Posted by admin on 3rd October 2008
VoIP Hopper is a free opensource security tool for Linux/Unix that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper mimicks the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments to hope into the Voice VLAN. VoIP Hopper is both a VLAN Hop test tool and a tool to test VoIP infrastructure security.
Posted in Security | 1 Comment »
Posted by admin on 8th September 2008
Sudo which is su “do” allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. The real and effective uid and gid are set to match those of the target user as specified in the passwd file and the group vector is initialized based on the group file.
Posted in Security | 5 Comments »
Posted by admin on 16th July 2008
iwlist command in Linux is used to extract more detailed information from a Wireless Network interface which may not be available from running the iwconfig command. This includes detailed information on available Wireless networks, Frequencies supported, power management support, Encryption key sizes supported, WPA keys configured on the device etc.
The general syntax is
Posted in Wireless | No Comments »
Posted by admin on 10th July 2008
Ratproxy is an opensource semi-automated, largely passive web application security audit tool from the search giant Google. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.
Posted in Security | No Comments »
Posted by admin on 10th July 2008
OWASP WebScarab is a framework for analysing HTTP and HTTPS applications. Written in Java, WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.
Posted in Security | 1 Comment »
