also to define processing rules to systematically derive one payload from another.

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

Burp Suite contains the following key components:

An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application.
An application-aware Spider, for crawling content and functionality.
An advanced web application Scanner, for automating the detection of numerous types of vulnerability.
An Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
A Repeater tool, for manipulating and resending individual requests.
A Sequencer tool, for testing the randomness of session tokens.
The ability to save your work and resume working later.
Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work.

Burp Suite Professional - Release Notes Wednesday, June 12, 2013 v1.5.12

This release contains various enhancements and bugfixes:

There is a new payload type in Intruder, which copies the value of the current payload at another payload position. You can also define processing rules to systematically derive one payload from another, rather than copying its literal value. This function is useful in cases where you need to submit the same payload in two locations, or where one parameter is derived from (e.g. a hash of) the parameter that you need to test.
You can define Proxy interception rules based on the listener port number, so you can e.g. prevent interception of all messages on a specific listener.
The IResponseInfo interface has two new methods: getStatedMimeType() andgetInferredMimeType().
The memory overhead of saving and restoring state, and performing search operations, is reduced.
The Scanner no longer prompts the user for confirmation when an extension programmatically initiates a scan of an out-of-scope item.
The problem with superfluous whitespace characters appearing when text is copied from the Scanner advisory panel into another application has been resolved.
The CSRF PoC generator now properly escapes tag brackets when using the XHR method, to prevent any closing script tags that are required within the generated request message from breaking the PoC script.
Parameter matching between macro items now tolerates URL-encoding of parameter names when performing matching.
A bug where certain nonprinting characters were corrupted when loading Intruder payloads from a file has been resolved.

MD5: 2f0d5560ba63c02748b6cad2542a12e7
SHA256: 266c0c5eb5837f8fac32ce5343278a181f191e72b36c619d557ed351c7d5aad9

Download from here

Source-

http://releases.portswigger.net/2013/06/v1512.html

Screenshot -

Update WebSploit Framework V.2.0.4

11:34 PM OpenSource, Penetration Testing, websploit No comments

WebSploit Is An Open Source Project For :
[>]Social Engineering Works
[>]Scan,Crawler & Analysis Web
[>]Automatic Exploiter
[>]Support Network Attacks
----
[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service
[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin
[+]format infector - inject reverse & bind payload into file format
[+]phpmyadmin Scanner
[+]LFI Bypasser
[+]Apache Users Scanner
[+]Dir Bruter
[+]admin finder
[+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
[+]MITM - Man In The Middle Attack
[+]Java Applet Attack
[+]MFOD Attack Vector
[+]USB Infection Attack
[+]ARP Dos Attack
[+]Web Killer Attack
[+]Fake Update Attack
[+]Fake Access point Attack

WebSploit Framework Web Site

Download WebSploit Framework V.2.0.4.tar.gz (2.6 MB)

Download other versions from here

Source-

http://sourceforge.net/projects/websploit

Author : 0x0ptim0us (Fardin Allahverdinazhand)

Email & Report Bug : 0x0ptim0us@Gmail.Com

Blog : http://0x0ptim0us.blogspot.com

Screnshot -

New Version of OWASP Top 10 - 2013 released

10:21 PM OWASP No comments

This version was updated based on numerous comments received during the comment period after the release candidate was released in Feb. 2013.

The OWASP Top 10 - 2013 is as follows:

A1 Injection
A2 Broken Authentication and Session Management
A3 Cross-Site Scripting (XSS)
A4 Insecure Direct Object References
A5 Security Misconfiguration
A6 Sensitive Data Exposure
A7 Missing Function Level Access Control
A8 Cross-Site Request Forgery (CSRF)
A9 Using Known Vulnerable Components
A10 Unvalidated Redirects and Forwards

If you are interested, the methodology for how the Top 10 is produced is now documented here: OWASP Top 10 Development Methodology

Please help us make sure every developer in the ENTIRE WORLD knows about the OWASP Top 10 by helping to spread the word!!!

As you help us spread the word, please emphasize:

OWASP is reaching out to developers, not just the application security community
The Top 10 is about managing risk, not just avoiding vulnerabilities
To manage these risks, organizations need an application risk management program, not just awareness training, app testing, and remediation

We need to encourage organizations to get off the penetrate and patch mentality. As Jeff Williams said in his 2009 OWASP AppSec DC Keynote: “we’ll never hack our way secure – it’s going to take a culture change” for organizations to properly address application security.

Introduction

The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. Versions of the 2007 and 2010 version were translated into English, French, Spanish, Japanese, Korean and Turkish and other languages. Translation efforts for the 2013 version are underway and they will be posted as they become available.

We urge all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.

Changes between 2010 and 2013 Editions

The OWASP Top 10 - 2013 includes the following changes as compared to the 2010 edition:

A1 Injection
A2 Broken Authentication and Session Management (was formerly 2010-A3)
A3 Cross-Site Scripting (XSS) (was formerly 2010-A2)
A4 Insecure Direct Object References
A5 Security Misconfiguration (was formerly 2010-A6)
A6 Sensitive Data Exposure (2010-A7 Insecure Cryptographic Storage and 2010-A9 Insufficient Transport Layer Protection were merged to form 2013-A6)
A7 Missing Function Level Access Control (renamed/broadened from 2010-A8 Failure to Restrict URL Access)
A8 Cross-Site Request Forgery (CSRF) (was formerly 2010-A5)
A9 Using Known Vulnerable Components (new but was part of 2010-A6 – Security Misconfiguration)
A10 Unvalidated Redirects and Forwards

2013 Versions

2013 Edition:

OWASP Top 10 - 2013 - Release Candidate

Source -

https://www.owasp.org/index.php/Top10

Security Onion 12.04.1 released

7:36 AM IPS/IDS, Network Monitoring Tool, Network Security No comments

Security Onion is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring). It's based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Download securityonion-12.04.1-20130605.iso (1.3 GB)
Download older versions from here

new Security Onion 12.04.1 ISO image now available that contains all the latest Ubuntu and Security Onion updates as of June 5, 2013! It also contains the two new pcap samples packages recently released:
http://securityonion.blogspot.com/2013/05/new-pcap-samples-package-securityonion.html
http://securityonion.blogspot.com/2013/05/new-pcap-samples-package-securityonion_27.html

Changelog
For a list of all changes made since our original 12.04 ISO image was released, please see:
https://code.google.com/p/security-onion/wiki/Roadmap

New Users
updated the Installation guide to reflect the download locations for the new 12.04.1 ISO image:
https://code.google.com/p/security-onion/wiki/Installation

Source-
http://securityonion.blogspot.in/
http://sourceforge.net/projects/security-onion/

Screenshot -

John the Ripper v1.8.0 released - fast password cracker

7:24 AM Cracker, Password Recovery No comments

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.

Download one of the latest official free versions (release notes):

John the Ripper 1.8.0 (Unix - sources, tar.gz, 5.2 MB) and its signature
John the Ripper 1.8.0 (Unix - sources, tar.xz, 4.3 MB) and its signature
John the Ripper 1.8.x extra charset files archive (tar.xz, 4.5 MB) and its signature
John the Ripper 1.7.9 (Windows - binaries, ZIP, 2029 KB) and its signature

Changelog v1.8.0

Revised the incremental mode to let the current character counts grow for each
character position independently, with the aim to improve efficiency in terms of
successful guesses per candidate passwords tested.
Revised the pre-defined incremental modes, as well as external mode filters that are
used to generate .chr files.
Added makechr, a script to (re-)generate .chr files.
Enhanced the status reporting to include four distinct speed metrics (g/s, p/s, c/s, and
C/s).
Added the "--fork=N" and "--node=MIN[-MAX]/TOTAL" options for trivial parallel and
distributed processing.
In the external mode compiler, treat character literals as unsigned.
Renamed many of the formats.
Updated the documentation.
Relaxed the license for many source files to cut-down BSD.
Relaxed the license for John the Ripper as a whole from GPLv2 (exact version) to
GPLv2 or newer with optional OpenSSL and unRAR exceptions.
Assorted other changes have been made.

Download older versions & more info

Source-

http://www.openwall.com/john/

Screenshot -

Ophcrack v3.6.0 released - Windows password cracker based on a time-memory trade-off using rainbow tables

7:03 AM Password Recovery No comments

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

Features