CMS Explorer
http://code.google.com/p/cms-explorer/ – pretty decent information gathering tool for your pentesting needs.
Posts Mentioning RSS Toggle Comment Threads | Keyboard Shortcuts
-
admin
-
admin
The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. I haven’t done extensive research but all the ones I found when looking passed the copy of the traffic onto a specified wired interface which was then plugged into a machine to allow a user to monitor the traffic. The problem with this is that you have to be able to route the data from that wired port to your monitoring machine either through a direct cable or through an existing network. The direct cable method means your monitor has to be near by the location you want to tap, the network routing means you have to somehow encapsulate the data to get it across the network without it being affected on route.
The Interceptor does away with the wired monitor port and instead spits out the traffic over wireless meaning the listener can be anywhere they can make a wireless connection to the device. As the data is encrypted (actually, double encrypted, see how it works) the person placing the tap doesn’t have to worry about unauthorized users seeing the traffic.
Read more http://www.digininja.org/interceptor/
-
admin
pcapr – your web 2.0 packet repository
If you’ve been using Google Docs for a while, probably gmail, probably other web 2.0 services.. and you say to yourself “hey, it would be nice to have the same for pcaps!”
Well, maybe you haven’t even thought of it, but pcapr is actually a pretty good resource I am encouraging you to go ahead and try for yourself. You can upload/download pcaps, edit them, etc.
http://www.pcapr.net/home -
admin
BackTrack4 beta irc release released 10 seconds ago!!!!
(12:25:54 AM) muts has changed the topic to: http://backtrack4.blogspot.com/ | http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-beta-iso | http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-beta-vm
that would be enough
for whoever knows what it is -
admin
Scrawlr – check *your* website for SQL injections
This is a nice tool by Hewlett-Packard you could use on .your. website to see if it’s vulnerable to SQL injection. It does not check forms so be aware – only URL input is checked.
You can find more in-depth information on the HP Security Labs site.
-
admin
BackTrack
Well this is not a tool. This is THE Tool set, the only thing you will ever need during a penetration test (you dirty minds, you thought *that* penetration? nooo it’s just a security penetration, sorry).
-
admin
Pentest Project Management – Leo
Penetration testing can get tedious. Especially when you need to organize all this useful info bits you collect during your exploration – where would you put them? In a spreadsheet? Pretty ASCII text document?
Well, I personally prefer Leo.
It’s main difference from most text editors I’ve seen, is the tree structure of the information. Of course, it has LOADS of other features, and needs probably as much reading and learning as MS Project, but it’s worth it. Behind the ugly interface a great power is hidden, so explore it!
Try go get used with the keyboard shortcuts, like Ctrl+I, Ctrl+R etc. More…
