SSLMap: 0.2.0 Release

on August 30, 2010 - 0 Comments

Today we are releasing one of our private tools – SSLMap 0.2.0. SSLMap is a lightweight TLS/SSL cipher suite enumeration tool. The tool was developed due to consistent false negatives reported by a number of similar tools (e.g. FoundStone SSLDigger).

You can use this tool during pentesting engagements to quickly produce reliable reports with individual classification [...]

Read more »

BinPack: 2.0.1 Release

on August 21, 2010 - 0 Comments

BinPack version 2.0.1 is now released! This was actually the version that I originally wanted to release during the security conferences in Las Vegas but ran out of coding time. Everything should be stable now, so please enjoy.
New Features/Fixes:

Above the package list are a various modes to sort and find packages.

The drop [...]

Read more »

BinPack: Las Vegas Edition Release

on July 31, 2010 - 4 Comments

For those weren’t able to score a BinPack disc, don’t worry we have setup a torrent of the iso. The disc contains a portable security environment customized for all the various Black Hat, DEFCON, and Security B-Sides attendees as well as the BinPack tool.
Here is the latest screenshot of the tool. There are several bugs [...]

Read more »

BinPack: Preview

on July 17, 2010 - 7 Comments

As I mentioned in the last post, we will be releasing this tool in Las Vegas during Black Hat / DEFCON / Security B-Sides. The core components are all done, now its just onto neat feature additions and making the UI awesome. If anyone is interested in testing the system, leave a comment in this [...]

Read more »

BinPack: History

on July 14, 2010 - 0 Comments

For a couple years now, I’ve been maintaining a set of portable Windows software so that I could easily have a standard set of tools at my disposal to any system I was using. At the time, it was only for myself and I manually added and deleted programs, and built a menu system so [...]

Read more »

Nessus Parsing Tools: History

on April 24, 2010 - 1 Comment

While on an engagement a while ago I noticed that the tester’s workflow was time consuming as they were scrolling through nessus reports to find vulnerabilities in which they either needed to confirm or dig into deeper. There were many findings that could automatically be written up because the supporting information in the output was [...]

Read more »

Nessus Parsing Tools 1.3.1

on April 4, 2010 - 0 Comments

I wanted to get a release out with the new unsorted report mode that I forgot that I hardcoded the ignore_ids.txt file to the script. It is now an optional file and you can supply your own file name.
 
Nessus Parsing Tools 1.3.1:

nessus_tools-1.3.1-src.zip
nessus_tools-1.3.1-win32-bin.zip

Read more »

Nessus Parsing Tools 1.3

on April 3, 2010 - 0 Comments

In the last release we introduced report generation for findings that need no additional investigation (auto mode) and findings that do need additional manual investigations (manual mode). While this is certainly great to reduce time, we noticed that there was still a need to go back to the original nessus report to see what was [...]

Read more »