• SWAT

    SMTP SCANNER

    Download

    Licence File

    Manual

    Screenshot 1

    Screenshot 2

    Screenshot 3

    Screenshot 4

    Screenshot 5

    v 1.1

    Download

    Screenshot 1

    Screenshot 2

    v 2

       

    This application combines a few tools and enables you to condcuct a security audit on web applications. The main feature is a very comprehensive list to detect default installation files (by forced directory browsing) on various application- and web servers or CMS (like Apache Dojo, Apache Tomcat, Citrix, Cold Fusion, ContentXXL, Drupal, Fatwire, Websphere, IIS, J2EE, Jira, Jboss, Joomla, Lotus Domino, Novell, Oracle, Piwik, Plumtree, SAP, Typo3, Wordpress etc.).

    A dedicated Juniper HTTPS VPN Scanner is provided within SWAT as well as a HTTP method scanner (PUT, DELTE, OPTIONS, PROFIND, etc.)

     

    Installation: you will need .NET 4.0 (keep in mind win7 by default has only .NET 3.5!)

     

    XP, Vista, Win 7

    This tool identifies various vulnerabilities on a remote SMTP server (testing the remote SMTP deamon as well as external DB's). Tests include mail spoofing checks, attachment filtering capabilities, user verifications, black list queries, SPF queries, Open relays etc.) . Included in this tool is a sample set of malicious attachements (docs, pdf, xls etc.) that contain harmless exploits that can act as a proof of concept. A complete list of attachments to conduct a mail filter test can be obtained on request.

     

    Installation: just extract all files to the same directory and run the exe.
     

    XP, Vista, Win 7

    WWW Crawler

    DNS Scanner

    Download

    Screenshot 1

    Screenshot 2

    Screenshot 3

    Screenshot 4

    Screenshot 5

    v 3.1

    Download

    Serial Code

    Screenshot 1

    Screenshot 2

    Screenshot 3

    Screenshot 4

    Screenshot 5

    Screenshot 6

    v 2

       

    This Tool initially acts as a crawler that will spider all web pages and analyse them. You have the ability to extract predifined informations (external links, external hosts, mail adresses, comments, files etc.) or custom queries from all pages within a domain or even multiple subdomains. Additionally this tool has a strong vulnerability testing engine which will discover XSS and SQL Injection flaws.  

    Installation: just extract all files to the same directory and run the exe. No installation required.
     

    XP, Vista, Win 7

    This free tool do an information gathering based on a domain name. Try it - its pretty cool!

    Installation: just extract all files to the same directory and run the exe. No installation required.

     

    XP, Vista, Win 7

    IPv6 Portable Scanner

    Passwort/username generator

    Download

    Screenshot 1

    v 3.1

    Download

    Screenshot 1

    v 2

       

    Ever needed a small portable portscanner that does not require any installation and is able to scan IPv6 hosts? When you start testing f.ex. microsoft direct access and you feel like scanning hosts within the infrastructure tunnel this tool will definitly come handy.


     

    XP, Vista, Win 7

    Quickly want to generate a list of possible passwords or usernames? This tool helps you create a big list for any type dictionary attack. Just select a list of users or passwords and append or prepend some characters, numbers or covert them quickly into mail adresses if a login rquires this.



     

    XP, Vista, Win 7
         

    File Joiner

    Firefox file scanner

    Download

    Screenshot 1

    v 3.1

    Download

    Input Files

    Screenshot 1

    Screenshot 2

    v 3.1

       

    Need to merge a couple of exe's together? Or maybe a pdf combined with an EXE with a nice icon and some reasonable assembler info? This tool will help you. No installation required. The new EXE might be detected by some AV as malicious code. If you want a version that is not deteced by any AV drop us a line.


     

    XP, Vista, Win 7

    Did you ever wonder what default installation files you might find on a webserver - maybe even within the authenticated area? Use this firefox plugin to find out. And dont forget to download the input txt files as well!


     

    XP, Vista, Win 7
         
     

    IMPORTANT: GTTA - ETHICAL HACKING PLATTFORM AVAILABLE

    Tool announcement: If you are tired of writing long reports, collecting many tools within different flavours of OS: dont also miss our web based pentest plattform. With its simple wrappers you can quickly integrate virtually any existing script based tool out there, parse the output into our smooth RTF reports which will blow you away! Check it out here: GTTA Download


     

    If you look for the "real" PT-Tools: our IO Tools (not translated yet) are made to to conduct PT's (not vulnerability scans) and penetrate virtually every network connected to the internet. They are invisible to ANY AV (behavioral and signature based), IDS; they use DNS, HTTP, HTTPS or Exchange RPC (MAPI where the security warning gets surpressed) as protocols to communicate with the web based control center of the attacker. They can be hidden encoded within simple word or excel files - and YES: they don't require any Windows/Office vulnerability to work. Do they work? Hell yes - please challenge us with your highest protection standards!

    Last not least: if you read the Blackhat "Adventures in Bouncerland" whitepaper regarding official APPS that spy on Android Smartphones we got some news for you: no - we didn't write another whitepaper. We did a nice smooth app itsself : record phones, sms, track location changes, silently take pictures etc. and watch all the fun beeing uploaded to a webconsole from where you control the smartphone with dynamic updates using WEBVIEW.