Miscellaneous
Miscellaneous scripts and things that we have written that may be of use to some of you.
BiLE-suite.tgz
The BiLE suite includes a couple of PERL scripts used in enumeration
processes. It featured in Penetration Tester's Open Source Toolkit
book
Download
(070bc950dc8d36a88c667559f549dd55)
SP-DNS-mine.pl
SP-DNS-mine.pl uses Google to extract sub domains and DNS names for a given
domain. This PERL script features in J0hnny Long's book "Google hacking for
Penetration Testers".
Download
(3dc364305dd3c79019cacb3aa79f2a50)
BilePublic.tgz
BiLE stands for Bi-directional Link Extraction. It is used in the footprinting process to
find non-obvious relationships between different web sites
Download
(9829de8385196b8233cfa184e3353c0b)
unitools.tgz
Unitools.tgz
contains two perl scripts - unicodeloader.pl uploads files to a
vulnerable IIS site, and unicodexecute3.pl includes searches for more
executable directories and is more robust and stable.
Download
(31eb60d9e98049816c3c0907cb176c03)
decoyblues.pl
Decoyblues.pl
is a denial of service attack against active firewalls. Works by
basically creating a lot of decoys with nmap. Router/firewall will try to
block all the (decoyed) IP numbers, eventually running out of access
list/packetfilters, and possibly crashing, or overwriting access lists.
Download
(b775b42865b17628b85c373ae67fbb99)
pudding01.tar.gz
Pudding is a
proxy which recodes HTTP requests using most of RFP's IDS evasion
encoding methods, plus random UTF-8 encoding support. Allows any web
aware program/exploit/cgi-scanner to evade IDS without modification of
the original code. Encoding methods include all uppercase, hex encoding,
/./ directory insertion, fake parameters, premature URL endings, windows
delimiters, and random UTF8 encoding
Download
(c59f537e8c2babca36afbce55c28089b)
desperate.tgz
Desperate is a
collection of tools used to extract of usernames via EXPN and finger, and
obtaining IP addresses via "brute force" DNS lookups. Contains lists of
commonly used usernames and DNS names. Coded in PERL.
Download
(3f4a9327eb0650a87901c43df92f9eef)
go.pl
Go.pl allows
you to scan ports through a misconfigured squid proxy.
Download
(241ff8ce887607227d0218d5ed556c80)
6thSense.tgz
6thsense is a
TCP port scanning technique which allows you to remain completely
invisible to the scanned host, as described in a Bugtraq post by Antirez.
This perl script automates the tedious process.
Download
(b515cb557d2ecee5dd291ab09118c6a8)
sensedecode.tgz
Sensedecode.tgz
includes 2 perl scripts which exploit the IIS url decoding bug.
Decodecheck.pl checks for hosts that have the "decode" problem, and
decodexecute executes code using the decoding problem, with redirection.
Download
(86d5e3c61e31daab59964869741639e5)
sr.pl
Checkpoint
Firewall-1's SecureRemote allows any IP to connect and download sensitive
network information. This perl script gives a potential attacker a wealth
of information including ip addresses, network masks (and even friendly
descriptions)
Download
(64a69339c5b64edbad5cc889a991464a)
finder.pl
Finder.pl
remotely checks IIS Servers for most of the methods used by WebDAV. If
the server does not complain about the method its an indication that
WebDAV is in use.
Download
(c31f41b39801a66a3c8d24dac99eb301)
MonSoen.py
MonSoen.py
Proxy Server network scanner and tunnelling tool.
Download
(e1a33d043853791efce1677837ef23fb)
