Penetration Testing Security Reconnaissance

Network Miner 1.1 released

Network Miner 1.1 is a Network Forensic Analysis Tool that can be used to capture packets in order to detect sessions, plain text logins(user,password), hosts, open ports, certificates and dozen of other features that can be only viewed when you install it. It also support Offline analysis of PCap files that i captured using different tools/Operating systems.

Our previous post about Network Miner 1.0 can be viewed for the detail description. How ever this post is about Network Miner 1.1 release.


Network Miner 1.1 ChangeLog Summary :

  • Google Analytic’s parameters (Screen resolution,language,browser and other info)  in Network Miner under ‘Host Details’.
  • Drag n Drop pcap files directly, make sure Networkminer 1.1 is running 😀
  • Provide PCap files as a arguments using CLI interface.
  • Improvements for SMB/CIFS and NetBIOS.
  • Point-to-Point Protocol (PPP) frames Support in PCap data files.
  • Stability for load PCap data files.
Download :
Penetration Testing Security Reconnaissance

FBPwn Beta – 0.1.5 released

FBPwn is releasing new version very quickly. What we believe, It is because of the tool has some outstanding features that given developers a new thought, how facebook data can be accessed with different ways. Our previous post regarding FBPwn Beta – 0.1.4  was in detail about its strength and HowTo use it.

FBPwn Beta - 0.1.5 version contain new FEATURES and one FIX.

Summary from the Official ChangeLog

  • Exception is fixed for the issue
  • Use FBPwn through proxy
  • Check for new version / Update.
  • WallDumper module is also added
  • About dialog
Download  FBPwn-beta-0.1.5  here
Download FBPwn Video Tutorial  directly from 

Watch FBPWn video tutorial Shoot by HG Team on youtube below ;

Penetration Testing Privilege Escalation

Update FireSheep Extended – Now targets Google Search

You can find our previous post regarding HowTo use Firesheep on linux.

FireSheep is a small firefox extension that does big jobs for you 😀 e.g http sessions hijacking

What is FireSheep Extended?

This release is focused on Google search. If you are using Google Search services using a unsecured Wifi network, you searches are visible to MITM guys.

How it work?

When you are logged in on and use google searches, Google’s sid cookie is easily captured through FireSheep. As soon you see sid cookie click on it and see visited links by victim.

How to be safe from FireSheep extended release?

Don’t use Google search while you are logged in on on unsecured WiFi Networks.

What do you suggest for mitigation ? Share your thought in comments 🙂

Penetration Testing Security Reconnaissance

FBPwn – Facebook Profile Dumper

 What is FBPwn?

FBPWN is a crossplateform java based Facebook profile dumper developed by Information Security Analyst team from RISST, released under GPL License. This tiny but worth full application is still in beta phase but can do plenty of usefull jobs for you 🙂

How FBPwn works?

FBPwn sends requests to your facebook friends/polls and wait for the acceptance notification. Once your target(victim) accepts friend request, it dumps all info that includes everything(username,email,friends list, etc) it is visible.

What if your victim UnFriend/Delete from friend list you?

This application is super fast and it fetches data rapidly as soon victim access requests. It will dump all victim information including username, email, friend list, photos and other info. So it doesn’t matter if victim figures out it as a fake account because it is too late 😀

Crawl Facebook Contact list, profiles that contain email addresses and build a
mailing list of million emails contact by writing a small piece of bash script.

How to use FBPwn?

As we said, it is cross platform so it can be run on any operating system that have java installed. In our example, i am using it on BackTrack Linux.

cd FBPwn-beta-0.1.3

We have shoot FBPwn Video Tutorial. It covers how can you use this application. But due to codecs we could not upload it youtube. that will be posted soon. Stay tune.

Update – 15th Sep, 2011:

Sorry guys we couldn’t convert it, ofcourse we tried few times but failed :-D. So STOP sending Video tutorial REQUESTS emails.

Download FBPwn Video Tutorial  directly from
Malware Analysis Penetration Testing

How to Secure your Twitter and Facebook account using BitDefender SafeGo

What is BitDefender Safego?

SafeGo is a FREE online application that helps you to scan and detect dirty profiles that is activiated to flood your twitter accounts with spam. It also take care of your timeline, keeps it filtered against malicious links.

It does same care for your facebook account. It protects you from all online threads e.g malware, spam and data exposure.

For more details, you can visit official page :

How to activate it on your twitter account?

Go to Twitter App page

Click on
Activate Protection Now

Click on
Authorize app

Your Twitter is now secured! 😛

How to activate it on your Facebook account?

Go to Facebook App page

Click on
Install App

Click on

Your Facebook account is secured too 😛

It is good approach from BitDefender to developed application for facebook & twitter accounts protection. In coming days, we are expecting same apps from other competitors.

HowTos Linux Penetration Testing Security Reconnaissance

How to use SlowHTTPTest HTTP DoS Tool

Introduction :
Slow HTTP DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. SlowHTTPTest is developed by Sergey Shekyan, Who is  Developer Web Application Scanning at Qualys.

This tool is enough capable to acquire resource on server side at application layer.

How to Install SlowHTTPTest?
gunzip slowhttptest-1.1.tar.gz
tar xf slowhttptest-1.1.tar
cd slowhttptest-1.1

Configure & Compile it. You can use custom –prefix=your-location
make install

How To Use SlowHTTPTest for DoS?
slowhttptest -c 1000 -B -g -o output-file-name -i 100 -r 300 -s 10240 -u -x 20

Detailed options :

-a start start value of ranges-specifier for range header test
-b bytes limit of range-specifier for range header test
-c number of connections limited to 1024
-H, B, or R specify to slow down in headers section or in message body.
            -R enables range test
-g generate statistics in CSV and HTML formats, pattern is slow_xxx.csv/html,
   where xxx is the time and date
-i seconds interval between follow up data in seconds, per connection
-l seconds test duration in seconds
-o file custom output file path and/or name, effective if -g is specified
-r connections per second connection rate
-s bytes value of Content-Length header, if -B specified
-t verb custom verb to use
-u URL target URL, the same format you type in browser, e.g https://host:port/
-v level verbosity level of log 0-4
-x bytes max length of follow up data

Troubleshooting :

configure: error: OpenSSL is missing

Install openssl devel package on backtrack(or any debian based distro)
aptitude install libssl-dev

On CEntOS Linux :
yum install openssl-devel

SlowHTTPTest Video Tutorial :