introduction

SensePost is an independent and objective organisation specialising in information security consultation and assessment services. For all our assessment we apply strict methodologies. This is especially true for Internet Security Assessments, where our methodology has been developed and fine tuned over many years. One of the challenges that analysts at SensePost faced when engaging in assessments with enterprise-sized clients was applying this tried and tested methodology in an efficient and timely fashion. The requirement was to automate as much of the mundane processes in this methodology as possible whilst maintaining a high level of accuracy.

BiDiBLAH was developed by SensePost to specifically relieve our analysts from performing repetitive processes, thus increasing efficiency, improving accuracy and allowing them to concentrate on the areas of the assessment that require manual attention. It also means that important aspects of the methodology are contained and standardised in one entity, the tool. This in turn means that you eliminate the potential risk of data loss and ensure all assessments are conducted against the same accepted standard.

what is BiDiBLAH ?

Working with large international companies and organizations finding every single Internet Access Point and exposed Internet Services became a big part of our assessment. Our customers realized that it was not only the complex vulnerability on a single host that bit them, but more often the single unsecured host somewhere on their vast perimeter that allowed attackers to breach the network. Thus, footprinting became such a big component of our services that we were often asked to perform projects that only entailed performing a footprint. Our methodology was well established and so we started putting many of the concepts into code.

The result of all this is BiDiBLAH, and today we use BiDiBLAH in some way on almost all our assessments. As we've refined our methodologies and techniques, so we update BiDiBLAH, adding new features and functionality on a continuous basis.

BidiBLAH is dead, Long Live Yeti

After many years of depending on the tool we've decided to end-of-life BidiBLAH and replace it with a new, Java-based project named "Yeti". Yeti serves the same basic purpose as BidiBLAH but has been completely re-engineered and has exciting new modules that make it faster, more stable and more accurate, as well as being completely cross platform.

The planned release date for our 1st public beta of Yeti is 01 February 2011. The beta will initially be free but eventually we will need to charge for Yeti licenses also. Until then, we are offering BidiBLAH licenses at a 50% discount of their normal price. Clients who purchase this discounted license now will obviously have access to the Yeti beta, but will also automatically be upgraded to Yeti at no cost when the commercial version is later released.

how do I get it?

The Evaluation Copy of BiDiBLAH is limited to a 60 minute run time, and saving of data has been disabled.

The full version is licensed for 1 year. By purchasing the full version you will receive Yeti v1 free of charge. Click here to Purchase The Year Subscription. BiDiBLAH is not limited to certain IP ranges, domains or hosts.

BiDiBLAH - System Requirements

1. You need to install the .NET framework 2 for BiDiBLAH.
2. If you want to use Nessus functionality you will need a Nessus server or a login to one.
3. If you want to use the sub domain discovery module, you will need SPUD.
4. Minumum 256MB of RAM is preferred.
5. The raw packet driver only works on Windows XP.
6. If you dont want to use HTML reporting you'll need Office 2003.