HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, and much more. Lastly, many other helpful security, forensics and malware related tools are also present in the distribution.

Features:

• Virtual appliance based on Xubuntu 12.04 Desktop
• Distributed as a single OVA file, ready to be imported
• Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin
• Kippo SSH Honeypot, plus Kippo-Graph, Kippo2MySQL and other helpful scripts
• Dionaea malware honeypot, plus phpLiteAdmin and other helpful scripts
• Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts
• LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator, INetSim and SimH
• A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, ClamAV, ettercap, Automater, UPX, pdftk, Flasm, pdf-parser, Pyew, dex2jar and more
• Firefox plugins pre-installed, plus extra helpful software such as GParted, Terminator, VYM, Xpdf and more

Download: Honeydrive_0.1_Santa_edition.ova

Installation: After downloading the file, you simply have to import the virtual appliance to your virtual machine manager/hypervisor (suggested software: Oracle VM VirtualBox).

More Info: HoneyDrive – BruteForce Lab’s Blog

Most popular open source network discovery and security auditing tool Nmap has reached version 6.0.

The new code hit the Net last Monday, complete with a message from coder Gordon Lyon, aka Fyodor, that the new version represents “almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009.”

Fyodor recommends all users upgrade to the new version, so they can get their hands on 289 new scripts and a host of new features.

Top Improvements:

• Enhanced Nmap Scripting Engine (NSE)
• Better Web Scanning
• Full IPv6 Support
• New Nping Tool
• Better Zenmap GUI and Results Viewer
• Faster Scans

Download:
Linux: nmap-6.00.tar.bz2
Windows: nmap-6.00-win32.zip

Joomscan, Joomla Security Scanner is now updated to 611 vulnerabilities database.

In Joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update

Overview:
Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity. It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.

Features:

• Exact version Probing
• Common Joomla! based web application firewall detection
• Searching known vulnerabilities of Joomla! and its components
• Reporting to Text & HTML output
• Immediate update capability via scanner or svn

Requirement:
Perl 5.6 or up

Download: joomscan-latest.zip

Detects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle) Attack.

Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via MITM through ARP spoofing / ARP poisoning.

Features:
– Uses very few resources
– Uses no resources if Wi-Fi is disabled
– Nearly zero battery consumption
– Requires very few permissions. Requests only absolutely necessary permissions
– No configuration required, works off the shelf for novices
– Experts can change many settings to adapt the app to their needs
– Undetectable by the bad guy
– 100% silent and passive inside the network. Generates no noise
– Highly customizable notifications
– Plays ringtone on attack (optional)
– Vibrates in a given pattern on attack (optional)
– Easy to use one-click-interface as well as detailed network view for experts
– “Immunity” protects you without disabling Wi-Fi (root required)
– Can also disable Wi-Fi if you don’t have root access to your phone
– Logging of all spoofing attempts with details about the network and the attacker
– Works in complex wireless LANs, like vWLAN and WDS (please see FAQ)
– Detects networks already under attack
– Automatic countermeasures

Download:
https://market.android.com/details?id=com.gurkedev.wifiprotector

theHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key servers.

This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.

The sources supported are:
– Google – emails,subdomains/hostnames
– Google profiles – Employee names
– Bing search – emails, subdomains/hostnames,virtual hosts
– Pgp servers – emails, subdomains/hostnames
– Linkedin – Employee names
– Exalead – emails,subdomain/hostnames

New features:
– Time delays between requests
– XML and HTML results export
– Search a domain in all sources
– Virtual host verifier
– Shodan computer database integration
– Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
– Basic graph with stats

Some Examples:
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:

./theharvester.py -d microsoft.com -l 500 -b google

Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit.

./theharvester.py -d microsoft.com -b pgp

Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:

./theharvester.py -d microsoft.com -l 200 -b linkedin

Searching in all sources at the same time, with a limit of 200 results:

./theHarvester.py -d microsoft.com -l 200 -b all

Download: https://code.google.com/p/theharvester