Online Tools For Penetration Testers and Network Admins - Part 2 - Passwrod Crackers and Text Manipulators

Click here to read part 1: Scanners

Encoders and Decoders

• Base64 Encode/Decode (Digitalpoint)
• URL Encoder/Decoder (Digitalpoint)

Hash Crackers / Reverse Lookup
Note: MD5 reverse lookup is done using per-computed MD5 tables called rainbow tables. These online tools have a very limited range

Online Tools For Penetration Testers and Network Admins - Part 1 - Scanners

In this post I have compiled a list of of online tools I regularly use for penetration testing and network troubleshooting. The main advantages is that you do not need to have your tools with you all the time and you can just visit a web site and get the thing done. They are also great if you want to test something from different IP addresses all over the world.

There are also disadvantages. If your target is not connected to the internet directly, obviously these tools wont work. These also tools have a limited functionality and if your requirement is very specific, then most of the time it cannot be done.

Configure Policy-Based Routing On Check Point Secure Platform

There's no straight-forward way to achieve policy-based routing on Check Point SPLAT (Secure Platform). Since SPLAT is Linux-based and Check Point firewalls relies on operating system routing functions, policy based routing is also archived through iproute2 - a set of utilities used to control network traffic on Linux systems. iproute2 is available with most of the Linux distributions (including SPLAT) with a kernel version above 2.2.

For more information about iproute2, please refer to the links in Additional References section of this article.

When configuring policy-based routing with iproute2 on SPLAT, there are some important point you need to remember.

1. You need to configure a routing table per policy and it's independent of your normal routing table
2. Because of that once a policy is matched only that particular table is looked for routing
3. Therefore you must manually add all the routing information (including directly connected routes) for each and every table you create
4. route --save command does not save the policy based route you configure using ip route command.

gnmap2csv - Generate a CSV File from Nmap Scan Results

I created this basic script to generate a small report from nmap scan results. It's just a quick-and-dirty bash script that can generate a CSV file from .gnmap files that are produced by nmap scanner. You can either use this for reporting or just to get a quick view of the hosts, open ports and services. It has been quite useful for me for penetration tests that I do.

The following is a sample file I generated from an nmap scan and I opened the CSV in Microsoft Excel.

Automating Penetration Tests - Part 2

This is the part 2 of the article, click here to read part 1 of the article.

Modern Approaches to Attack Graphs Generation and Analysis

In the modern approach, attack graphs are generated without the full knowledge about the network – which represents real-world scenarios. Then during the attack phase rest of the information is learned and the attack graph is altered accordingly. A planner or an intelligent mechanism such as neural network is used to analysis the graphs and then to generate attacks.

There are two notable researches papers that discusses on attack planning. Ghosh and Ghosh proposed a new approach to attack planning using a planner [35]. Then Obes et al. have used the same concept and integrated the planner to a penetration testing framework to successfully conduct a penetration test [36].