a4apphack

Skipfish is an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

Installation on Ubuntu/BackTrack (via Redspin)

Use the following commands in the terminal windows to install and run Skipfish. Replace OUTPUT_FOLDER and TARGETSITE with the domain name and the target’s URL respectively. Also change the wget URL to the URL of the latest version of Skipfish download available.

wget http://skipfish.googlecode.com/files/skipfish-1.29b.tgz
tar zxvf skipfish-1.01b.tgz
sudo apt-get install libidn11-dev
cd skipfish
make
cp dictionaries/default.wl skipfish.wl
./skipfish -o OUTPUT_FOLDER http://www.TARGETSITE.com

Trial Run

Installed SkipFish and ran on the target site, specs below.

Guest OS : BackTrack4 VM

Host OS : Windows Vista

RAM : 512MB

Application Size : Medium ( < 1000 Unique Pages )

Internet Speed : 1 MBPS

Skipfish Verbose

Skipfish displays the scan run statistics continuously during the run. Once the scan run is complete, we get to see the scan summary (shown in the below screenshot).

Skipfish Console (Click to Enlarge)

Read the rest of this entry »

3D TraceRoute is an all-in-one networking tool which has traceroute, whois, ping, nslookup, server header analyser, portscanner, telnet client and hell lot of tools coupled together in a single package.

This is a free portable tool and can run on almost any Windows operating systems (Pro commercial version with enhanced is also available)

Here I’ve documented few of the main features of the free version of this tool; download and experiment with 3D traceroute to get the complete picture of it.

Note: This article is targeted for the readers who have basic understanding or experience with using various networking tools.

Read the rest of this entry »

In the previous post, Secfox Part 1, we had seen how to customize the environment in FireFox to get better ease of use and more workspace. Now its time to fill in the addons.

This post has two sections, the first explains how to obtain details of any website (Information Gathering) and the second deals with analysis and understanding of HTTP raw header information.

Read the rest of this entry »

Windows Batch files can be used to automate or to run a sequence of operations. This includes starting multiple applications when windows starts up, clearing temp folder when a shortcut key is clicked, Ending certain unwanted processes etc

Read the rest of this entry »

USBSafeRemove is a very powerful USB Device Manager which has lots of unique features including reconnect the disconnected device, display locked process, stop with hotkey and many useful options.

Note : This is NOT a freeware and is a 30 Day trial product.

Read the rest of this entry »

While trying to extract large files (say in GBs) with 7zip (Or any compression tools) and you don’t have enough space in your C drive (or whereever your OS is installed), you might probably notice something like this….

And what you do is clear the temp files or search for some less important applications which you can uninstall. But you would ultimately fail by not finding the required space. The solution is to change the working folder used by 7zip. By default the working folder will be the root drive where OS is installed.

Change the temp folder is easy, Open Options from Tools Menu and select Plugins tab, now click Options and then Folders tab. Now change the temp folder as shown below.

And commandline options for geeks, the command is

7z x _FiletoExtract_ w_WorkingDir_ o_OutputFolder_

x : Denotes extract
w : Working Folder/Temp Folder (e.g. wD:\tmp\)
o : Output Folder (e.g oD:\Files\)

For more options check here

Note: Changing tempdir is not the feature available only in 7Zip, but its mentioned here because 7Zip is the most popular archivial tools available in the market.

Some of us use Truecrypt for storing our files in an isolated partition and might be less concerned on its security (Update: check the details at the end of this post). For example, my thumbdrive has a single encrypted file created with Truecrypt which I always mount it in W: drive, which helps me to run many of the non-portable apps in portable mode. Another possible reason, to sync various frequently used folders between different PC’s by creating a truecrypt volume and transferring only a single file so that you never missing anything while syncing and the copy can be done whole lot quicker.

But it will be a tedious and boring task to repeatedly follow a sequence of steps to get your volume mounted. But we can find out a simple solution for this…

Read the rest of this entry »

Firepassword is a tool which is used to enumerate the passwords saved in the Firefox password manager. This tool can be used to extract the credentials in plain text from the Firefox database and download it into a flat file for later use.
Read the rest of this entry »

With the help of batch programming we can enable or disable USB device in a single click.ACL permissions are also set during the process.

The script will enable the security permissions which will help us to modify certain registry keys, then modifies the required keys and reverts back the permissions.

Read the rest of this entry »

Some of the applications registers its default hotkey globally, which means it can be invoked any time by pressing the specified key combination. Many a times different apps uses same hotkey and ultimately results in conflict. Take Launchy for instance, it registers ‘Alt+Space’ hotkey by default. But if any new application installed uses the same hotkey, Lauchy will end up in popping a warning saying that it is not able to register its hotkey so configure an alternate one. This might sometimes be annoying because you might be using that hotkey for years and suddenly you are asked to change it just because who don’t know which is the other application creating the conflict Another scenario is while writing your own AutoHotKey scripts. You might want to assign a shortcut for the application you have created but have to make sure that it is not taken by any of the others. To resolve all these we have something called as Hotkey detector. Read the rest of this entry »