Skip Ribbon Commands
Skip to main content
Home > R&I > Tools

Research & Innovation

Resources & Tools

Resources

Description

More Info


Wireless Reconnaissance in Penetration Testing

Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information on specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling.


Buy Now


Facebook & Twitter Privacy & Security Guides

Social networking websites can be hazardous if you don’t change your default settings!

Download

Cash is King: Who's Wearing Your Crown?

If hackers were able to manipulate the world’s accounting systems, governments and corporations would be in a frenzy. Guess what? Hackers can and will.


Read More



Tools

Description

More Info



BlackPOS

SecureState has developed a custom scanning tool that retailers can use to detect BlackPOS Malware. It is also easily expandable to include new modules to detect new malware that comes out of other similar strains.  BlackPOS is the reported culprit behind recent retail data breaches, and is also known as KAPTOXA; a more advanced version of the original malware.

BlackPOS Scanning Tool Blog

Download

King Phisher

SecureState’s newest open source project designed to run email-based social engineering campaigns. SecureState set out to create a Phishing tool that would meet the highly specialized demands of their clients.

King Phisher Blog

Download


Kraken

Kraken is a tool used for rapidly foot printing the external presence of an organization. It features the ability to gather information from multiple sources and provide it to the user in a way that can easily be processed or presented, particularly for the purposes of scoping penetration tests.

Unleash the Kraken Blog

Download

Project Mayhem

A proof of concept tool that makes accounting fraud easy and potentially undetectable.

Zip file MD5: 42d4f85a7385d6e0fb501fbf1bccd51b

Project Mayhem Blog

Project Mayhem Whitepaper

Download


Termineter

Termineter is a framework that allows users to assess the security of Smart Meter utility meters over the optical interface. This is the first framework designed to give authorized individuals access to manipulate and test the security of smart meters.

Termineter Blog

Download

EAPeak

EAPeak is a Python toolkit for foot printing 802.1x wireless networks. It gathers useful information for wireless penetration testers such as supported EAP types for both clients and networks as well as identity strings and MSChap challenges when LEAP is in use. More features are still to come.

EAPeak Blog

Download



Research & Innovation Tools Page...submit a project idea!

Exploits

Description

More Info



Firebird CNCT Group Number Overflow

This module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly following the controlled read, the pointer is called resulting in code execution.

Firebird SQL Stack Buffer Overflow (CVE-2013-2492) Blog

Download

Surge FTP Command Injection

The SurgeFTP servers web-based administrative console is vulnerable to remote command injection. A specially crafted request can be sent to /cgi/surgeftpmgr.cgi to execute arbitrary commands within the context of the user running the application. An authenticated session is required to exploit this vulnerability.

Zip file MD5: 2319947afe302fdeb264cedc6c3d6369

Surge FTP Authenticated Command Execution Blog

Download

MS11-080

This module exploits a flaw in the AfdJoinLeaf function of the afd.sys driver to overwrite data in kernel space. An address within the HalDispatchTable is overwritten and when triggered with a call to NtQueryIntervalProfile will execute shellcode.

Blog: MS11-080 Revisited - Returning to Ring 0

Download

LifeSize Room

Multiple vulnerabilities within the LifeSize Room appliance. Vulnerability Summaries: Login page can be bypassed, granting administrative access to the web interface. Unauthenticated OS command injection is possible through the web interface. The easiest way to perform these attacks is using a web proxy.

LifeSize Room Advisory

Download


SiteScape TCL
Injection Sploit

Confirmation that SiteScape servers are vulnerable to TCL injection allowing remote code execution through TCL payloads. SecureState has released proof of concept exploit code for this vulnerability.

TCL Advisory TCL Whitepaper TCL Blog

Download


Metasploit Related

Description

More Info


Elevation of Privileges Exploit

SecureState has released a module for the Metasploit Framework that exploits CVE-2013-3881. This module works on Windows 7 SP0 and SP1 systems which are not patched against the vulnerability. Using this module, a penetration tester with a meterpreter session running as an underprivileged user can elevate themselves to the SYSTEM account.

Elevation of Privileges Blog

Download

MSFmap

MSFMap provides a port scanner for Meterpreter using a NMap-like syntax. It's primary benefits are speed and ease of use while not writing anything to disk. MSFMap allows penetration testers to rapidly utilize a compromised host to scan internal networks.

Msfmap

Download

Proxy Config Server

This Metasploit Framework Module facilitates serving up a preconfigured WPAD.DAT file.

Proxy Config Server Blog

Download

Liferay XSL Command Execution

This module exploits a vulnerability in the XSL parser of the XSL Content Portlet. When Tomcat is present, arbitrary code can be executed via java calls in the data fed to the Xalan XSLT processor.

Liferay Blog

Download

Page Collector

Page Collector is a module for the Metasploit Framework used for rapidly foot printing webservers in a visual manner.

Page Collector Blog

Download

CDP

Cisco Discovery Protocol Metasploit Framework Module Allows Users to Take Advantage of an Interface for Forging Raw CDP Frames -- Version 2

CDP Blog

Download

OWA Login Tool

This is a module for the Metasploit framework that enables attackers to brute force Microsoft OWA 2003 and 2007 servers. It is useful to discover passwords of known users using dictionary attacks. It uses a blend of GET and POST requests to simulate users logging into the web interface before verifying proper authentication and returning the plaintext credentials to the attacker. -- Updated

OWA Blog

Download


Standalone Utilities

Description

More Info



CAMScan

CAMScan is an automated tool used to compare a known-good list of CAMs to the current CAM table residing on a switch.

Zip file MD5: 3c018e68699875dd67a1477109050948

CAMScan Blog

Download

Syringe

Syringe is a general purpose injection utility for the windows platform. It supports injection of DLLs, and shellcode into remote processes as well execution of shellcode (via the same method of shellcodeexec). It can be very useful for executing Metasploit payloads while bypassing many popular anti-virus implementations as well as executing custom made DLLs (not included).

Syringe Blog

Download

SA Exploiter

A GUI SQL Injection tool that creates SQL injection queries and breaks the 64k barrier using MS Debugger.

Zip file MD5: 84263fceb7d042ccd7e28ae07cf8f051

 

Download