Adblock Detected

Web Service Security Assessment Tool - WSSAT

Read

Nix Audit Made Easier - Nix-Auditor

Read

Web Application Security Testing Tool - Acunetix v11

Read

London, UK – November 2016 – Acunetix, the pioneer in automated web application security software, has announced the release of version 11. New integrated vulnerability management features extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. Version 11 includes a new web-based UI for greater ease-of-use and manageability, providing access by multiple users.

For the first time in the marketplace Acunetix is launching an enterprise-level product that integrates sophisticated automated testing technology with vulnerability management, at a price point accessible to every development team. Chris Martin, CEO, Acunetix explains:

“Acunetix has for the past 12 years been at the forefront in web application security with its cutting-edge vulnerability scanning technology. With version 11 we have combined proactive scanning for web application vulnerabilities with the prioritization of mitigation activities. This integration helps security teams gain the intelligence they need to work more efficiently, prioritizing actions, assigning jobs and therefore reducing costs.”

The new web-based interface significantly improves the manageability of the Acunetix on-premises solution, making it easy for less seasoned security personnel to check the vulnerabilities within the company’s web assets. In addition, user privileges can be automatically assigned.

Nicholas Sciberras, CTO, Acunetix, comments: “Version 11 helps organizations engaged heavily in application development by utilising a role-based multi-user system.”

Inbuilt Vulnerability Management

New integrated vulnerability management features allow for the review of aggregated vulnerability data across all Targets, prioritizing security risks and therefore providing a clear view of the business’ security posture, while facilitating compliance.

New inbuilt vulnerability management features include:

All Targets (web applications to scan) are now stored in Acunetix with their individual settings and can be easily re-scanned.
Targets are displayed in one interface and classified by business criticality, allowing you to easily focus on the most important assets.
Vulnerabilities can also be prioritized by the Target’s business criticality.
Consolidated reports are stored in the central interface.
Users can choose between “Target reports”, “Scan reports” or “All Vulnerabilities” report.

Web-based user interface

The user interface has been re-engineered from the ground up for greater usability and manageability. The minimalist design focuses on the most widely used and important features, doing away with extras which cluttered the screen. Since the interface is now web-based, multiple users can access it from their browser irrespective of the OS used.

Role-based multi-user system

Acunetix version 11 allows the creation of multiple user accounts, which can be assigned a particular group of targets. Depending on the privileges assigned to the user, the user can create, scan, and report on the targets assigned to him.This is particularly important for large enterprises, which require multiple users to help secure their assets.

Standard, Pro and Enterprise Editions

Acunetix version 11 will be available in three main editions: Standard, Pro and Enterprise.

Standard Edition – is the entry level, ideal for small organisations and single workstation users. The Standard Edition offers the same level of vulnerability detection provided in the Pro and Enterprise Editions and includes Developer, Executive Summary and OWASP Top 10 reports.

Pro Edition – The Pro Edition allows outsourced or insourced security professionals to group and classify asset targets. It integrates with Software Development Life Cycle (SDLC) project management or bug tracking systems, includes comprehensive compliance reports, and integrates with top Web Application Firewalls (WAFs).

Enterprise Edition – includes full multi-user team support and has the ability to deploy multiple scan engines managed by the central system. The Enterprise Edition will be able to scale from 3 to unlimited users and up to 50 Acunetix scan engines.

Download Acunetix v11

SSH Server Auditing - ssh-audit

Read

ssh-audit is a tool for ssh server auditing.

Features

SSH1 and SSH2 protocol server support;
grab banner, recognize device or software and operating system, detect compression;
gather key-exchange, host-key, encryption and message authentication code algorithms;
output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
output algorithm recommendations (append or remove based on recognized software version);
output security information (related issues, assigned CVE list, etc);
analyze SSH version compatibility based on algorithm information;
historical information from OpenSSH, Dropbear SSH and libssh;
no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;

Usage

usage: ssh-audit.py [-bnv] [-l ] 

   -1,  --ssh1             force ssh version 1 only
   -2,  --ssh2             force ssh version 2 only
   -b,  --batch            batch output
   -n,  --no-colors        disable colors
   -v,  --verbose          verbose output
   -l,  --level=    minimum output level (info|warn|fail)

batch flag -b will output sections without header and without empty lines (implies verbose flag).
verbose flag -v will prefix each line with section type and algorithm name.

ChangeLog

v1.6.0 (2016-10-14)

implement algorithm recommendations section (based on recognized software)
implement full libssh support (version history, algorithms, security, etc)
fix SSH-1.99 banner recognition and version comparison functionality
do not output empty algorithms (happens for misconfigured servers)
make consistent output for Python 3.x versions
add a lot more tests (conf, banner, software, SSH1/SSH2, output, etc)
use Travis CI to test for multiple Python versions (2.6-3.5, pypy, pypy3)

v1.5.0 (2016-09-20)

create security section for related security information
match and output assigned CVE list and security issues for Dropbear SSH
implement full SSH1 support with fingerprint information
automatically fallback to SSH1 on protocol mismatch
add new options to force SSH1 or SSH2 (both allowed by default)
parse banner information and convert it to specific sofware and OS version
do not use padding in batch mode
several fixes (Cisco sshd, rare hangs, error handling, etc)

v1.0.20160902

implement batch output option
implement minimum output level option
fix compatibility with Python 2.6

v1.0.20160812

implement SSH version compatibility feature
fix wrong mac algorithm warning
fix Dropbear SSH version typo
parse pre-banner header
better errors handling

v1.0.20160803

use OpenSSH 7.3 banner
add new key-exchange algorithms

v1.0.20160207

use OpenSSH 7.2 banner
additional warnings for OpenSSH 7.2
fix OpenSSH 7.0 failure messages
add rijndael-cbc failure message from OpenSSH 6.7

v1.0.20160105

multiple additional warnings
support for none algorithm
better compression handling
ensure reading enough data (fixes few Linux SSH)

v1.0.20151230

Dropbear SSH support

v1.0.20151223

initial version

Download ssh-audit

The Ultimate WordPress Audit Trail Plugin - WP Security Audit Log

Read

The WP Security Audit Log plugin is a WordPress plugin that keeps an audit trail of everything that happens on your WordPress and WordPress multisite network. There are several WordPress audit trail / log plugins available, tough we chose to review WP Security Audit Log because it is has the most comprehensive logging and the best coverage of WordPress changes. It is also the most complete and mature WordPress audit trail solution.

Why Do You Need a WordPress Audit Trail?

First things first, why would you need a WordPress audit trail? A WordPress audit trail is a record, or better a log of every change that happened on your WordPress, similar to Syslog on Linux/Unix or the Events Viewer on Microsoft Windows. The WordPress audit trail can be used to:

Keep track of users’ productivity (ideal for multi-users setups),
Ease the troubleshooting in case something is wrong with the WordPress website,
Identify any possible malicious WordPress hack attacks before they actually happen,
Catch hackers red handed if they manage to hack into your WordPress,
Do all the forensics to track back which security hole the hackers exploited so you can close it down.

The above are just a few reasons mostly related to WordPress security of why you would need to keep a record of all the changes that happen on your WordPress. There are many other reasons related to business and operations, for example to ensure that your business WordPress website meets today’s stringent regulatory compliance regulations, in case you’re using WordPress for your business website.

Getting Started with the WP Security Audit Log Plugin

Install the WP Security Audit Log plugin from your Plugins page in your WordPress dashboard and activate it. By default the WP Security Audit Log will keep track of all these changes on your WordPress. You can also watch the short video below for a quick introduction.

Comprehensive Tracking of WordPress Changes

The comprehensive WordPress audit trail is what sets this plugin apart from the competition. For example while the other audit log plugins simply record that a post was updated, WP Security Audit Log tells you what exactly changed in the post. For example in the screenshot below we can see that the plugin kept a record when all of the below changes happened:

User opened the post in the editor,
Author of the post was changed,
Title of the post was changed,
URL of the post was changed

In case the content is changed the alert reporting the change in the plugin will allow you to see the revision of changes, as per the below screenshot.

Fully Configurable WordPress Audit Trail Plugin

WP Security Audit Log is also a fully configurable WordPress plugin, therefore it allows you to customize the plugin’s functionality to suite your own needs. Below is an overview of what you can configure.

Enable / Disable Alerts

The plugin keeps a record of all these WordPress changes. If for example you do not want to keep a record each time a logged in user, or a website visitor requests a non-existing page (HTTP 404 Error) navigate to the Enable/Disable Alerts > System Activity tab and disable Alert 6007 as shown in the below screenshot.

Browse through the different categories to find the change you would like to disable or enable back.

Generic Plugin Settings

You can also configure things such as:

Support for WAFs and reverse proxy (more information on this option),
Specify who can access the plugin’s settings and manage it,
Enable logging, developer options,
And much more.

Audit Trail Settings

In the Audit Log / Trail settings you can configure settings related to the WordPress audit trail, such as:

Automatic pruning of alerts from the audit trail,
Who can view the WordPress audit trial,
The time zone the plugin uses to timestamp the WordPress changes etc.

Exclude Objects from Monitoring

You can also exclude the below from being recorded in the WordPress audit trial:

Specific users or roles,
Custom fields,
IP addresses.

Beefing Up the WordPress Audit Trail

Keeping an audit trail of all the changes that happen is a WordPress security best practice but who has the time to check the log every few minutes? The good news is that you do not need to. WP Security Audit Log has a number of premium add-ons so you can:

Configure email notifications so you are alerted instantly via email of important changes on your WordPress,
Do free text based searches so you can find that specific change when troubleshooting an issue,
Generate reports for managers, to monitor users’ productivity and for regulatory compliance reasons,
See who is logged in and block multiple sessions from the same username.

You can add all of the above functionality to get the best out of your WordPress audit trail solution by purchasing the All Add-Ons bundle. Prices start from as low as $89.

Wireless Network Auditing Tool - FruityWifi v2.4

Read

FruityWifi is a wireless network auditing tool. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq.

v2.4

Utils have been added (replaces "ifconfig -a")
Kali Linux Rolling compatibility issue has been fixed

v2.3

monitor mode (mon0) has been fixed (new airmon-ng compatibility issue)

v2.2

Wireless service has been replaced by AP module
Mobile support has been added
Bootstrap support has been added
Token auth has been added
minor fix

v2.1

Hostapd Mana support has been added
Phishing service has been replaced by phishing module
Karma service has been replaced by karma module
Sudo has been implemented (replacement for danger)
Logs path can be changed
Squid dependencies have been removed from FruityWifi installer
Phishing dependencies have been removed from FruityWifi installer
New AP options available: hostapd, hostapd-mana, hostapd-karma, airmon-ng
Domain name can be changed from config panel
New install options have been added to install-FruityWifi.sh
Install/Remove have been updated

v2.0 (alpha)

Web-Interface has been changed (new look and feel, new options).
Nginx has replaced Apache2 as default webserver.
Installation script has been updated.
Config panel has been changed.
Network interfaces structure has been changed and renamed.
It is possible to use FruityWifi combining multiple networks and setups.
Supplicant mode has been added as a module.
3G/4G Broadband Mobile has been added as a module.
FruityWifi HTTP webinterface on port 8000
FruityWifi HTTPS webinterface on port 8443

v1.9

Service Karma has been replaced by Karma module
Service Supplicant has been replaced by nmcli module
Config page has been updated
Supplicant config has been changed (nmcli module is required)
dnspoof host file has been removed from config page (dnsspoof module is required)
Logs page has been updated
WSDL has been updated
Hostapd/Karma has been removed from installer (replaced by Karma module)
NetworkManager has been removed from installer (replaced by nmcli module)
install-modules.py has been added (install all modules from console)

v1.8

WSDL has been added
new status page has been added
logs can follow in realtime using the new status page (wsdl)

v1.6

Dependencies can be installed from module windows
minor fix

v1.5

New functions has been added
Source code has been changed (open file function)
minor fix

v1.4

New functions has been added (monitor mode)
config page has been changed
minor fix

v1.3

Directory structure has been changed
minor fix

v1.2

Installation script has been updated
SSLstrip fork (@xtr4nge) has been added (Inject + Tamperer options)
minor fix

v1.1

External modules can be installed from modules page
minor fix

v1.0

init

Download FruityWifi

Sparty - MS Sharepoint and Frontpage Auditing Tool

Read

Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is required to have a simple and efficient tool that gathers information, check access permissions, dump critical information from default files and perform automated exploitation if security risks are identified. A number of automated scanners fall short of this and Sparty is a solution to that.

Functionalities and capabilities !

1. Sharepoint and Frontpage Version Detection!

2. Dumping Password from Exposed Configuration Files!

3. Exposed Sharepoint/Frontpage Services Scan!

4. Exposed Directory Check!

5. Installed File and Access Rights Check!

6. RPC Service Querying!

7. File Enumeration!

8. File Uploading Check!

Requirements

1. This version uses following libraries:

import urllib2

import re

import os, sys

import optparse

import httplib

2. Python 2.6 is required.

Usage: sparty.py [options]

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit

  Frontpage::
    -f FRONTPAGE, --frontpage=FRONTPAGE
                         -- to check access permissions
                        on frontpage standard files in vti or bin directory!

  Sharepoint::
    -s SHAREPOINT, --sharepoint=SHAREPOINT
                         -- to check
                        access permissions on sharepoint standard files in
                        forms or layouts or catalog directory!

  Mandatory::
    -u URL, --url=URL   target url to scan with proper structure

  Information Gathering and Exploit::
    -v FINGERPRINT, --http_fingerprint=FINGERPRINT
                         --
                        fingerprint sharepoint or frontpage based on HTTP
                        headers!
    -d DUMP, --dump=DUMP
                         -- dump credentials from
                        default sharepoint and frontpage files (configuration
                        errors and exposed entries)!
    -l DIRECTORY, --list=DIRECTORY
                         -- check directory listing
                        and permissions!
    -e EXPLOIT, --exploit=EXPLOIT
                        EXPLOIT =  -- exploit vulnerable installations by
                        checking RPC querying and file uploading
    -i SERVICES, --services=SERVICES
                        SERVICES =  -- checking exposed
                        services !
                     services !

  Authentication [devalias.net]:
    -a AUTHENTICATION, --auth-type=AUTHENTICATION
                        AUTHENTICATION =  -- Authenticate with NTLM
                        user/pass !

  General::
    -x EXAMPLES, --examples=EXAMPLES
                        running usage examples !

Download Sparty

Oracle Password Auditor - Oracle Password Recovery & Auditing Tool

Read

Parsero v0.75 - Attacking Robots.txt Files

Read

Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn't be indexed. For example, "Disallow: /portal/login" means that the content on www.example.com/portal/login it's not allowed to be indexed by crawlers like Google, Bing, Yahoo... This is the way the administrator have to not share sensitive or private information with the search engines.

But sometimes these paths typed in the Disallows entries are directly accessible by the users without using a search engine, just visiting the URL and the Path, and sometimes they are not available to be visited by anybody... Because it is really common that the administrators write a lot of Disallows and some of them are available and some of them are not, you can use Parsero in order to check the HTTP status code of each Disallow entry in order to check automatically if these directories are available or not.

Also, the fact the administrator write a robots.txt, it doesn't mean that the files or directories typed in the Dissallow entries will not be indexed by Bing, Google, Yahoo... For this reason, Parsero is capable of searching in Bing to locate content indexed without the web administrator authorization. Parsero will check the HTTP status code in the same way for each Bing result.

When you execute Parsero, you can see the HTTP status codes. For example, the codes bellow:

200 OK          The request has succeeded.
403 Forbidden   The server understood the request, but is refusing to fulfill it.
404 Not Found   The server hasn't found anything matching the Request-URI.
302 Found       The requested resource resides temporarily under a different URI.
...

Usage

$ python3 parsero.py -h

usage: parsero.py [-h] [-u URL] [-o] [-sb]

optional arguments:
-h, --help  show this help message and exit
-u URL      Type the URL which will be analyzed
-o          Show only the "HTTP 200" status code
-sb         Search in Bing indexed Disallows

Download Parsero v0.75