introduction
SensePost is an independent and objective organisation specialising in information security consultation and assessment services. For all our assessment we apply strict methodologies. This is especially true for Internet Security Assessments, where our methodology has been developed and fine tuned over many years. One of the challenges that analysts at SensePost faced when engaging in assessments with enterprise-sized clients was applying this tried and tested methodology in an efficient and timely fashion. The requirement was to automate as much of the mundane processes in this methodology as possible whilst maintaining a high level of accuracy.
BiDiBLAH was developed by SensePost to specifically relieve our analysts from performing repetitive processes, thus increasing efficiency, improving accuracy and allowing them to concentrate on the areas of the assessment that require manual attention. It also means that important aspects of the methodology are contained and standardised in one entity, the tool. This in turn means that you eliminate the potential risk of data loss and ensure all assessments are conducted against the same accepted standard.
what is BiDiBLAH ?
To understand what BiDiBLAH is, you need to understand who SensePost is and where we come from. SensePost was started in 2000 with the focus of doing security assessments (although we later expanded our services to include training, consulting and Vulnerability Management Services). We've believed since the beginning that our analysts should always go the extra mile and that we should find a way to compromise the target no matter how much effort it takes. A lot of our assessments were done over the Internet and without any prior knowledge of where the networks live, or what architecture is in use.
Soon we started to work with large international companies and organizations where finding every single Internet Access Point and exposed Internet Service became a big part of our assessment. Our customers realized that it was not only the complex vulnerability on a single host that bit them, but more often the single unsecured host somewhere on their vast perimeter that allowed attackers to breech the network. Thus, footprinting became such a big component of our services that we were often asked to perform projects that only entailed performing a footprint.
During the same time we honed our methodology for external assessments and of course refined technology to automate as much of this work for us. At about the same time SensePost started to see application level problems rearing its ugly head - performing web application and thick application assessments became a big part of SensePost's business (But this is another story altogether).
Near the end of 2004 our external methodology was well established and we started putting many of the concepts into code. The result of all this is BiDiBLAH, and today we use BiDiBLAH in some way on almost all our assessments. As we've refined our methodologies and techniques, so we update BiDiBLAH, adding new features and functionality on a continuous basis.
how do I get the full version?
The Evaluation Copy of BiDiBLAH is limited to a 60 minute run time, and saving of data has been disabled.
The full version is licensed for 1 year. By purchasing the full version you will receive all minor updates free of charge. Click here to Purchase The Year Subscription. BiDiBLAH is not limited to certain IP ranges, domains or hosts.
what's new in version 2?
BiDiBLAH 2.0 ships with a host of new functionality and updates. Here's some of them...
- A Wizard!
- A step by step wizard which makes process and data flow real easy in BiDiBLAH.
- Top Level Domain (TLD) Extractor
- Brute force top level domains making footprinting more effective and increasing attack range. Read more...
- DB Export
- Export data into one of the following databases:
- MS SQL Server
- MySQL
- MS Access
- PostgreSQL
- Bi-Directional Link Extractor
- A Spider for extracting links to other hosts. Read more...
- Virtual Host Extractor
- Extract virtual hosts on given IP's. Read more...
- Metadata on Netblocks
- Colour code and add descriptions to Netblocks for easy navigating and sorting. Read more...
- SPUD Integration
- Gone with Google API keys! BiDiBLAH integrates with SPUD (included in the BiDiBLAH installer) wich makes Google results easily accessible (even without an API key).
BiDiBLAH - System Requirements
- You need to install the .NET framework 2 for BiDiBLAH.
- If you want to use Nessus functionality you will need a Nessus server or a login to one.
- If you want to use the sub domain discovery module, you will need SPUD.
- Minumum 256MB of RAM is preferred.
- The raw packet driver only works on Windows XP.
- If you dont want to use HTML reporting you'll need Office 2003.
Downloads:
Content links:
Neighbouring sections
- GlypeAhead - Glype Port Scanner
- J-Baah - Generic HTTP Fuzzer
- jCertChecker - SSL Certificate Miner
- ntp_monlist.py
- reDuh - HTTP Tunneling Proxy
- Scully - SQL Brute Forcer
- Spud - Generic Search Engine API
- Squeeza - SQL Injection Console
- Suru - Web Application Attack Proxy
- Wikto - Web Server Vulnerability Scanner
