Complemento - Collection of tools for penetration testing.

Complemento is a collection of tools for penetration testing.

LetDown is a TCP flooder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". 

Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. 

Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.

Complemento officially included in BackTrack Linux 5

[ Current Version 0.7.7 - 2011 ] 


LetDown

Usage:


LetDown 3wh+payload flooder v0.7.7 - Acri Emanuele (crossbower@gmail.com)
Usage:
letdown -d dst_ip -p dst_port -D dst_mac [options]
Options:
-d destination ip address, target
-D destination mac address or router mac address
-p destination port
-s source ip address
-S source mac address
-x first source port (default 1025)
-y last source port (default 65534)
-l enables infinite loop mode
-i network interface
-t sleep time in microseconds (default 10000)
-a max time in second for waiting responses (default 40)
Extra options:
-v verbosity level (0=quiet, 1=normal, 2=verbose)
-f automagically set firewall rules for blocking
rst packet generated by the kernel
examples: -f iptables, -f blackhole (for freebsd)
-L special interaction levels with the target
s syn flooding, no 3-way-handshake
a send acknowledgment packets (polite mode)
f send finalize packets (include polite mode)
r send reset packets (check firewall rules...)
-W window size for ack packets (ex: 0-window attack)
-O enable ack fragmentation and set fragment offset delta
-C fragment counter if fragmentation is enabled (default 1)
-P payload file (see payloads directory...)
-M multistage payload file (see payloads directory...)
ReverseRaider

Usage:


ReverseRaider domain scanner v0.7.7 - Acri Emanuele (crossbower@gmail.com)
Usage:
reverseraider -d domain | -r range [options]
Options:
-r range of ipv4 or ipv6 addresses, for reverse scanning
examples: 208.67.1.1-254 or 2001:0DB8::1428:57ab-6344
-f file containing lists of ip addresses, for reverse scanning
-d domain, for wordlist scanning (example google.com)
-w wordlist file (see wordlists directory...)
Extra options:
-t requests timeout in seconds
-P enable numeric permutation on wordlist (default off)
-D nameserver to use (default: resolv.conf)
-T use TCP queries instead of UDP queries
-R don't set the recursion bit on queries

HttSquash

Usage:


HTTSquash scanner v0.7.7 - Acri Emanuele (crossbower@gmail.com)
Usage:
httsquash -r range [options]
Options:
-r range of ip addresses or target dns name
examples: 208.67.1.1-254, 2001::1428:57ab-6344, google.com
-p port (default 80)
Extra options:
-t time in seconds (default 3)
-m max scan processes (default 10)
-b print body of response (html data)
-S use HTTPS instead of HTTP
-T custom request type (default GET)
-U custom request URL (default /)
-H set an header for the request (can be used multiple times)
examples: Keep-Alive:300, User-Agent:httsquash
Script options:
-j cookie jar separator ("%%")

Httsquash GUI






















Source -
http://complemento.sourceforge.net/