UPDATE: Kali Linux 2018.1 Release!

PenTestIT RSS Feed
Second post of the new year and it is about the latest Kali Linux 2018.1 release! The last Kali Linux release was made available in the month of November. As usual, this new release includes all patches, fixes, updates, and improvements since the last release – Kali Linux 2017.3. Importantly, a nasty bug that caused the Gnome ShellRead more about UPDATE: Kali Linux 2018.1 Release!
The post UPDATE: Kali Linux 2018.1 Release! appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2018-1-release/

UPDATE: OWASP Dependency-Check 3.1.0

PenTestIT RSS Feed
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 3.1.0! This release comes with production ready Node and NSP analyzers! What is OWASP Dependency-Check? OWASP dependency-check is a softwareRead more about UPDATE: OWASP Dependency-Check 3.1.0
The post UPDATE: OWASP Dependency-Check 3.1.0 appeared first on PenTestIT.

Link: http://pentestit.com/update-owasp-dependency-check-3-1-0/

UPDATE: WordPress Exploit Framework v1.8!

PenTestIT RSS Feed
Good news guys! We now have the WordPress Exploit Framework v1.8 amongst us! This new version fixes API compatibility with a shell upload module, updates multiple dependencies, introduces multiple API changes and adds multiple new modules and payloads! What is WPXF or WordPress Exploit Framework? WordPress Exploit Framework is a Ruby framework for developing and using modules whichRead more about UPDATE: WordPress Exploit Framework v1.8!
The post UPDATE: WordPress Exploit Framework v1.8! appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/wS-bFATn61w/

w3af – Web Application Attack and Audit Framework

w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding.Identify and exploit a SQL injectionOne of the most difficult parts of securing your application is to identify the vulnerable parameters and define the real risk. This video shows how to easily identify and exploit SQL injection vulnerabilities. As bonus the video shows how to extract information using web application payloads.Batteries includedWant to know more about the low-level features provided by our framework? Go through our features page in order to understand what’s under the hood.Plugin architectureVulnerabilities are identified using plugins, which are short and sweet pieces of Python code that send specially crafted HTTP requests to forms and query string parameters to identify errors and mis-configurations.FlexibleEasy to use for novice users, fully customizable for hackers and developers. We’ve built it that way.Expert toolsBesides the automated scanning features w3af’s GUI provides expert tools which allow the advanced users to manually craft and send custom HTTP requests, generate requests in an automated manner, cluster HTTP responses and more!More here.Download w3af

Link: http://feedproxy.google.com/~r/PentestTools/~3/-iN9UCHryVA/w3af-web-application-attack-and-audit.html

UPDATE: Kali Linux 2017.3 Release!

PenTestIT RSS Feed
After a long hiatus, it’s good to be back and posting about the latest Kali Linux 2017.3 release! The last Kali Linux release was made available a couple of months ago. Presumably, this new release includes all patches, fixes, updates, and improvements since the last release. Additionally, the kernel has also been updated to 4.13.10 along withRead more about UPDATE: Kali Linux 2017.3 Release!
The post UPDATE: Kali Linux 2017.3 Release! appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2017-3-release/

FruityWifi: An Open Source Wireless Network Auditor

PenTestIT RSS Feed
Continuing with my current interest with Raspberry Pi based security tools again. My last post was about P4wnP1. This post is about FruityWiFi an open source tool that helps you with wireless network auditing. What is FruityWifi? FruityWifi is an open source tool based on WiFi Pineapple to audit wireless networks that can be installed onRead more about FruityWifi: An Open Source Wireless Network Auditor
The post FruityWifi: An Open Source Wireless Network Auditor appeared first on PenTestIT.

Link: http://pentestit.com/fruitywifi-open-source-wireless-network-auditor/

P4wnP1: A Open Source USB Attack Platform

PenTestIT RSS Feed
As of now, hardware security projects seem to be attracting me more than software based projects. Evidently, I wrote a few posts covering them – List of Portable Hardware Devices for Penetration Testing, List of Raspberry Pi DIY Projects for Anonymity, etc. among other awesome projects such as WarBerryPi, Kubebot. Another project is fast becomingRead more about P4wnP1: A Open Source USB Attack Platform
The post P4wnP1: A Open Source USB Attack Platform appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/GdTxBw_qZwM/