Filer - TrueSec

Sveriges främsta experter inom avancerad it-säkerhet och infrastruktur

Ett spetskompetensbolag med experter inom it-säkerhet och infrastruktur. I bolaget finns en unik sammansättning av expertkonsulter som enskilda eller i team utför kvalificerade uppdrag åt företag, myndigheter och organisationer.

FILER

Här finner du diverse små applikationer och verktyg som vi valt att släppa publikt

Vi skapar ständigt nya verktyg och applikationer som ett led i utvecklingen av våra tjänster och kompetenser. Här publicerar vi några av dessa för publik nedladdning. Vi planerar att släppa ytterligare verktyg inom snar framtid så håll ögonen öppna!

gsecdump

Hämta filen

Version: 0.6, storlek: 130,50 KB

Beskrivning:

gsecdump är ett verktyg som extraherar olika hemligheter från ett Windows system

Syntax:

gsecdump [options]

options:
  -h [ --help ]             show help
  -a [ --dump_all ]         dump all secrets
  -l [ --dump_lsa ]         dump lsa secrets
  -w [ --dump_wireless ]    dump mircosoft wireless connections
  -u [ --dump_usedhashes ]  dump hashes from active logon sessions
  -s [ --dump_hashes ]      dump hashes from SAM/AD

Författare:

Johannes Gumbel

GHDB/GAPI Search tool

Hämta filen

Version: 1.2, storlek: 107,05 KB

Beskrivning:

Verktyget använder Google Hacking Database GHDB samt Google API för att samla information från Google om olika websajter

Syntax:

gapi.js search_text number_of_results

Resultaten från de olika GHDB sökningarna sparas i separata XML filer

Författare:

Hasain Alshakarti

Fine Grain Password Policy Tool Beta 2 (x86)

Hämta filen

Version: 2.2256, storlek: 0 bytes

Windows Server 2008 and Windows Vista
• Windows Server 2008 Active Directory Forest, Preferred build: Windows Server 2008 RC0 or later
• Windows PowerShell installed (for command-line and scripting support)

Windows Server 2003 and Windows XP
•         Microsoft .NET Framework 2.0.
•         Microsoft Management Console 3.0
•         Windows Server 2008 Active Directory Forest, Preferred build: Windows Server 2008 RC0 or later
•         Windows PowerShell installed (for command-line and scripting support)

Usage information
Note: The Fine Grain Password Policy Tool will currently only work from a domain joined computer.
Fine Grain Password Policy Tool Core PowerShell Samples.
FGPP Beta 2 Milestone (Build 2230-2258) supports the following PowerShell Commands.
Create new Password Policies
New-PasswordPolicy <Name> [-domain <FQDNDomainName>] -MaximumPasswordAge <timespan> -MinimumPasswordAge <timespan> -MinimumPasswordLength <PassswordMinLenght> -PasswordComplexityEnabled <$True/$False> -PasswordReversibleEncryptionEnabled <$True/$False> -PasswordSettingsPrecendence <PrecendenceOrder> -PasswordHistoryLength <NumberOfPasswords> -LockoutDuration <timespan> -LockoutObservationWindow <timespan> -LockoutThreshold <int> -AppliesTo *SupportedNameFormats

Modify existing Password Policies
Modify-PasswordPolicy <name> [-domain <FQDNDomainName>] [-MaximumPasswordAge <timespan>] [-MinimumPasswordAge <timespan>] [-MinimumPasswordLength <PassswordMinLenght>] [-PasswordComplexityEnabled <$True/$False>] [-PasswordReversibleEncryptionEnabled <$True/$False>] [-PasswordSettingsPrecendence <PrecendenceOrder>] [-PasswordHistoryLength <NumberOfPasswords>] [-LockoutDuration <timespan>] [-LockoutObservationWindow <timespan>] [-LockoutThreshold <int>] -AppliesToAdd *SupportedNameFormats -AppliesToRemove *SupportedNameFormats

Delete Password Policies
Delete-PasswordPolicy <name> [-domain <FQDNDomainName>] [-all]
Reame Password Policies
Rename-PasswordPolicy <name> [-domain <FQDNDomainName>] -NewName <name>

Add users and global groups to an existing Password Policy
Add-PasswordPolicy -Name <name> [-domain <FQDNDomainName>] -AppliesTo *SupportedNameFormats

Remove users and global groups to an existing Password Policy
Remove-PasswordPolicy -Name <name> [-domain <FQDNDomainName>] -AppliesTo *SupportedNameFormats [-all]
Get the Effective PasswordPolicy for one or more users objects
Get-PasswordPolicyEffective <name> [-domain <FQDNDomainName>]
--------------------------------------------------------------------------------------------------------------------------------------------------------------
*SupportedNameFormats: [Domain\UserN, "First LastName", {4fa050f0-f561-11cf-bdd9-00aa003a77b6}, example.microsoft.com/software/user name, usern@example.microsoft.com, S-1-5-21-397955417-626881126-188441444-501]

Fine Grain Password Policy Tool Additional PowerShell Samples.
FGPP Beta 2 Milestone (Build 2230-2258) supports the following PowerShell Commands.
--------------------------------------------------------------------------------------------------------------------------------------------------------------
How to use the Get-PasswordPolicy and New-PasswordPolicy to copy an existing PasswordPolicy
Note: Any parameter can be used with New-PasswordPolicy override settings from the existing policy.
Get-PasswordPolicy <name> [-domain <FQDNDomainName>] | New-PasswordPolicy <Name> [-domain <FQDNDomainName>] [-MaximumPasswordAge <timespan>] [-MinimumPasswordAge <timespan>] [-MinimumPasswordLength <PassswordMinLenght>] [-PasswordComplexityEnabled <$True/$False>] [-PasswordReversibleEncryptionEnabled <$True/$False>] [-PasswordSettingsPrecendence <PrecendenceOrder>] [-PasswordHistoryLength <NumberOfPasswords>] [-LockoutDuration <timespan>] [-LockoutObservationWindow <timespan>] [-LockoutThreshold <int> -AppliesTo * SupportedNameFormats]
--------------------------------------------------------------------------------------------------------------------------------------------------------------
How to check policy compliance for linked users for a one or more Password Policies
foreach ($Policy in Get-PasswordPolicy [<Name>]) { foreach ($Applied in $Policy.AppliesTo) { Get-PasswordPo
licyEffective $Applied } }

msvctl

Hämta filen

Version: 0.3, storlek: 0 bytes

msvctl v0.3 by Johannes Gumbel (johannes.gumbel@truesec.se)

Syntax:

msvctl help (default)
msvctl list
msvctl del <luid>
msvctl [<domain>\<user>] [lm <lm hash>] [ntlm <ntlm hash>] set <luid>
msvctl <domain>\<user> [lm <lm hash>] [ntlm <ntlm hash>] add <luid>
msvctl <domain>\<user> [lm <lm hash>] [ntlm <ntlm hash>] run <cmd> ...
user@domain is equal to domain\user
xxx:yyy is equal to lm xxx ntlm yyy
xxx: is equal to lm xxx
:yyy is equal to ntlm yyy
a:b:c:d::: is equal to "a@ lm c ntlm d" (pwdump style)
note: the last three ':' are optional
note: if username is of form user(xxx) the (xxx) is stripped

if no domain is provided it defaults to WORKGROUP

Sombi

Hämta filen

Version: 1.2, storlek: 0 bytes

Sombi (SMB Zombie) is a ruby hack that I created a while back in order to get SMB reflection attacks working in metasploit. Sadly, because of my dislike of metasploits SMB implementation, I decided to make it a stand-alone application. Currently, you are on your own when it comes to using sombi! I'll produce a FAQ here as soon as questions starts being asked and answered.

Fine Grain Password Policy Tool Beta 2 (x64)

Hämta filen

Version: 2.2256, storlek: 0 bytes

System Requirements
Fine Grain Password Policy Tool (FGPP) Beta 2 are “Supported” on the following platforms
•         Windows Server 2008 Beta 3 or later, Preferred build: Windows Server 2008 RC0
•         Windows Vista and Windows Vista Service Pack 1
•         Windows Server 2003 Service Pack 1 and Windows Server 2003 R2
•         Windows XP Service Pack 2

Prerequisites
Before installing this build, you must have:
Windows Server 2008 and Windows Vista
•         Windows Server 2008 Active Directory Forest, Preferred build: Windows Server 2008 RC0 or later
•         Windows PowerShell installed (for command-line and scripting support)
Windows Server 2003 and Windows XP
•         Microsoft .NET Framework 2.0.
•         Microsoft Management Console 3.0
•         Windows Server 2008 Active Directory Forest, Preferred build: Windows Server 2008 RC0 or later
•         Windows PowerShell installed (for command-line and scripting support)

Delete Password Policies
Delete-PasswordPolicy <name> [-domain <FQDNDomainName>] [-all]
Reame Password Policies
Rename-PasswordPolicy <name> [-domain <FQDNDomainName>] -NewName <name>

Add users and global groups to an existing Password Policy
Add-PasswordPolicy -Name <name> [-domain <FQDNDomainName>] -AppliesTo *SupportedNameFormats

Verktyg & länkar för dig som arbetar med säker utveckling

Advisories - rapporterar sårbarheter
Secunia	Listar sårbarheter.
SecurityFocus	Listar sårbarheter. Innehåller även bra whitepapers.
Securitytracker	Sårbarheter
CVE	Common Vulnerabilities and Exposures database
Securiteam	Sårbarheter, artiklar, verktyg

Resurser online
MSDN Security Developer Center	Säkerhet på MSDN
MSDN Patterns & Practices Security	Säkerhet på Patterns & Practices
Black Hat	Säkerhetskonferens. Innehåller arkiv med presentationer.
Shmoo group	Arrangerar ShmooCon. Innehåller arkiv med presentationsmaterial.
Foundstone	Verktyg, whitepapers, utbildning
Security Forest	Verktyg, whitepapers, advisories
OWASP	Online-resurs för webbsäkerhet. Verktyg, whitepapers, etc.
Google Hacking database	Databas för Google Hacking
Packetstorm Security	Whitepapers, advisories
rootkit.com	Allt om rootkits
sqlsecurity	SQL-säkerhet
milw0rm	Arkiv med exploits

Whitepapers, artiklar, övriga resurser
Watchfire whitepapers	Diverse whitepapers. Allt från Xpath injections, XSS, http response splitting, etc.
SPI Labs (SPI Dynamics)	Whitepapers, artiklar och Webcasts
NGS Software	Whitepapers
Securityfocus	Whitepapers på securityfocus
XSS (Cross Site Scripting) Cheat Sheet	Mycket bra resurs på XSS
Hacking Web 2.0 Applications with Firefox	Testa säkerheten i dina AJAX apps med Firefox
New SQL Truncation Attacks And How To Avoid Them	Artikel på MSDN om SQL truncation attacks
Detection of SQL Injection and XSS attacks	Tips på RegExp för att upptäcka sårbarheter
Advanced SQL Injection In SQL Server Applications	Bra whitepaper på sql injections på NGS software
(more) Advanced SQL Injection	Bra whitepaper på sql injections på NGS software
Red database security	Oracle Security Whitepapers

Verktyg
Fiddler	HTTP Debugging Proxy. Har ett eventbaserat skriptsystem i JS.NET!
Microsoft Anti XSS library	Microsoft Anti XSS library
Firefox plugins for auditing	Firefox plugins for säkerhetstestning
Insecure.org	Lista med länkar till verktyg.
Paros Proxy	Webbproxy
Metasploit Project	Ramverk för penetrationstestning
XSS Shell	XSS Backdoor
XSS Database	Databas som bygger på XSS Cheat Sheet
Olly Dbg	Debugger
Debugging Tools for Windows	debugging för Windows
IDAPro Disassembler	Professionell Disassembler & debugger
Peachfuzz	Fuzzer skriven i python
Attack API	API för javascriptbaserade angrepp
Splint	C Source code analysis

Microsoft - Ett urval av länkar på MSDN
MSDN Security Developer Center	Säkerhet på MSDN
Patterns & Practices Security	Säkerhet på Patterns & Practices
patterns & practices Security Guidance for .NET Framework 2.0	Säkerhetsguide för 2.0
Improving Web Application Security: Threats and Countermeasures Roadmap	Bra allomfattande guide
Patterns & Practices Security guidelines index	Index för guidelines
Patterns & Practices Security checklist index	Index för alla checklistor
Patterns & Practices Security How tos index	Index för How tos
Digital Blackbelt series	Diverse webcasts om säker kodning
AJAX Security WebCasts	Webcasts om säkerhet i AJAX
Fiddler PowerToy - Part 1: HTTP Debugging	Introduktion till fiddler http debugging proxy del 1
Fiddler PowerToy - Part 2: HTTP Performance	Introduktion till fiddler http debugging proxy del 2

Presentationer, slides
SQL Injections By Truncation