Weevely 1.0 released!

/in

Here we are with a brand new Weevely release: version 1.0 brings new modules with totally refactored structure to assist remote administration tasks and penetration testing.

Here is the breakdown of the most important changes:

  • Supports of Windows and MacOS hosts environments
  • Module :net.mount, powered by HTTPfs, that mounts automagically remote filesystem to a local mountpoint
  • Module :file.edit to edit remote files with your favourite local text editor
  • Module :audit.systemfiles to find system files with bad permissions that could affect server security
  • Module :audit.phpconf to audit common PHP misconfiguration
  • SOCKS4 and SOCKS5 proxy supports
  • Totally rewritten module base structure to simplify module deploying
  • Modules arguments managament with argparse
  • Tons of bug fixes

If you are new to Weevely, start with an easy tutorial, and read the complete modules and generators lists.

BackBox Linux 3.01 released!

/in

The BackBox Team is pleased to announce the updated release of BackBox Linux, the version 3.01. This release include features such as Linux Kernel 3.2 and Xfce 4.8.

The ISO images (32bit & 64bit) can be downloaded from the following location:

https://www.backbox.org/download

What’s new

  • System improvements
  • Upstream components
  • Bug corrections
  • Performance boost
  • Improved auditing menu
  • Improved Wi-Fi dirvers (compat-wireless aircrack patched)
  • New and updated hacking tools (ex. backfuzz, beef, bluediving, cvechecker, htexploit, metasploit, set, sqlmap, websploit, weevely, wpscan, zaproxy, etc.)

System requirements

  • 32-bit or 64-bit processor
  • 512 MB of system memory (RAM)
  • 4.4 GB of disk space for installation
  • Graphics card capable of 800×600 resolution
  • DVD-ROM drive or USB port

dSploit, Android network penetration suite

/in

The BackBox team is proud to announce the release of dSploit, an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.

Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing (with common protocols dissection), real time traffic manipulation, etc.

Download the apk file or visit the official page on github.