a4apphack

This post lists 13 Chrome Extensions to aid security testers during their web application pen testing.

1. WebDeveloper

2. Firebug Lite

3. Pendule

Read the rest of this entry »

There are various harddisk space analyzers which gives us a graphical representation of the files/folders which eats up our harddisk. These tools even provide options to visually navigate through the folders to view the space occupied by its subfolders. Here, we talk about few popular disk analyzers which are portable and worth giving a shot.

Comparison of all those are presented in a table at the end of this post.

Security Perspective: If you are an info sec guy, esp. in forensics, you can utilize the features of the these tools to identify the presence of hidden large files/archives which might possibly contain some sensitive data in it. Most of the time secret truecrypt files are hidden inside some OS folders to make it look genuine.

Note: Most of the apps mentioned here can be downloaded in a portable format. The others can be made portable using the method mentioned here

Comparison Table – here.

Read the rest of this entry »

Backtrack is the most popularly used security distro used while during pentests. While we can partition our harddisk, install this OS and dual boot with our default OS; things can be made simpler by running BackTrack VM within our default OS. Using a security distro in a VM gives us few advantages like, portability & ability to quickly restore/duplicate the instances as required.

Running Backtrack

BackTrack4 VM can be downloaded from the backtrack site (link at the end of the post) and to run the VM, we need the free VMWare Player.

Install the VMWare Player and open the BT VM with it. We are good to go with the default configuration unless we have more RAM to spare (Its recommended to provide 512MB of RAM if you have around 2GB).

Adjust Backtrack VM RAM

Default Credentials

Backtrack VM comes with the default login credentials (which can be changed later, ofcourse)

bt login:  root
Password:  toor
. . .
root@bt:~#  startx

Read the rest of this entry »

This post details about the steps to add Syntax Highlighting Feature to any SharePoint site where you have access to upload files to server. This can help people who embed code snippets in the SharePoint site and share it with their team.

Download and extract SyntaxHighlighter scripts to your PC (Check the download link at the bottom of the post). Now access the SharePoint site and create a folder structure as shown in the below screenshot (i.e. to create ‘scripts’, ‘src’ and ‘styles’ folders inside syntax folder which is present in ‘Shared Documents’). Now upload the syntax highlighter files to appropriate folders.

Upload Scripts Folder Structure

Read the rest of this entry »

Skipfish is an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

Installation on Ubuntu/BackTrack (via Redspin)

Use the following commands in the terminal windows to install and run Skipfish. Replace OUTPUT_FOLDER and TARGETSITE with the domain name and the target’s URL respectively. Also change the wget URL to the URL of the latest version of Skipfish download available.

wget http://skipfish.googlecode.com/files/skipfish-1.29b.tgz
tar zxvf skipfish-1.01b.tgz
sudo apt-get install libidn11-dev
cd skipfish
make
cp dictionaries/default.wl skipfish.wl
./skipfish -o OUTPUT_FOLDER http://www.TARGETSITE.com

Trial Run

Installed SkipFish and ran on the target site, specs below.

Guest OS : BackTrack4 VM

Host OS : Windows Vista

RAM : 512MB

Application Size : Medium ( < 1000 Unique Pages )

Internet Speed : 1 MBPS

Skipfish Verbose

Skipfish displays the scan run statistics continuously during the run. Once the scan run is complete, we get to see the scan summary (shown in the below screenshot).

Skipfish Console (Click to Enlarge)

Read the rest of this entry »

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. This tool automatically identifies web application vulnerabilities by using advanced discovery and fuzzing technologies.

Websecurify Scan in Progress

This post talks about few portable ipod managers which can directly run from USB devices and sync with your iPods. If you don’t want to install the heavyweight iTunes in your PC, choose any of the apps discussed here.

Various apps discussed in this post are

1. Floola
2. iDump
3. YamiPod
4. SharePod
5. SongBird
6. MediaMonkey

Read the rest of this entry »

ZeroDayScan is an online web application scanner which crawls through the app and discovers the vulnerabilities in the application. It attempts to find out the common web vulnerabilities like XSS, SQL Injection and all the way down to web app fingerprinting.

As per their FAQ it takes around half an hour to scan normal sized websites, but as soon as I initiated scan for my website, I got a notification mail saying that it takes around 72 hours to complete the scan but I got the results emailed in about 5 hours.

Read the rest of this entry »

I had mentioned in my previous post about Pendule – WebDeveloper Equivalent In Chrome, but lately the developer of WebDeveloper has released Chrome compatible version of this popular Firefox addon. WebDeveloper is definitely a favorite tool used by application security analysts and now it comes handy when you are testing your target in chrome. I think I’ll have to start a new series like SecFox, for Chrome.

WebDeveloper For Chrome (Click to Zoom)

Read the rest of this entry »

Chrome is becoming popular among the developers due to its extended support for the upcoming web technologies. If these features of chrome can help the developers to dissect & analyse the newest web applications, so can it for security analysts. Firefox has become so popular among the security guys due to the availability of addons like WebDeveloper/Firebug which can aid them during their security assessments.

The extension Pendule is an attempt to reproduce the features of WebDeveloper Addon for firefox. Currently it doesn’t support all the features of WebDeveloper but expected to incorporate soon.

Pendule - Chrome Extension

Features

1. Form Manipulations

2. View Javascripts

3. Show Image Paths Inline

Download Pendule: