Archive | May, 2012

Bitdefender Internet Security 2012 Review

Outsmart Malicious Hackers


Introduction

I do examine Security Software now and then to see what’s going on, if there are any new developments and what the state of affairs is when it comes to consumer grade Antivirus and Firewall software. Countermeasures are useful, especially when it comes to less tech savvy users (which we may happen to live with/be related to/work alongside etc).

It’s been a fair few years since I’ve looked at consumer grade protection, especially since Windows 7 does a fairly good job out of the box with UAC and the basic firewall built in.

The software I’m going to be looking at is from Bitdefender Antivirus and it’s called Bitdefender Internet Security 2012 – it came out not too long ago.

Bitdefender

It’s a neatly packaged piece of software and it’s very easy to get it up and running, it’s using a web-type installer so you will need an Internet connection and it scans whilst it’s installing – so it’s pretty efficient.

Bitdefender Internet Security 2012 Installation

After that it pretty much runs itself, you don’t really need to touch anything out of the box – for the average user it’s configured fairly sanely by default. It’s basically a one click install.

Just make sure you don’t have any other AV software installed when you try and install it, or things could go horribly wrong (I had Avast! running on the test machine and it completely locked up – I installed it on a clean VirtualBox Win7 after that and it was fine).

Features

Feature wise it has what you’d expect, anti-virus, firewall, parental control, privacy control and anti-spam. It does have some more advanced configuration options and dialogues if you’re into that kind of thing, for example you can check out active network connections (including PID, process name etc) – which is something that always fascinated me.

Bitdefender Internet Security 2012 Network Activity

It does annoy me a little that I can’t re-size the Network Activity dialogue – but that’s a minor gripe.

You can add fairly complex firewall rules as well, if that kind of things floats your boat. But honestly with the majority of desktop computers behind a NAT router – incoming firewall filtering has become pretty much redundant. Outgoing filtering, and more importantly alerting – is of course something which helps in the fight against malware.

Bitdefender Internet Security 2012 Firewall Application Rules

There’s two things I particularly like about this software, the first appeals to my human side – which is the Autopilot mode. This makes a lot of sense and makes security a lot less intrusive (something which is really important, as the more intrusive/disruptive something is – the more likely the user is to disable it).

It updates silently, it deals with threats quietly, it just takes care of business and doesn’t get in the way.

Autopilot essentially attempts to make the optimal security-related decision when an event occurs without interrupting the user. And the setting is as simple as can be, it’s just a switch on the home screen of the application.

Bitdefender Internet Security 2012 Home Dialogue

The other thing I love is Game Mode! It attempts to set itself automatically, but you can turn it on with a short-cut, or by using the context menu on the system tray icon.

Bitdefender Internet Security 2012 Game Mode

This makes a lot of sense to me – leave me to game in peace! It’s a pretty good feature if you ask me.

Other than that, Bitdefender seems fairly timely with threat updates (we have mentioned them numerous times before) as they do some pretty good research.

The most recent piece uncovered by them was pretty interesting – Super Powered Malware Sandwiches Found In The Wild – Frankenmalware.

Conclusion

In conclusion, it’s a pretty solid and unusually fuss free piece of software. You can download the trial to check it out and it’s priced pretty reasonably:

  • £29.99/$49.95 for 1 PC
  • £39.99/$69.95 for 3 PCs
  • £69.99/$109.95 for 5 PCs

Have a play around with it, you can do so on a VirtualBox install if you don’t want to mess with your current rig. It’s a good choice to install on your non-techie friend/family-member/colleague’s computer and keep them a little bit safer.

Resource wise it seems extremely efficient, on the instance I tested the Security Center maxed out at about 7MB memory use and the agent at about 1.5MB (whilst idling). Running a Quick Scan from the home dialogue took it up to about 22MB total memory usage – which is still very impressive.

This is some pretty lean software.

If you are already using it, or are thinking of trying it out – leave your thoughts in the comment box below.

If you want to find out more or download a trial version (valid for 30 days) you can do so here:

Bitdefender Internet Security 2012


Posted in: Advertorial, Countermeasures, Malware, Security Software

Tags: , , , , , , , , , , , ,

Posted in: Advertorial, Countermeasures, Malware, Security Software | Add a Comment
Recent in Advertorial:
- Securing MySQL Installation on Ubuntu 16.04 LTS
- An Introduction To Web Application Security Systems
- Everything You Need To Know About Web Shells

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 42,288 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,415 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,284 views


Complex Cyberwar Tool ‘Flamer’ Found Infecting Computers In Iran & Israel

Keep on Guard!


In December last year, Microsoft released the patch for the vulnerability used by Duqu to propogate itself across Windows desktops. The other nasty worm going around was Stuxnet – both cyberwarfare tools, and most recently a piece of malware claimed to be more sophisticated than both has been found infecting computers in the middle east.

And worse still, it’s been around for two years and it’s only being discovered and researched now! It’s pretty covert by the looks of it though and due to the sophistication and complexity it’s most likely a state sanctioned and government built cyber weapon for intelligence gathering.

A new super-cyberweapon targeting countries like Iran and Israel that has been knocking around in computers for two years has been discovered by researchers.”Flame”, a highly sophisticated piece of malware, was unearthed by the International Telecommunication Union (ITU) and Kaspersky Lab, which said it was more complex and functional than any cyber threat it had seen to date.

Because Flame is so super-complicated and because of the geography of the attack, Kaspersky Lab’s global research and analysis team head Alexander Gostev said he was in “no doubt” that it was a state-sponsored worm. Flame is a cyber espionage program that steals data such as computer display contents, information about targeted systems, stored files, contact info and even audio conservations. Kaspersky Lab said that the worm’s features were different from Duqu and Stuxnet, but it matched up with them when comparing where it attacked, the software vulnerabilities it uses and the fact that only certain computers were targeted.

“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” Eugene Kaspersky said in a canned statement. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”

It looks to be well packaged too and may well be polymorphic as non of the 43 tested anti-virus packages from the Iranian CERT could detect any malicious components in the malware.

It’s a pretty big piece of malware weighing in at several MB, and it’s modular with various threat modules built in – for different intel gathering functions would be my guess. I’ll be interested to see what Kaspersky posts about it after their deep analysis.

At that size though, I doubt this beast is written is Assembly – the oldskool way.


Iran’s National Computer Emergency Response Team posted a warning about the malware on its site today and said a fix would be coming soon.

“At the time of writing, none of the 43 tested anti viruses could detect any of the malicious components. Nevertheless, a detector was created by Maher centre and delivered to selected organisations and companies in first days of May,” the site said.

“And now a removal tool is ready to be delivered.

“The research on samples implies that the recent incidents of mass data loss in Iran could be the outcome of some installed module of this threat,” it added.

Kaspersky Lab said it was currently doing deeper analysis of Flame, which has been in the wild since March 2010, and it would tell everyone what it learned on its blog posts.

“For now what is known is that it consists of multiple modules and is made up of several megabytes of executable code in total – making it around 20 times larger than Stuxnet, meaning that analysing this cyber weapon requires a large team of top-tier security experts and reverse engineers with vast experience in the cyber defence field,” the security firm said.

Gostev said that the malware was still stealing data.

You can see the post from the Iranian CERT here:

Identification of a New Targeted Cyber-Attack

It also leasts some of the ‘features’ of the malware (spreads via removable media & LAN, records environmental sounds using the mic, scans for certain file extensions & runs a network sniffer to grab passwords in plain text). Pretty scary stuff, especially as the Flamer malware uploads everything it finds to a centralized command & control server (using 10 different domains over SSH + HTTPS).

Source: The Register


Posted in: Exploits/Vulnerabilities, Malware, Network Hacking

Tags: , , , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Malware, Network Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,511 views
- AJAX: Is your application secure enough? - 120,377 views
- eEye Launches 0-Day Exploit Tracker - 85,870 views


Nmap 6 Released For Download – Free Network Discovery & Security Auditing Tool

Outsmart Malicious Hackers


It’s been a while since the last major release of Nmap, the last time we reported on it was when Nmap v5.20 was Released (February 2010). The latest major version has just been released, version 6 – and is now available for download!

For the two people on the planet who don’t know – Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Nmap v6.00

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).


Major Improvements in v6.00

  • NSE Enhanced – The Nmap Scripting Engine (NSE) has exploded in popularity and capabilities. This modular system allows users to automate a wide variety of networking tasks, from querying network applications for configuration information to vulnerability detection and advanced host discovery. The script count has grown from 59 in Nmap 5 to 348 in Nmap 6, and all of them are documented and categorized in our NSE Documentation Portal. The underlying NSE infrastructure has improved dramatically as well.
  • Better Web Scanning – As the Internet has grown more web-centric, Nmap has developed web scanning capabilities to keep pace. When Nmap was first released in 1997, most of the network services offered by a server listened on individual TCP or UDP ports and could be found with a simple port scan. Now, applications are just as commonly accessed via URL path instead, all sharing a web server listening on a single port. Nmap now includes many techniques for enumerating those applications, as well as performing a wide variety of other HTTP tasks, from web site spidering to brute force authentication cracking. Technologies such as SSL encryption, HTTP pipelining, and caching mechanisms are well supported.
  • Full IPv6 Support – Given the exhaustion of available IPv4 addresses, the Internet community is trying to move to IPv6. Nmap has been a leader in the transition, offering basic IPv6 support since 2002. But basic support isn’t enough, so we spent many months ensuring that Nmap version 6 contains full support for IP version 6. And we released it just in time for the World IPv6 Launch. We’ve created a new IPv6 OS detection system, advanced host discovery, raw-packet IPv6 port scanning, and many NSE scripts for IPv6-related protocols. It’s easy to use too—just specify the -6 argument along with IPv6 target IP addresses or DNS records. In addition, all of our web sites are now accessible via IPv6. For example, Nmap.org can be found at 2600:3c01::f03c:91ff:fe96:967c.
  • New Nping Tool – The newest member of the Nmap suite of networking and security tools is Nping, an open source tool for network packet generation, response analysis and response time measurement. Nping can generate network packets for a wide range of protocols, allowing full control over protocol headers. While Nping can be used as a simple ping utility to detect active hosts, it can also be used as a raw packet generator for network stack stress testing, ARP poisoning, Denial of Service attacks, route tracing, etc. Nping’s novel echo mode lets users see how packets change in transit between the source and destination hosts. That’s a great way to understand firewall rules, detect packet corruption, and more.
  • Better Zenmap GUI results viewer – While Nmap started out as a command-line tool and many (possibly most) users still use it that way, we’ve also developed an enhanced GUI and results viewer named Zenmap. One addition since Nmap 5 is a “filter hosts” feature which allows you to see only the hosts which match your criteria (e.g. Linux boxes, hosts running Apache, etc.) We’ve also localized the GUI to support five languages besides English. A new script selection interface helps you find and execute Nmap NSE scripts. It even tells you what arguments each script supports.
  • Faster scans – In Nmap’s 15-year history, performance has always been a top priority. Whether scanning one target or a million, users want scans to run as fast as possible without sacrificing accuracy. Since Nmap 5 we’ve rewritten the traceroute system for higher performance and increased the allowed parallelism of the Nmap Scripting Engine and version detection subsystems. We also performed an intense memory audit which reduced peak consumption during our benchmark scan by 90%. We made many improvements to Zenmap data structures and algorithms as well so that it can now handle large enterprise scans with ease.

You can download Nmap v6.00 here:

Linux: nmap-6.00.tar.bz2
Windows: nmap-6.00-win32.zip

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- PyExfil – Python Data Exfiltration Tools
- Netdiscover – Network Address Discovery Tool
- Kautilya – Human Interface Device Hacking Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,001,015 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,512,201 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 692,167 views


Hackers Break Into Bitcoin Exchange Site Bitcoinica

Outsmart Malicious Hackers


Bitcoin hasn’t been having a great time lately, there have been a few high profile, large dollar amount hacks of Bitcoin Exchange sites (basically the Bitcoin banks).

The latest involved $90,000USD and a high likelihood that the user database was compromised too. It seems like Bitcoin, despite all the hype, might die a slow death due to all these compromises which are destroying users trust and the overall credibility of the service.

It was touted to be a whole new global economy which is resistant to inflation, inflated GDP and totally decentralized. Obviously security wasn’t high on the list.

Bitcoin exchange site Bitcoinica suspended its operations on Friday after hackers managed to steal 18,547 bitcoins — valued at about US$90,000 — from its online wallet.

The user database probably was compromised as well, Bitcoinica’s administrators said in an announcement posted on the site’s home page. The information stored in the database included usernames, email addresses and account histories.

Account passwords were encrypted in a way that makes it extremely unlikely for them to be cracked, the Bitcoinica team said. However, to be on the safe side, the team advised users to change their passwords on other websites where they might have used them.

The compromised user information can be used to launch phishing attacks, as has happened in the past after many data breaches that exposed user email addresses.

Users should be suspicious of any messages received on their email addresses registered with Bitcoinica, the site’s administrators said. “It is always a best practice to never click an email link to login to any online service.”

Bitcoin is a cash-like digital currency that can be exchanged directly by users without the need for a central payment service. It uses the peer-to-peer model for synchronizing transaction records between users.

Bitcoinica noted that the stolen bitcoins belonged to the exchange, not the users, and said it will honor any withdrawal request. However, it’s not clear when or if the website will resume operations.

I’m not sure if the users from Bitcoinica will see any phishing mails, I’d imagine whoever the infiltrators were, they were purely after the Bitcoins and the money they could make from selling them.

User accounts are only really valuable if they have working credit card details – which these accounts don’t seem to have. The previous exchange that got attacked closed down shortly afterwards, it was at the time the largest – Inside the Mega-Hack of Bitcoin: the Full Story.


“It’s more serious than we thought,” said Bitcoinica founder Zhou Tong, in a post on the Bitcointalk forum on Saturday. “Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).”

The company needs more time to come up with a plan to compensate users for the downtime and other issues resulting from this security incident, Zhou said.

In a separate post on Sunday, Zhou revealed that he sold Bitcoinica to an undisclosed investor back in November 2011 and stayed with the company as an employee in charge of daily operations until a new team took over two weeks ago. He also announced that he plans to retire from all bitcoin-related projects after this incident is resolved.

Security breaches at bitcoin exchanges don’t only affect the users of those exchanges, but the entire bitcoin community, because they negatively affect the value of the virtual currency. In June 2011, bitcoin prices plummeted after news broke that the largest bitcoin exchange, Mt.Gox, was compromised.

This is not the first time that Bitcoinica has lost a large number of bitcoins to hackers. Back in March, attackers managed to steal 43,000 bitcoins from the exchange after they compromised the servers of Web hosting provider Linode.

“It seems Bitcoin has the same problem(s) that other web applications possess: vulnerabilities, such as SQL injections, that make it susceptible to data theft,” Rob Rachwald, director of security strategy at security firm Imperva, said via email. “In the early days of legitimate online banking, when one breach hit a bank, the whole industry’s brand took a hit. Ironically, the same dynamic could play out in black market banking.”

I would imagine the site will close down and I hope they rebuild their platform from scratch – without secure programming principles in mind. The large attack on Mt.Gox effected value of Bitcoins across the whole network and required the founders to pump back in real cash from their own pockets to stabilize the eco-system.

It makes me wonder why people are interested in Bitcoins and Bitcoin trading in the first place, I guess the currency is only as secure as the Exchanges and the platforms they are running on.

Source: Network World


Posted in: Exploits/Vulnerabilities, Web Hacking

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,511 views
- AJAX: Is your application secure enough? - 120,377 views
- eEye Launches 0-Day Exploit Tracker - 85,870 views


CODENAME: Samurai Skills – Real World Penetration Testing Training

Outsmart Malicious Hackers


Introduction

Yes, there’s another new kid on the block when it comes to penetration testing training, this course is known as CODENAME: Samurai Skills by Ninja-Sec. I’m not going to go and compare this to any other course out there as I think there’s a place for all of them, and they all have pros and cons.

The author is one Mohamed Ramadan who does in fact know what he’s talking about, for a sample of his writing outside of this course-ware you can check here:

How Hackers Target and Hack Your Site

The course is marketed under the brand Ninja-Sec:

Ninja-Sec - Real World Penetration Testing Training

The main focus of this course is to teach you the following skills:

  • Gather Information Intelligence
  • Find Web Applications and System Security Vulnerabilities
  • Scan Your Target Stealthily
  • Exploit Web Applications and System Vulnerabilites
  • Conduct Real World Client Side Attacks
  • Conduct Tactical Post Exploitation on Windows and Linux Systems
  • Develop Windows Exploits

They themselves consider this a medium level course and are promising to come out with a more advanced course soon. I consider this course a good introduction to pen testing or as a good supplement to other more hardcore courses (like OSCP).

There’s a fair mix of introductory material and slides + ample video which walks you through the slides and shows hands on demonstrations.

The Course

The course covers 8 modules:

  • Module 1: Solid Introduction to Penetration Testing
  • Module 2: Real World Information Intelligence Techniques
  • Module 3: Scanning and Vulnerability Assessment
  • Module 4: Network Attacking Techniques
  • Module 5: Windows – Unix Attacking Techniques
  • Module 6: Windows – Unix Post-exploitation Techniques
  • Module 7: Web Exploitation Techniques
  • Module 8: Windows Exploit Development

Each module contains a ‘book’ – which is basically a set of presentation slides and video content – the length of the video varies greatly between chapters (the shortest is the introduction at 35 minutes and the longest is almost 5 hours for module 7).

The presentation slides generally give some introductory material, then run through the relevant subject in a fair amount of depth. Here’s an example of a slide:

CODENAME: Samurai Skills - Sample

It runs all the way from a foundation introduction to penetration testing to a quite advanced module about Windows exploit development.


Here’s a sample of the video material, also about SQL Injection:

The course runs through a great variety of tools and techniques, from old to new. It’s actually a great companion for the Darknet site, as we have written about most of the tools featured in the course – but we haven’t published many tutorials on how to actually use them.

So for example if you a reasonable idea of what tools do, but aren’t really sure how, when and what to use them for exactly – this course would be very beneficial for you. For example it goes into depth into stuff on how to hone your skills on vulnerable sites like WackoPicko, plus in depth examples using Metasploit on other more niche tools like BeEF – The Browser Exploitation Framework.

Samurai Skills - BeEF

The real monster of a module is 7 with 4 hours 58 minutes of video and 60 pages of slides, which is where the focus should be for me. Web Application Security is what is hot now and has been for the past couple of years, more and more web apps are being built and rolled out so it’s more likely you’ll land in a role where these skills are needed.

Labs

The labs consist of a 3-stage network with N00bs Network, Shad0w Network and Impossible Network. Each host is dual-homed so you have to attack them in sequence, you can’t for example attack Impossible Network straight from N00bs Network.

Samurai Skills Lab

The lab is a great way to exercise some of the skills you’ve gained from following this penetration testing course and is definitely a plus point of signing up for this course.

Conclusion

This is a solid course, it’s not the most polished course I’ve ever seen – but it’s very technically competent. Some people may struggle with the heavy Arabic accent in the video material, so I’d suggest watching the samples first and make sure you’re ok with that and you can follow what Mohamed is saying.

Another thing which could be a pro or a con is the pacing, most educational videos tend to cut away when stuff is happening – which obviously makes the pace a lot faster. In CODENAME: Samurai Skills the screen-cast is in real time, which means if a tool is loading or takes a while to run (just like it does in real life) you can sit and watch it.

In a way it gives you a good insight into the reality of the pace of penetration testing (no it’s not like Swordfish) – but for some people, you may find this frustrating.

I’d say if you’re just starting out or you want to get your hands on some material that guides you step by step how to carry out attacks – this course will be valuable to you. It will take you to a place where you’ll be able to start carrying out penetration tests.

It’s not the most intense infosec/pen-testing course out there, but it does deliver a lot of value for the price and I’m looking forwards to seeing how it improves and checking out the more advanced course when it hits the market.

Other plus stuff is you get a FREE subscription to HAKIN9 Magazine when you enroll along with a full years support in the forums.

The pricing for the course & lab access is currently as follows:

  • CODENAME: Samurai Skills Course Online v2 + 30 days access to Ninja-Sec Lab + NS|PT Certification = $490 USD
  • CODENAME: Samurai Skills Course Online v2 + 60 days access to Ninja-Sec Lab + NS|PT Certification = $590 USD
  • CODENAME: Samurai Skills Course Online v2 + 90 days access to Ninja-Sec Lab + NS|PT Certification = $690 USD

You can read more and sign up here:

http://ninja-sec.com/index.php/samurai-skills/


Posted in: Advertorial, General Hacking

Tags: , , , , , , , , , ,

Posted in: Advertorial, General Hacking | Add a Comment
Recent in Advertorial:
- Securing MySQL Installation on Ubuntu 16.04 LTS
- An Introduction To Web Application Security Systems
- Everything You Need To Know About Web Shells

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 42,288 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,415 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,284 views


Basic Fuzzing Framework (BFF) From CERT – Linux & Mac OSX Fuzzer Tool

Outsmart Malicious Hackers


The CERT Basic Fuzzing Framework (BFF) is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases that cause crashes.) The BFF automatically collects test cases that cause software to crash in unique ways, as well as debugging information associated with the crashes. The goal of BFF is to minimize the effort required for software vendors and security researchers to efficiently discover and analyze security vulnerabilities found via fuzzing.

Traditionally fuzzing has been very effective at finding security vulnerabilities, but because of its inherently stochastic nature results can be highly dependent on the initial configuration of the fuzzing system. BFF applies machine learning and evolutionary computing techniques to minimize the amount of manual configuration required to initiate and complete an effective fuzzing campaign. BFF adjusts its configuration parameters based on what it finds (or does not find) over the course of a fuzzing campaign. By doing so it can dramatically increase both the efficacy and efficiency of the campaign. As a result, expert knowledge is not required to configure an effective fuzz campaign, and novices and experts alike can start finding and analyzing vulnerabilities very quickly.


Features

  • Minimal initial configuration is required to start a fuzzing campaign
  • Minimal supervision of the fuzzing campaign is required, as BFF can automatically recover from many common problems that can interrupt fuzzing campaigns
  • Uniqueness determination through intelligent backtrace analysis
  • Automated test case minimization reduces the effort required to analyze results by distilling the test case to the minimal changes to the input data required to induce a specific crash
  • Online machine learning applied to fuzzing parameter and input file selection to improve the efficacy of the campaign
  • Distributed fuzzing support
  • Crash severity / exploitability triage

At the CERT/CC, they have already used the BFF infrastructure to find a number of critical vulnerabilities in products such as Adobe Reader and Flash Player; Foxit Reader; Apple QuickTime, Preview, and Mac OS X; Xpdf; Poppler; FFmpeg; JasPer; Wireshark; VMware VMnc video codec; the Indeo video codec; and many others.

You can download BFF here:

http://www.cert.org/download/bff/

Or read more here.


Posted in: Hacking Tools, Programming

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Recent in Hacking Tools:
- PyExfil – Python Data Exfiltration Tools
- Netdiscover – Network Address Discovery Tool
- Kautilya – Human Interface Device Hacking Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,001,015 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,512,201 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 692,167 views