Submitted by abb on 15 January, 2011 - 04:35
While testing fat clients and appliances for resistance against man-in-the-middle attack I always had to mess with iptables/ebtables/socat to divert network connections. It is enough in most cases, but sometimes the setup gets too elaborate. To make my life easier, I have decided to write a tool, capable to divert and re-inject a network connections while preserving the original network addresses, including layer 2 ones. The tool is not complete yet, but it already can be used to tap into a wired network protected with 802.1x, so I've decided to publish it anyway.
Submitted by alla on 12 January, 2011 - 21:57
Submitted by abb on 27 December, 2010 - 18:15
During a recent hardware hacking test I have used a very nice gadget -- NAND Reader sold by Russian company Soft Center. The tool is intended to be used to recover files from damaged thumb drives, but I have repurposed it to read and write the content NAND chips holding embedded OS of the appliance under test.
Submitted by abb on 26 October, 2010 - 21:36
I came across a nice tool, potentially useful for pen testing: TCP/IP-aware version of TCL expect. Written by Eloy Paris from Cisco Systems it is currently distributed in sources only. I didn't have much time to play with it yet, but it looks very promising. Tomorrow will try to use it for SIP REGISTER flooding, currently done with sipp. (In a way, SIPP is similar to NetExpect, can execute send-expect scenarios, but seems to be focused on SIP protocol.)
Submitted by abb on 14 September, 2010 - 18:27
Just came across a nice tool to display NIC statistics, it is called capstats. Capstats is much less CPU intensive that iptraf, so it can be run along with hping3 to monitor its performance.
Example from capstats's website:
>capstats -i nve0 -I 1
1186620936.890567 pkts=12747 kpps=12.6 kbytes=10807 mbps=87.5 nic_pkts=12822 nic_drops=0 u=960 t=11705 i=58 o=24 nonip=0
1186620937.901490 pkts=13558 kpps=13.4 kbytes=11329 mbps=91.8 nic_pkts=13613 nic_drops=0 u=1795 t=24339 i=119 o=52 nonip=0
Submitted by alla on 8 April, 2010 - 12:54
Supporting ActionScript 2 and ActionScript 3
During a recent test I have stumbled upon this wonderful tool: HP SWF Scan. It is positioned as a vulnerability scanner for Flash, but what it also does is decompiling. Here is a screenshot: