October 20th, 2014

Random tools

Here are a couple random security related tools that have been updated in the not-too-distant past:

Nmap 4.0(.1)According to Fyodor, 4.0 is faster, more accurate, more memory efficient, uses raw ethernet frames instead of raw sockets (important for windows), run-time interaction (for progress), and a much larger application version fingerprint database. On a related note, here is a paper from Fyodor on version detection.

John the Ripper 1.7According to Solar Designer, 1.7 offers primarily performance improvements that come in the form of better algorithms, better idle priority scheduling (so that it has limits the impact on running processes), better parallelism, and better optimized code that supports new hardware features. He thinks it’s the first program to cross the 1M crypts per second on a general-purpose CPU. This reminds me, if you’re not using Solar’s pam_passwdqc as a required pam module for your systems, you should, it’s pretty good.

Raw wireless utils — I mentioned these releases from during shmoocon previously, but didn’t get a chance to link them. rfakeap, rglueap, rcovert are tools for creating scads of fake access points, snaring unsuspecting windows users, and creating a covert communication channel over raw 802.11 frames (largely ignored by current IDS systems). Good stuff.

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS