Navigation



Inguma 0.0.6 Released for Download – Free Pen-testing Framework

Last updated: September 9, 2015 | 14,395 views

Quite a few people seem to be interested in this tool, so here is the latest revision – Inguma 0.0.6.

For those that don’t know, Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Inguma Penetration Testing Toolkit

In this new version various things have been added like new modules and improvements in the existing ones. For example the Oracle modules. The Oracle payloads now uses the Cursor Injection method when possible so CREATE PROCEDURE system privilege is not needed to become DBA.

The support for InlineEgg, added in version 0.0.5.1, have been removed and a new completely free library have been added (PyShellCodeLib).

The static analysis framework OpenDis have been enhanced and now you can use the API exposed by OpenDis to write your own binary static analysis tools. As an example of the API, a tool to make binary diffs have been added. Take a look to the file $INGUMA_DIR/dis/asmdiff.py and to the README stored in the same directory.

New 5 exploits for Oracle Databases have been added and the module “sidguess” have been enhanced to retrieve the SID of the database instance from the Enterprise Manager/Database Control banner when possible.

The new modules added to the discover, gather and brute sections are the following:

  • brutehttp: A brute forcer for HTTP servers.
  • extip : A tool to known your external IP address. Very useful to check anonymous proxies.
  • nmbstat : A tool to gather NetBIOS information.
  • ipscan : A tool to make IP protocol scans. The tool check what IP protocols are enabled in the target.
  • arppoison: A tool to poison target’s ARP cache

You can download Inguma 0.0.6 here:

Inguma 0.0.6

Or read more here.

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares
Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking

, , , , , ,


Latest Posts:


dSploit APK Download - Hacking & Security Toolkit For Android dSploit APK Download – Hacking & Security Toolkit For Android
dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities.
January 15, 2020 - 107 Shares
Scallion - GPU Based Onion Hash Generator Scallion – GPU Based Onion Hash Generator
Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor's hidden services).
January 10, 2020 - 193 Shares
WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords
WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine.
December 19, 2019 - 297 Shares
truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
December 2, 2019 - 168 Shares
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
November 25, 2019 - 143 Shares
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
November 1, 2019 - 161 Shares


12 Responses to Inguma 0.0.6 Released for Download – Free Pen-testing Framework

  1. Sir Henry December 19, 2007 at 1:54 pm #

    I downloaded a previous version of Inguma to research a python project on which I am working and, as stated in a previous post for Inguma, I find the modules to be brilliant in their code structure and execution. Right now, it is a baseline reference for me while learning python and figuring out what I want to do with my project.

  2. cpj December 20, 2007 at 3:03 am #

    @Sir Henry
    I’m sort of doing the same thing. That is to say I am playing around with the program. At first I had some trouble getting some of the right dependencies to get inguma to work (check the REQUIRES file and you’ll see what I mean) even though some of them are sent with the inguma tarball. One of my friends and I are probing some of our cheap work comps, so it might come in handy. I wish I could find the beauty in the coding: alas, I am only a python novice / My favorite color is blue … no yellow! argg

  3. Sir Henry December 20, 2007 at 4:56 pm #

    So far I have only been looking at it as a reference to see how the modules are invoked and what can be done with said modules. My project is in the infancy stage and simply gathering requirements. Once we break through that stage, we will then start testing out different items to see how our project can be a “value-add” (I hate buzzwords, yet seem to use them more than I would like) for us.

  4. Joxean Koret December 20, 2007 at 9:33 pm #

    Hi cpj and Sir Henry,

    Can I help you in your projects? And, BTW, what is the problem with the dependencies? Did I missed something?

    Regards

  5. goodpeople December 21, 2007 at 10:39 am #

    Haven’t had time to play with it yet. But starting tomorrow I have two weeks off. (christmas vacation, gawd, I love being a teacher)..

  6. Sir Henry December 22, 2007 at 6:20 pm #

    @Joxean

    Thanks for the interest, but this is a proprietary project that a friend and I are working on for a consulting gig that we are doing. Should we branch out further in the future, I will let you know.

  7. metafan December 24, 2007 at 7:00 am #

    This tool is great, adding metasploit exploits it will replace other commercial high price low quality tools. It seems a potential replacement for them! Once my boss asked me why we were paying for two commercial products when there was metasploit for free, I didn’t know the answer, really. One of the reasons was the reports but I was able to quickly add reporting support to the free tools. I would donate to this project.
    congratulations!

  8. CG December 24, 2007 at 7:27 am #

    I have a feeling Joxean might be able to answer any questions on inguma.

    as far as dependencies, the only one that really seems to give people trouble is getting cx_oracle installed.

  9. CG December 24, 2007 at 9:32 pm #

    “Once my boss asked me why we were paying for two commercial products when there was metasploit for free, I didn

  10. eM3rC January 6, 2008 at 10:27 pm #

    Amazing program!

    Thanks for the post!

  11. Pantagruel March 14, 2008 at 7:53 pm #

    Inguma version 0.0.7.2 has been released. In this version new modules and exploits, fixed many, many, many bugs as well as
    enhancing existing modules, such as the Oracle related stuff where added.

    http://inguma.sourceforge.net/

  12. James C March 14, 2008 at 9:30 pm #

    @Pantagruel
    thanks for the update