Tools

The following are recent tools published by MWR InfoSecurity.

Tool

Drozer

Comprehensive security and attack framework for Android.

+ read more

Tool

icmptunnel: Pivot with Ping

Icmptunnel is a tool to tunnel IP traffic within ICMP echo request and response (ping) packets. It’s intended for bypassing firewalls in a semi-covert way, for example when pivoting inside a network where ping is allowed. It might also be useful for egress from a corporate network to the Internet, although it is quite common for ICMP echo traffic to be filtered at the network perimeter.

+ read more

Tool

Rapid OpenVPN Certificate & Configuration Deployment

On a number of recent occasions, I have needed to quickly configure and deploy OpenVPN. These situations have included simulated attacks, in which the opportunity to deploy OpenVPN as an egress or C2 channel presented itself, or during reconnaissance activities in which it is advantageous to disguise your real IP address for attribution purposes. In these cases, it is desirable to be able to rapidly deploy OpenVPN without compromising on security, and where the situation may not warrant or benefit from the overheads of constructing a full PKI.

+ read more

Tool

Jump List Parser (JLP)

Jump Lists are lists of recently opened items, such as files, folders, or websites, organized by yourself or the program that you use to open them. They have been around since Windows 7 and while many similar tools exist most do not support Windows 8, 8.1 and 10.Originally this tool started as a fork of JumpLister which makes heavy use of a GUI and has a larger memory footprint. Now JLP looks quite different as a lot of code has been removed or rewritten, can run from the command line and does not come with a GUI.

+ read more

Tool

QNX Security Tools

Alex Plaskett and Georgi Geshev presented "99 Problems but a Microkernel ain't one!" at  TROOPERS and BSides NYC. 

+ read more

Tool

SAP Decom

The SAP DIAG (Dynamic Information and Action Gateway) protocol is used for SAP GUI to SAP Server (Dispatcher and Message Server) communications.

+ read more

Tool

SAP Metasploit Modules

We have recently developed several Metasploit auxiliary and exploitation modules to assist consultants in assessing SAP systems.

+ read more

Tool

Incognito

A new version of Incognito is available.

+ read more

Tool

WebContentResolver

When assessing Android devices and applications we regularly come across vulnerabilities in Android Content-Providers. 

+ read more

Tool

Rulestats.pm - A SpamAssassin Rule Statistics Plugin

This is a SpamAssassin plugin which stores, on a rule by rule basis, the number of spam emails that each SpamAssassin rule fired on.

+ read more

Tool

DLSw Query Tool

This tool is intended for the purpose of evaluating security controls applied to the DLSw service running on a Cisco routing device.

+ read more

Tool

TCP-over-File Tunnel

As of Windows 2003, Terminal Services supports the sharing of local folders with clients by default; this tool can be used to tunnel multiple simultaneous TCP connections through shared files.

+ read more