Archive | August, 2015

Tiger – Unix Security Audit & Intrusion Detection Tool

The New Acunetix V12 Engine


Tiger is a Unix security audit tool that can be use both for auditing and as an intrusion detection system. It supports multiple Unix platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only POSIX tools and is written entirely in shell language.

Tiger has some interesting features that merit its resurrection, including a modular design that is easy to expand, and its double edge, it can be used as an audit tool and a host intrusion detection system tool.

Tiger - Unix Security Audit & Intrusion Detection Tool

Free Software intrusion detection is currently going many ways, from network IDS (with Snort), to the kernel (LIDS, or SNARE for Linux and Systrace for OpenBSD, for example), not mentioning file integrity checkers (many of these: aide, integrit, samhain, tripwire…) and logcheckers (even more of these, check the Log Analysis pages). But few of them focus on the host-side of intrusion detection fully.

Tiger complements these tools and also provides a framework in which all of them can work together. Tiger is not a logchecker, nor it focused in integrity analysis. It does “the other stuff”, it checks the system configuration and status. Read the manpage for a full description of checks implemented in Tiger. A good example of what Tiger can do is, for example, check_findeleted, a module that can determine which network servers running in a system are using deleted files (because libraries were patched during an upgrade but the server’s services not restarted).


There are other similar tools, but most of them focus on privilege escalation:

LinEnum – Linux Enumeration & Privilege Escalation Tool
Lynis v1.6.0 Released For Download – Linux Security Auditing Tool
unix-privesc-check – Unix/Linux User Privilege Escalation Scanner

You can download Tiger here:

tiger-3.2.3.tar.gz

Or read more here.

Posted in: Countermeasures, Linux Hacking, Security Software

Topic: Countermeasures, Linux Hacking, Security Software


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


Windows 10 Privacy – Just Installed? Read This

Use Netsparker


So no big surprise here but there’s some issues with the default settings in regards to Windows 10 Privacy, if you run through the express install without customizing settings the defaults a little suspect.

Windows 10 Privacy - Just Installed? Read This

A lot of Windows 7 and Windows 8 users have already opted in to the automatic (and free) upgrade to the latest operating system from Microsoft – Windows 10, so I would imagine this effects a lot of people.

Here’s a quick FYI: if you installed Windows 10, and in a rush to try out Microsoft’s new operating system, you clicked through the default settings without looking, you may want to look again.

If you value your privacy, or have a distrust of Microsoft, you probably want to make sure some or all of the settings are flipped to off. These include things like sending “typing and inking” data to Microsoft’s servers, and letting apps identify you by your unique advertising ID number.

Your physical whereabouts and your web browser history, plus your contacts and calendar records, are also phoned home to Redmond. Your PC will even let other computers download updates from it, and potentially share your Wi-Fi network with strangers.

There’s a handy guide to the settings you need to look out for during the install and afterwards. On an installed system, find the Settings app and select Privacy to see all the controls.

You probably want to turn Cortana off, unless you find it really useful, and don’t forget to opt-out of personalized ads (more info here).

Some of the features, which are on by default, have their uses: for example, SmartScreen is supposed to stop you from downloading malware or visiting websites known to be infecting PCs, assuming you’re using Internet Explorer and apps from the Windows Store. And sending odd-looking executable files to Windows Defender so they can be scanned for malware improves security for everyone using Windows 10.


So yah, no surprise it’s phoning home to Redmond – but the amount of data shared might be more than you are comfortable with, especially coming from Windows 7 (which doesn’t really share anything). I can’t say I’m familiar enough with Windows 8 to comment on its privacy settings or issues.

Here’s the guide to the settings and how to protect yourself – https://fix10.isleaked.com/

But the company tells the press: “Windows does not collect personal information without your consent. To effectively provide Windows as a service, Microsoft gathers some performance, diagnostic and usage information that helps keep Windows and apps running properly. Microsoft uses this information to identify problems and develop fixes.”

Yes, these are interesting features – perhaps even useful. It would be fantastic, though, if there was more information upfront about the services before we decide to enable them, as opposed to forcing them on us and hoping we won’t notice or care. We’re all adults, and we know what it feels like when someone is trying to pull a fast one on us.

And Windows 10 feels like it’s trying to pull a fast one on a lot of us.

Before the Microsoft apologists get too upset, there are similar defaults in OS X and some flavors of Linux. Google Android and Chrome are also pretty aggressive with your data. It always pays to check the default settings.

As mentioned, it’s also not super uncommon and we reported on the Mac OS X Yosemite Spotlight Privacy issue before, Chrome, Android and certain versions of Linux also phone a fair amount of data home.

As always, check the defaults and ensure you choose the settings that protect you to a degree you’re comfortable with.

Source: The Register

Posted in: Privacy

Topic: Privacy


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


FruityWifi – Wireless Network Auditing Tool

Use Netsparker


FruityWifi is an open source wireless network auditing tool, it allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initially, the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system.

FruityWifi - Wireless Network Auditing Tool


Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq.

What Does FruityWifi Wifi Audit Tool do?

With the new version, it is possible to install external modules. This functionality gives the user more flexibility and the FruityWifi can be customized. The modules can be added or removed anytime using the online repository.

Now it is possible to use FruityWifi combining multiple networks and setups:

  • Ethernet <--> Ethernet,
  • Ethernet <--> 3G/4G,
  • Ethernet <--> Wifi,
  • Wifi <--> Wifi,
  • Wifi <--> 3G/4G, etc.

Within the new options on the control panel, we can change the AP mode between Hostapd or Airmon-ng allowing to use more chipsets like Realtek.

It is possible to customize each one of the network interfaces which allows the user to keep the current setup or change it completely. It also has a new interface, new modules, Realtek chipsets support, Mobile Broadband (3G/4G) support, a new control panel, and more.

FruityWifi Wifi Audit Tool Modules


FruityWifi is based on modules making it more flexible. These modules can be installed from the control panel to provide FruityWifi with new functionalities.

  • Hostapd Karma
  • URLsnarf
  • DNSspoof
  • Kismet
  • Squid (code injection capabilities)
  • SSLstrip (code injection capabilities)
  • nmap
  • mdk3
  • ngrep
  • Captive Portal
  • Nessus
  • Ettercap
  • Tcpdump
  • AutoSSH
  • Supplicant
  • 3G/4G

You can download FruityWifi here:

FruityWifi-v2.4.zip

Or read more here.

Posted in: Wireless Hacking

Topic: Wireless Hacking


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.