Research and Development

Tools

Updated version of the Blind SQL Injection Brute Forcer from www.514.es. It work against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries. Continue reading

The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution. Continue reading

MIBparse.pl has been designed as an offline parser to quickly parse output from SNMP tools such as ‘snmpwalk’. Continue reading

XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system. Any tool that is configured to use it will tunnel its traffic through the active XSS Channel on the XSS Shell server. Continue reading

BannerGrab is a tool that performs connection, trigger-based and basic information collection from network services. Continue reading

Sun Patch Check lists missing security patches by comparing the output from the Sun Solaris “showrev” command to that from the Sun recommended patch list. Continue reading