Kee Posted October 21, 2012 Share Posted October 21, 2012 Hi, I was wondering about any and all suggestions about setting up a practice hacking network at home? The objective would be to have a relatively good simulation of a network you might find in the field and to have multiple different types of security, so that different methods and programs would have to be used. Any and all suggestions are welcome, Thanks. Quote Link to comment Share on other sites More sharing options...
Radau Posted October 21, 2012 Share Posted October 21, 2012 If I were you I'd start off with Virtualbox if you have the power to run it. If you do that you wont need dedicated hardware for every host, just be sure to isolate the network. Plenty of exploitable target virtual machines you can download too like metasploitable, ultimatelamp, the list really goes on and on. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 21, 2012 Share Posted October 21, 2012 Here's a couple of old threads to help you out. Quote Link to comment Share on other sites More sharing options...
Kee Posted October 22, 2012 Author Share Posted October 22, 2012 Thank you for the ideas. The problem I think of with using a virtual machine is that if I want to use mostly windows machines since it's currently the most common OS in the field, I would have to have separate licenses for each VM I set up. Am I correct in that statement or do I just not know enough about Virtual Machines? Quote Link to comment Share on other sites More sharing options...
Radau Posted October 22, 2012 Share Posted October 22, 2012 Thank you for the ideas. The problem I think of with using a virtual machine is that if I want to use mostly windows machines since it's currently the most common OS in the field, I would have to have separate licenses for each VM I set up. Am I correct in that statement or do I just not know enough about Virtual Machines? You would need separate licenses if this was within a business, but since you're a home user I believe you can run it unlicensed (the activate windows later option). Downside to this is I don't think you really get to update. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 22, 2012 Share Posted October 22, 2012 You can only run your WIndows copy, unlicensed for 30 days. After the 30 days grace period is over, you must activate your Windows copy in order to continue using it. In addition, to avoid buying licenses, you can make several copies of your first virtual machine and run them, as if they were installed individually. That's what I did in the past, and was able to run them without any problems. Furthermore, you will need to change the hostname on each of the VMs, or you will get conflicting error messages, sayng that there is already another host on the network with this same name. Quote Link to comment Share on other sites More sharing options...
Kee Posted October 22, 2012 Author Share Posted October 22, 2012 So just keep copying machines whenever one comes close to expiring? Sounds good to me. Again since I am pretty darned new to this, so I have to ask whether I would want these VM's hosted on a single machine and then attack them with a different machine, or could I just do an all in one? Again thanks for all the help. Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted October 25, 2012 Share Posted October 25, 2012 http://g0tmi1k.blogspot.com/ has a post and : http://www.owasp.org/index.php/Phoenix/Tools ========================= LiveCDs Monday, January 29, 2007 4:02 PM 828569600 AOC_Labrat-ALPHA-0010.iso - http://www.packetfocus.com/hackos/ DVL (Damn Vulnerable Linux) - http://www.damnvulnerablelinux.org/ Test sites / testing grounds SPI Dynamics (live) - http://zero.webappsecurity.com/ Cenzic (live) - http://crackme.cenzic.com/ Watchfire (live) - http://demo.testfire.net/ Acunetix (live) - http://testphp.acunetix.com/ http://testasp.acunetix.com http://testaspnet.acunetix.com WebMaven / Buggy Bank - http://www.mavensecurity.com/webmaven Foundstone SASS tools - http://www.foundstone.com/us/resources-free-tools.asp Updated HackmeBank - http://www.o2-ounceopen.com/technical-info/2008/12/8/updated-version-of-hacmebank.html OWASP WebGoat - http://www.owasp.org/index.php/OWASP_WebGoat_Project OWASP SiteGenerator - http://www.owasp.org/index.php/Owasp_SiteGenerator Stanford SecuriBench - http://suif.stanford.edu/~livshits/securibench/ SecuriBench Micro - http://suif.stanford.edu/~livshits/work/securibench-micro/ HTTP proxying / editing WebScarab - http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project Burp - http://www.portswigger.net/ Paros - http://www.parosproxy.org/ Fiddler - http://www.fiddlertool.com/ Web Proxy Editor - http://www.microsoft.com/mspress/companion/0-7356-2187-X/ Pantera - http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project Suru - http://www.sensepost.com/research/suru/ httpedit (curses-based) - http://www.neutralbit.com/en/rd/httpedit/ Charles - http://www.xk72.com/charles/ Odysseus - http://www.bindshell.net/tools/odysseus Burp, Paros, and WebScarab for Mac OS X - http://www.corsaire.com/downloads/ Web-application scanning tool from `Network Security Tools'/O'Reilly - http://examples.oreilly.com/networkst/ JS Commander - http://jscmd.rubyforge.org/ Ratproxy - http://code.google.com/p/ratproxy/ RSnake's XSS cheat sheet based-tools, webapp fuzzing, and encoding tools Wfuzz - http://www.edge-security.com/wfuzz.php ProxMon - http://www.isecpartners.com/proxmon.html Wapiti - http://wapiti.sourceforge.net/ Grabber - http://rgaucher.info/beta/grabber/ XSSScan - http://darkcode.ath.cx/scanners/XSSscan.py CAL9000 - http://www.owasp.org/index.php/Category:OWASP_CAL9000_Project HTMangLe - http://www.fishnetsecurity.com/Tools/HTMangLe/publish.htm JBroFuzz - http://sourceforge.net/projects/jbrofuzz XSSFuzz - http://ha.ckers.org/blog/20060921/xssfuzz-released/ WhiteAcid's XSS Assistant - http://www.whiteacid.org/greasemonkey/ Overlong UTF - http://www.microsoft.com/mspress/companion/0-7356-2187-X/ [TGZ] MielieTool (SensePost Research) - http://packetstormsecurity.org/UNIX/utilities/mielietools-v1.0.tgz RegFuzzer: test your regular expression filter - http://rgaucher.info/b/index.php/post/2007/05/26/RegFuzzer%3A-Test-your-regular-expression-filter screamingCobra - http://www.dachb0den.com/projects/screamingcobra.html SPIKE and SPIKE Proxy - http://immunitysec.com/resources-freesoftware.shtml RFuzz - http://rfuzz.rubyforge.org/ WebFuzz - http://www.codebreakers-journal.com/index.php?option=com_content&task=view&id=112&Itemid=99999999 TestMaker - http://www.pushtotest.com/Docs/downloads/features.html ASP Auditor - http://michaeldaw.org/projects/asp-auditor-v2/ WSTool - http://wstool.sourceforge.net/ Web Hack Control Center (WHCC) - http://ussysadmin.com/whcc/ Web Text Converter - http://www.microsoft.com/mspress/companion/0-7356-2187-X/ HackBar (Firefox Add-on) - https://addons.mozilla.org/firefox/3899/ Net-Force Tools (NF-Tools, Firefox Add-on) - http://www.net-force.nl/library/downloads/ PostIntercepter (Greasemonkey script) - http://userscripts.org/scripts/show/743 HTTP general testing / fingerprinting Wbox: HTTP testing tool - http://hping.org/wbox/ ht://Check - http://htcheck.sourceforge.net/ Mumsie - http://www.lurhq.com/tools/mumsie.html WebInject - http://www.webinject.org/ Torture.pl Home Page - http://stein.cshl.org/~lstein/torture/ JoeDog's Seige - http://www.joedog.org/JoeDog/Siege/ OPEN-LABS: metoscan (http method testing) - http://www.open-labs.org/ Load-balancing detector - http://ge.mine.nu/lbd.html HMAP - http://ujeni.murkyroc.com/hmap/ Net-Square: httprint - http://net-square.com/httprint/ Wpoison: http stress testing - http://wpoison.sourceforge.net/ Net-square: MSNPawn - http://net-square.com/msnpawn/index.shtml hcraft: HTTP Vuln Request Crafter - http://druid.caughq.org/projects/hcraft/ rfp.labs: LibWhisker - http://www.wiretrip.net/rfp/lw.asp Nikto - http://www.cirt.net/code/nikto.shtml twill - http://twill.idyll.org/ DirBuster - http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project [ZIP] DFF Scanner - http://security-net.biz/files/dff/DFF.zip [ZIP] The Elza project - http://packetstormsecurity.org/web/elza-1.4.7-beta.zip http://www.stoev.org/elza.html HackerFox and Hacking Addons Bundled: Portable Firefox with web hacking addons bundled - http://sf.net/projects/hackfox Browser-based HTTP tampering / editing / replaying TamperIE - http://www.bayden.com/Other/ isr-form - http://www.infobyte.com.ar/developments.html Modify Headers (Firefox Add-on) - http://modifyheaders.mozdev.org/ Tamper Data (Firefox Add-on) - http://tamperdata.mozdev.org/ UrlParams (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1290/ TestGen4Web (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1385/ DOM Inspector / Inspect This (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1806/ https://addons.mozilla.org/en-US/firefox/addon/1913/ LiveHTTPHeaders / Header Monitor (Firefox Add-on) - http://livehttpheaders.mozdev.org/ https://addons.mozilla.org/en-US/firefox/addon/575/ Cookie editing / poisoning [TGZ] stompy: session id tool - http://lcamtuf.coredump.cx/stompy.tgz Add'N Edit Cookies (AnEC, Firefox Add-on) - http://addneditcookies.mozdev.org/ CookieCuller (Firefox Add-on) - http://cookieculler.mozdev.org/ CookiePie (Firefox Add-on) - http://www.nektra.com/oss/firefox/extensions/cookiepie/ CookieSpy - http://www.codeproject.com/shell/cookiespy.asp Cookies Explorer - http://www.dutchduck.com/Features/Cookies.aspx Ajax and XHR scanning Sahi - http://sahi.co.in/ scRUBYt - http://scrubyt.org/ jQuery - http://jquery.com/ jquery-include - http://www.gnucitizen.org/projects/jquery-include Sprajax - http://www.denimgroup.com/sprajax.html Watir - http://wtr.rubyforge.org/ Watij - http://watij.com/ Watin - http://watin.sourceforge.net/ RBNarcissus - http://idontsmoke.co.uk/2005/rbnarcissus/ SpiderTest (Spider Fuzz plugin) - http://blog.caboo.se/articles/2007/2/21/the-fabulous-spider-fuzz-plugin Javascript Inline Debugger (jasildbg) - http://jasildbg.googlepages.com/ Firebug Lite - http://www.getfirebug.com/lite.html firewaitr - http://code.google.com/p/firewatir/ RSS extensions and caching LiveLines (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/324/ rss-cache - http://www.dubfire.net/chris/projects/rss-cache/ SQL injection scanning 0x90.org: home of Absinthe, Mezcal, etc - http://0x90.org/releases.php SQLiX - http://www.owasp.org/index.php/Category:OWASP_SQLiX_Project sqlninja: a SQL Server injection and takover tool - http://sqlninja.sourceforge.net/ JustinClarke's SQL Brute - http://www.justinclarke.com/archives/2006/03/sqlbrute.html BobCat - http://www.northern-monkee.co.uk/projects/bobcat/bobcat.html sqlmap - http://sqlmap.sourceforge.net/ Scully: SQL Server DB Front-End and Brute-Forcer - http://www.sensepost.com/research/scully/ FG-Injector - http://www.flowgate.net/?lang=en&seccion=herramientas PRIAMOS - http://www.priamos-project.com/ Web application security malware, backdoors, and evil code W3AF: Web Application Attack and Audit Framework - http://w3af.sourceforge.net/ Jikto - http://busin3ss.name/jikto-in-the-wild/ XSS Shell - http://ferruh.mavituna.com/article/?1338 XSS-Proxy - http://xss-proxy.sourceforge.net AttackAPI - http://www.gnucitizen.org/projects/attackapi/ FFsniFF - http://azurit.elbiahosting.sk/ffsniff/ HoneyBlog's web-based junkyard - http://honeyblog.org/junkyard/web-based/ BeEF - http://www.bindshell.net/tools/beef/ Firefox Extension Scanner (FEX) - http://www.gnucitizen.org/projects/fex/ What is my IP address? - http://reglos.de/myaddress/ xRumer: blogspam automation tool - http://www.botmaster.net/movies/XFull.htm SpyJax - http://www.merchantos.com/makebeta/tools/spyjax/ Greasecarnaval - http://www.gnucitizen.org/projects/greasecarnaval Technika - http://www.gnucitizen.org/projects/technika/ Load-AttackAPI bookmarklet - http://www.gnucitizen.org/projects/load-attackapi-bookmarklet MD's Projects: JS port scanner, pinger, backdoors, etc - http://michaeldaw.org/my-projects/ Web application services that aid in web application security assessment Netcraft - http://www.netcraft.net AboutURL - http://www.abouturl.com/ The Scrutinizer - http://www.scrutinizethis.com/ net.toolkit - http://clez.net/ ServerSniff - http://www.serversniff.net/ Online Microsoft script decoder - http://www.greymagic.com/security/tools/decoder/ Webmaster-Toolkit - http://www.webmaster-toolkit.com/ myIPNeighbbors, et al - http://digg.com/security/MyIPNeighbors_Find_Out_Who_Else_is_Hosted_on_Your_Site_s_IP_Address PHP charset encoding - http://h4k.in/encoding data: URL testcases - http://h4k.in/dataurl Browser-based security fuzzing / checking Zalewski's MangleMe - http://lcamtuf.coredump.cx/mangleme/mangle.cgi hdm's tools: Hamachi, CSSDIE, DOM-Hanoi, AxMan - http://metasploit.com/users/hdm/tools/ Peach Fuzzer Framework - http://peachfuzz.sourceforge.net/ TagBruteForcer - http://research.eeye.com/html/tools/RT20060801-3.html PROTOS Test-Suite: c05-http-reply - http://www.ee.oulu.fi/research/ouspg/protos/testing/c05/http-reply/index.html COMRaider - http://labs.idefense.com bcheck - http://bcheck.scanit.be/bcheck/ Stop-Phishing: Projects page - http://www.indiana.edu/~phishing/?projects LinkScanner - http://linkscanner.explabs.com/linkscanner/default.asp BrowserCheck - http://www.heise-security.co.uk/services/browsercheck/ Cross-browser Exploit Tests - http://www.jungsonnstudios.com/cool.php Stealing information using DNS pinning demo - http://www.jumperz.net/index.php?i=2&a=1&b=7 Javascript Website Login Checker - http://ha.ckers.org/weird/javascript-website-login-checker.html Mozilla Activex - http://www.iol.ie/~locka/mozilla/mozilla.htm Jungsonn's Black Dragon Project - http://blackdragon.jungsonnstudios.com/ Mr. T (Master Recon Tool, includes Read Firefox Settings PoC) - http://ha.ckers.org/mr-t/ Vulnerable Adobe Plugin Detection For UXSS PoC - http://www.0x000000.com/?i=324 About Flash: is your flash up-to-date? - http://www.macromedia.com/software/flash/about/ Test your installation of Java software - http://java.com/en/download/installed.jsp?detect=jre&try=1 WebPageFingerprint - Light-weight Greasemonkey Fuzzer - http://userscripts.org/scripts/show/30285 PHP static analysis and file inclusion scanning PHP-SAT.org: Static analysis for PHP - http://www.program-transformation.org/PHP/ Unl0ck Research Team: tool for searching in google for include bugs - http://unl0ck.net/tools.php FIS: File Inclusion Scanner - http://www.segfault.gr/index.php?cat_id=3&cont_id=25 PHPSecAudit - http://developer.spikesource.com/projects/phpsecaudit PHP Defensive Tools PHPInfoSec - Check phpinfo configuration for security - http://phpsec.org/projects/phpsecinfo/ A Greasemonkey Replacement can be found at http://yehg.net/lab/#tools.greasemonkey Php-Brute-Force-Attack Detector - Detect your web servers being scanned by brute force tools such as WFuzz, OWASP DirBuster and vulnerability scanners such as Nessus, Nikto, Acunetix ..etc. http://yehg.net/lab/pr0js/files.php/php_brute_force_detect.zip PHP-Login-Info-Checker - Strictly enforce admins/users to select stronger passwords. It tests cracking passwords against 4 rules. It has also built-in smoke test page via url loginfo_checker.php?testlic http://yehg.net/lab/pr0js/files.php/loginfo_checkerv0.1.zip http://yehg.net/lab/pr0js/files.php/phploginfo_checker_demo.zip php-DDOS-Shield - A tricky script to prevent idiot distributed bots which discontinue their flooding attacks by identifying HTTP 503 header code. http://code.google.com/p/ddos-shield/ PHPMySpamFIGHTER - http://yehg.net/lab/pr0js/files.php/phpmyspamfighter.zip http://yehg.net/lab/pr0js/files.php/phpMySpamFighter_demo.rar Web Application Firewall (WAF) and Intrusion Detection (APIDS) rules and resources APIDS on Wikipedia - http://en.wikipedia.org/wiki/APIDS PHP Intrusion Detection System (PHP-IDS) - http://php-ids.org/ http://code.google.com/p/phpids/ dotnetids - http://code.google.com/p/dotnetids/ Secure Science InterScout - http://www.securescience.com/home/newsandevents/news/interscout1.0.html Remo: whitelist rule editor for mod_security - http://remo.netnea.com/ GotRoot: ModSecuirty rules - http://www.gotroot.com/tiki-index.php?page=mod_security+rules The Web Security Gateway (WSGW) - http://wsgw.sourceforge.net/ mod_security rules generator - http://noeljackson.com/tools/modsecurity/ Mod_Anti_Tamper - http://www.wisec.it/projects.php?id=3 [TGZ] Automatic Rules Generation for Mod_Security - http://www.wisec.it/rdr.php?fn=/Projects/Rule-o-matic.tgz AQTRONIX WebKnight - http://www.aqtronix.com/?PageID=99 Akismet: blog spam defense - http://akismet.com/ Samoa: Formal tools for securing web services - http://research.microsoft.com/projects/samoa/ Web services enumeration / scanning / fuzzing WebServiceStudio2.0 - http://www.codeplex.com/WebserviceStudio Net-square: wsChess - http://net-square.com/wschess/index.shtml WSFuzzer - http://www.owasp.org/index.php/Category:OWASP_WSFuzzer_Project SIFT: web method search tool - http://www.sift.com.au/73/171/sift-web-method-search-tool.htm iSecPartners: WSMap, WSBang, etc - http://www.isecpartners.com/tools.html Web application non-specific static source-code analysis Pixy: a static analysis tool for detecting XSS vulnerabilities - http://www.seclab.tuwien.ac.at/projects/pixy/ Brixoft.Net: Source Edit - http://www.brixoft.net/prodinfo.asp?id=1 Security compass web application auditing tools (SWAAT) - http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project An even more complete list here - http://www.cs.cmu.edu/~aldrich/courses/654/tools/ A nice list that claims some demos available - http://www.cs.cmu.edu/~aldrich/courses/413/tools.html A smaller, but also good list - http://spinroot.com/static/ Yasca: A highly extensible source code analysis framework; incorporates several analysis tools into one package. http://www.yasca.org/ Static analysis for C/C++ (CGI, ISAPI, etc) in web applications RATS - http://www.securesoftware.com/resources/download_rats.html ITS4 - http://www.cigital.com/its4/ FlawFinder - http://www.dwheeler.com/flawfinder/ Splint - http://www.splint.org/ Uno - http://spinroot.com/uno/ BOON (Buffer Overrun detectiON) - http://www.cs.berkeley.edu/~daw/boon/ http://boon.sourceforge.net Valgrind - http://www.valgrind.org/ Java static analysis, security frameworks, and web application security tools LAPSE - http://suif.stanford.edu/~livshits/work/lapse/ HDIV Struts - http://hdiv.org/ Orizon - http://sourceforge.net/projects/orizon/ FindBugs: Find bugs in Java programs - http://findbugs.sourceforge.net/ PMD - http://pmd.sourceforge.net/ CUTE: A Concolic Unit Testing Engine for C and Java - http://osl.cs.uiuc.edu/~ksen/cute/ EMMA - http://emma.sourceforge.net/ JLint - http://jlint.sourceforge.net/ Java PathFinder - http://javapathfinder.sourceforge.net/ Fujaba: Move between UML and Java source code - http://wwwcs.uni-paderborn.de/cs/fujaba/ Checkstyle - http://checkstyle.sourceforge.net/ Cookie Revolver Security Framework - http://sourceforge.net/projects/cookie-revolver tinapoc - http://sourceforge.net/projects/tinapoc jarsigner - http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/jarsigner.html Solex - http://solex.sourceforge.net/ Java Explorer - http://metal.hurlant.com/jexplore/ HTTPClient - http://www.innovation.ch/java/HTTPClient/ another HttpClient - http://jakarta.apache.org/commons/httpclient/ a list of code coverage and analysis tools for Java - http://mythinkpond.blogspot.com/2007/06/java-foss-freeopen-source-software.html Microsoft .NET static analysis and security framework tools, mostly for ASP.NET and ASP.NET AJAX, but also C# and VB.NET * Visual Studio 2008 Code Analysis, available in: o VSTS 2008 Development Edition (http://msdn.microsoft.com/vsts2008/products/bb933752.aspx) and o VSTS 2008 Team Suite (http://msdn.microsoft.com/vsts2008/products/bb933735.aspx) * Visual Studio 2005 Code Analyzer, available in: o Visual Studio 2005 Team Edition for Software Developers (http://msdn.microsoft.com/en-us/vstudio/aa718806.aspx) o Visual Studio 2005 Team Suite (http://msdn.microsoft.com/en-us/vstudio/aa718806.aspx) * Web Development Helper - http://www.nikhilk.net/Project.WebDevHelper.aspx * FxCop: o (blog) http://blogs.msdn.com/fxcop/ o (download) http://code.msdn.microsoft.com/codeanalysis * Microsoft internal tools you can't have yet: o http://www.microsoft.com/windows/cse/pa_projects.mspx o http://research.microsoft.com/Pex/ o http://www.owasp.org/images/5/5b/OWASP_IL_7_FuzzGuru.pdf Threat modeling Microsoft Threat Analysis and Modeling Tool v2.1 (TAM) - http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1-944703479451&displaylang=en Amenaza: Attack Tree Modeling (SecurITree) - http://www.amenaza.com/software.php Octotrike - http://www.octotrike.org/ Add-ons for Firefox that help with general web application security Web Developer Toolbar - https://addons.mozilla.org/firefox/60/ Plain Old Webserver (POW) - https://addons.mozilla.org/firefox/3002/ XML Developer Toolbar - https://addons.mozilla.org/firefox/2897/ Public Fox - https://addons.mozilla.org/firefox/3911/ XForms Buddy - http://beaufour.dk/index.php?sec=misc&pagename=xforms MR Tech Local Install - http://www.mrtech.com/extensions/local_install/ Nightly Tester Tools - http://users.blueprintit.co.uk/~dave/web/firefox/buildid/index.html IE Tab - https://addons.mozilla.org/firefox/1419/ User-Agent Switcher - https://addons.mozilla.org/firefox/59/ ServerSwitcher - https://addons.mozilla.org/firefox/2409/ HeaderMonitor - https://addons.mozilla.org/firefox/575/ RefControl - https://addons.mozilla.org/firefox/953/ refspoof - https://addons.mozilla.org/firefox/667/ No-Referrer - https://addons.mozilla.org/firefox/1999/ LocationBar^2 - https://addons.mozilla.org/firefox/4014/ SpiderZilla - http://spiderzilla.mozdev.org/ Slogger - https://addons.mozilla.org/en-US/firefox/addon/143 Fire Encrypter - https://addons.mozilla.org/firefox/3208/ Add-ons for Firefox that help with Javascript and Ajax web application security Selenium IDE - http://www.openqa.org/selenium-ide/ Firebug - http://www.joehewitt.com/software/firebug/ Venkman - http://www.mozilla.org/projects/venkman/ Chickenfoot - http://groups.csail.mit.edu/uid/chickenfoot/ Greasemonkey - http://www.greasespot.net/ Greasemonkey compiler - http://www.letitblog.com/greasemonkey-compiler/ User script compiler - http://arantius.com/misc/greasemonkey/script-compiler Extension Developer's Extension (Firefox Add-on) - http://ted.mielczarek.org/code/mozilla/extensiondev/ Smart Middle Click (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/3885/ Bookmarklets that aid in web application security RSnake's security bookmarklets - http://ha.ckers.org/bookmarklets.html BMlets - http://optools.awardspace.com/bmlet.html Huge list of bookmarklets - http://www.squarefree.com/bookmarklets/ Blummy: consists of small widgets, called blummlets, which make use of Javascript to provide rich functionality - http://www.blummy.com/ Bookmarklets every blogger should have - http://www.micropersuasion.com/2005/10/bookmarklets_ev.html Flat Bookmark Editing (Firefox Add-on) - http://n01se.net/chouser/proj/mozhack/ OpenBook and Update Bookmark (Firefox Add-ons) - http://www.chuonthis.com/extensions/ SSL certificate checking / scanning [ZIP] THCSSLCheck - http://thc.org/root/tools/THCSSLCheck.zip [ZIP] Foundstone SSLDigger - http://www.foundstone.com/us/resources/termsofuse.asp?file=ssldigger.zip Cert Viewer Plus (Firefox Add-on) - https://addons.mozilla.org/firefox/1964/ Honeyclients, Web Application, and Web Proxy honeypots Honeyclient Project: an open-source honeyclient - http://www.honeyclient.org/trac/ HoneyC: the low-interaction honeyclient - http://honeyc.sourceforge.net/ Capture: a high-interaction honeyclient - http://capture-hpc.sourceforge.net/ Google Hack Honeypot - http://ghh.sourceforge.net/ PHP.Hop - PHP Honeynet Project - http://www.rstack.org/phphop/ SpyBye - http://www.monkey.org/~provos/spybye/ Honeytokens - http://www.securityfocus.com/infocus/1713 Blackhat SEO and maybe some whitehat SEO SearchStatus (Firefox Add-on) - http://www.quirk.biz/searchstatus/ SEO for Firefox (Firefox Add-on) - http://tools.seobook.com/firefox/seo-for-firefox.html SEOQuake (Firefox Add-on) - http://www.seoquake.com/ Footprinting for web application security Evolution - http://www.paterva.com/evolution-e.html GooSweep - http://www.mcgrewsecurity.com/projects/goosweep/ Aura: Google API Utility Tools - http://www.sensepost.com/research/aura/ Edge-Security tools - http://www.edge-security.com/soft.php Fierce Domain Scanner - http://ha.ckers.org/fierce/ Googlegath - http://www.nothink.org/perl/googlegath/ Advanced Dork (Firefox Add-on) - https://addons.mozilla.org/firefox/2144/ Passive Cache (Firefox Add-on) - https://addons.mozilla.org/firefox/977/ CacheOut! (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1453/ BugMeNot Extension (Firefox Add-on) - http://roachfiend.com/archives/2005/02/07/bugmenot/ TrashMail.net Extension (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1813/ DiggiDig (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2819/ Digger (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1467/ Database security assessment Scuba by Imperva Database Vulnerability Scanner - http://www.imperva.com/scuba/ Browser Defenses DieHard - http://www.diehard-software.org/ LocalRodeo (Firefox Add-on) - http://databasement.net/labs/localrodeo/ NoMoXSS - http://www.seclab.tuwien.ac.at/projects/jstaint/ Request Rodeo - http://savannah.nongnu.org/projects/requestrodeo FlashBlock (Firefox Add-on) - http://flashblock.mozdev.org/ CookieSafe (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2497 NoScript (Firefox Add-on) - http://www.noscript.net/ FormFox (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1579/ Adblock (Firefox Add-on) - http://adblock.mozdev.org/ httpOnly in Firefox (Firefox Add-on) - http://blog.php-security.org/archives/40-httpOnly-Cookies-in-Firefox-2.0.html SafeCache (Firefox Add-on) - http://www.safecache.com/ SafeHistory (Firefox Add-on) - http://www.safehistory.com/ PrefBar (Firefox Add-on) - http://prefbar.mozdev.org/ All-in-One Sidebar (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1027/ QArchive.org web file checker (Firefox Add-on) - https://addons.mozilla.org/firefox/4115/ Update Notified (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2098/ FireKeeper - http://firekeeper.mozdev.org/ Greasemonkey: XSS Malware Script Detector - http://yehg.net/lab/#tools.greasemonkey Browser Privacy TrackMeNot (Firefox Add-on) - https://addons.mozilla.org/firefox/3173/ Privacy Bird - http://www.privacybird.com/ Application and protocol fuzzing (random instead of targeted) Sulley - http://fuzzing.org/ taof: The Art of Fuzzing - http://sourceforge.net/projects/taof/ zzuf: multipurpose fuzzer - http://sam.zoy.org/zzuf/ autodaf¨¦: an act of software torture - http://autodafe.sourceforge.net/ EFS and GPF: Evolutionary Fuzzing System - http://www.appliedsec.com/resources.html Subject: Infosec Learning Free Information Security Learning https://class.coursera.org/inforiskman-2012-001/auth/welcome?type=logout&visiting=%2Finforiskman-2012-001%2Fclass%2Findex http://blackhatacademy.net/ http://hackademy.hackaserver.com/login/index.php Learning Sheet http://pentest.cryptocity.net/careers/ Compiled List of vuln os http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/ http://bailey.st/blog/2010/11/30/linux-penetration-testing-distributions-list/ http://bailey.st/blog/2010/09/14/pentest-lab-vulnerable-servers-applications-list/ vuln os https://www.pentesterlab.com/ http://forums.heorot.net/viewtopic.php?f=15&t=189 http://pentestlab.org/ http://www.kioptrix.com/blog/ http://exploit.co.il/projects/vuln-web-app/ http://sourceforge.net/projects/virtualhacking/?source=recommended http://sourceforge.net/projects/null-gameover/?source=recommended http://sourceforge.net/projects/holynix/?source=directory http://sourceforge.net/projects/lampsecurity/?source=directory http://sourceforge.net/projects/matriux/ http://sourceforge.net/projects/torbox/?source=directory http://sourceforge.net/projects/remnux/?source=directory http://sourceforge.net/projects/vicnum/?source=recommended http://sourceforge.net/projects/livehacking/ http://sourceforge.net/projects/samurai/ http://sourceforge.net/projects/nodezero/ http://sourceforge.net/projects/blackbuntu/ http://sourceforge.net/projects/virtualhacking/files/os/de-ice/ http://sourceforge.net/projects/lampsecurity/files/ Onlne Labs https://www.hacking-lab.com/Remote_Sec_Lab/livecd.html http://www.enigmagroup.org/ http://www.hackthissite.org/ http://www.hellboundhackers.org/ http://www.hackerslab.org/eorg/index.html http://haxme.org/ http://www.dareyourmind.net/ http://www.try2hack.nl/ http://www.astalavista.com/ https://www.pentesterlab.com/exercises Online CTF's http://hackergames.net/ http://www.overthewire.org/wargames/ http://www.zeroidentity.org/ http://www.smashthestack.org/index.php Quote Link to comment Share on other sites More sharing options...
ghosthunter007 Posted October 27, 2012 Share Posted October 27, 2012 (edited) Wow operat0r_001 quite a collection of links, most of them are redundant information. Not everyone has the cash flow but if you do here is what I setup. Xenserver 6.0 on a PE1950 III server 600GB SAS SCSI 15k RPMs 32G DDR2 ECC Ram. Using thin provisioning I am able to make fast clones of Base images in matter of seconds so if I screw something up I blow it away make a new. Perl scrip using the xe commands. PIX 520 Fire 1900 XL Catalyst Switch 4 VLans 1 Linksys Wireless router in DMZ 1 Cisco 2106 AP Air Radius WPA2-Ent NetApp FAS2020 1TB space. Now I do a lot of testing and theory hacking. The VMs I have installed. Applaince DVWA converted from VMware to Xenserver Backtrack 4 and 5 Debain Natter PFsense firewall WAF by Imperva Windows 2003 x64/32bit unpatched and patched Windows XP x64/32bit unpatched and patched Windows 7 x64/32bit unpatched and patched Windows 8 (Crap Crap Crap) Windows 2008 R2 x64/32bit patched and unpatched For remote access best compress and smooth running tool I use FreeNX by NoMachine. Its free for non commercial use and rock solid. Ubuntu 10 CentOS Crunch#! NAS Virtual Filer Solaris x86 Oracle Appliance Citrix XenApp Farm Citrix CSG Critix Concentrators. With a perl script and using the native xe commands and VBscript (Black Magic Coding) on my LandingVM I am able to control how many get fireup at once with just a couple of param settings when executing the perl script. In some consulting cases I will actually take their physical machine and make a VM from it using XenConverter 2.2 then mock their network up with the same policies and firewall rules. Then I will hammer it look for holes so on. When I find them I document the tool or tools used with methods. Then I will come up with a fix for it. This type of lab setup is very cool. VirtualBox is also a solid tool but lacks in multi VM performance once past 3 VMs. There is Xenserver free edition but I use the enterprise version. VMware is ok but I don't like their pricing model as Xenserver is flat rate unlimited VMs and no stupid Vsphere or vCenter hyper visors XenServer give a free Xencenter management tool. Also performance wise Xenserver will handle more VMs up and running as VMware Udom will choke at 20 concurrent running VMs after 3 days uptime with moderate useage. Hope this helps some. Thank You Ghosthunter007 since 1985 Edited October 27, 2012 by ghosthunter007 Quote Link to comment Share on other sites More sharing options...
Pwnd2Pwnr Posted October 28, 2012 Share Posted October 28, 2012 Money Money Money.... lol... your setup seems pricey; if you do not mind, what is the ballpark price for all of that equipment...? http://youtu.be/Ll3uipTO-4A Quote Link to comment Share on other sites More sharing options...
telot Posted October 29, 2012 Share Posted October 29, 2012 A slightly scaled down version of that for me. I have proxmox running on a oc'd 2600K i7 with 16gb ram and it screams pretty good. I run various VM's on it and attack. I also nabbed a Mikrotik router that does port mirroring so I added a security onion box to the setup as well :) Very fun telot Quote Link to comment Share on other sites More sharing options...
barry99705 Posted November 14, 2012 Share Posted November 14, 2012 I've seen proxmox mentioned a few times now, do they have a free for home use version like vmware? Quote Link to comment Share on other sites More sharing options...
ghosthunter007 Posted December 2, 2012 Share Posted December 2, 2012 Money Money Money.... lol... your setup seems pricey; if you do not mind, what is the ballpark price for all of that equipment...? PE 1950 cost me 1000.00 Fast2020 1TB 500.00 (Repo sale) Catalyst are $50.00 a pop Router $100.00 liquidation sites All the MS licensing I just use trial version so I dont have to pay for the keys. Citrix CSG is free Citric Concentator is free XenServer 6.0 1000.00 Wireless 200.00 from Cisco in San Jose after market value sale. But I have done enough consulting gigs to pay for it all 5x over. Just look for deals on the net. A little hidden secret I use to dumpster dive at technology centers and companies for gear but that got old and troubleshooting unknow issues was old but 80% of the stuff I did get worked great. Use the same rules as the cops if its in the trash its pubic. as long as the company doesnt own the land the trash can sits on. MNost land owners dont enforce that anyways. Quote Link to comment Share on other sites More sharing options...
Pwnd2Pwnr Posted December 2, 2012 Share Posted December 2, 2012 Best Buys' dumpster better watch out... here I come... Quote Link to comment Share on other sites More sharing options...
barry99705 Posted December 3, 2012 Share Posted December 3, 2012 PE 1950 cost me 1000.00 Fast2020 1TB 500.00 (Repo sale) Catalyst are $50.00 a pop Router $100.00 liquidation sites All the MS licensing I just use trial version so I dont have to pay for the keys. Citrix CSG is free Citric Concentator is free XenServer 6.0 1000.00 Wireless 200.00 from Cisco in San Jose after market value sale. But I have done enough consulting gigs to pay for it all 5x over. Just look for deals on the net. A little hidden secret I use to dumpster dive at technology centers and companies for gear but that got old and troubleshooting unknow issues was old but 80% of the stuff I did get worked great. Use the same rules as the cops if its in the trash its pubic. as long as the company doesnt own the land the trash can sits on. MNost land owners dont enforce that anyways. Careful with that one. I've seen stores charge people with theft for dumpster diving. Depending on where you live it's still the store's property until the garbage is collected. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.