This news might be too late , but i’ll tell you anyway . On the last January 28th , 2008 Metasploit has released the latest version of their exploit development and attack framework , Metasploit 3.1 . It’s also said that the latest version features a graphical user interface , full support for the Windows platform , and provides over 450 modules , including 25 remote exploits (w00t!) . As said by H D Moore (the project manager) on their official blog :

“Metasploit 3.1 consolidates a year of research and development, integrating ideas and code from some of the sharpest and most innovative folks in the security research community. Moore is referring the numerous research projects that have lent code to the framework.”

Some projects that have lent the code to the framework , are such as METASM pure-ruby assembler , Windows kernel-land payload , heaplib browser , lorcon 802.11 , etc

Some latest information about new exploits featured in this framework as been said on their official blog :

The latest incarnation of the framework includes a bristling arsenal of exploit modules that are sure to put a smile on the face of every information warrior. Notable exploits in the 3.1 release include a remote, unpatched kernel-land exploit for Novell Netware, written by toto, a series of 802.11 fuzzing modules that can spray the local airspace with malformed frames, taking out a wide swath of wireless-enabled devices, and a battery of exploits targeted at Borland’s InterBase product line. “I found so many holes that I just gave up releasing all of them”, said Ramon de Carvalho, founder of RISE Security, and Metasploit contributor.

Metasploit runs on Linux , Windows , MAC OS X , and BSD . For viewing the documentation , video demonstrations , documentation , and installation instructions , please visit http://metasploit3.com/.

If you have Firebug installed you will be able to use Technika bookmarklet constructing features. You can use the Firebug console to test the bookmarklet and make sure that it is working. When you are happy with your code you can easily convert it to a bookmarklet by accessing the Technika menu and selecting Build Bookmarklet.You will be asked to select the folder where you want the bookmarklet to be stored.Type the bookmarklet name and press the OK button. If later you want to modify your bookmarklet, you can select the Technika menu and choose the Load Bookmarklet option. Another useful feature of Technika is that you can set your autorunable bookmarklets on different levels and define the order of their execution.This mechanism is very similar to initrd booting mechanism on Unix/Linux. For example, if you want to develop a framework that consists of several bookmarklets, you may need to load the core libraries before the actual user scripts.

Maltego uses the method of relation-chainings between some objects (IP, DNS, website,email ,etc). What Maltego actually does is to describe the relation between those objects. For example , you want to search for everything that related to lifedork.com , hence lifedork.com will be the 1st object to be searched for. Then Maltego will search for any other object that related to the object lifedork.com , eg : lifedork.com ’s IP address , lifedork.com’s IP NetBlock , lifedor.com’s mx records , persons that related to lifedork.com. We could also dig more about what social networks that the person joins , and so on..

To try their web interface , you can go here. And to download the application you can simply click here.

Windows Installation manual can be read here :

http://insecure.org/nmap/install/inst-windows.html

Download the self-installer binaries of Nmap 4.50 (included Zenmap) :

Latest development : http://download.insecure.org/nmap/dist/nmap-4.51BETA-setup.exe

Stable version: http://download.insecure.org/nmap/dist/nmap-4.50-setup.exe

Spy Sweeper is continually evolving than ever. It runs without bogging down your system and can run quick, custom or full sweeps in record time.

This program has fifteen shields, which include shields that protect from tracking cookies, explorer hijacks, keyloggers, ad sites and much more. If you don’t know what kind of protection you want, the program will run 12 recommended shields.

After a scan, Spy Sweeper provides easy–to–understand reports. When items are detected the report assigns a level of risk and description for each item. You can then quarantine, delete or restore the discovered items. Spy Sweeper can also keep you informed of immediate threats by warning you if an application is trying to install on your computer.

Here some short steps of using Spy Sweeper :

Step 1: Sweep Now: Once the “Start” button is clicked, Spy Sweeper lists the files it scans in real-time and categorizes the number of Spyware files located on the system. Once complete, the “Next” button is highlighted to proceed to Step #2.

Step 2: Remove Spyware (and Quarantine): On this page, a list of all questionable files found on the system are displayed, along with a short description of each Spyware component. The user may then decide which system files should be quarantined and removed from the system.

Step 3: Results: After clicking on the “Next” button in Step 2, all check-marked files are quarantined. The results of the system scan (including quarantined items) are listed on Page #3.

You can download it here.

Sources : http://www.infopackets.com/channels/en/windows/gazette/2003/20030723_spy_sweeper_review.htm

http://skullbox.net/spysweep.php

Today i have been reading a lot about Web Application Malware / Web Application Worm that spreads through social networking site , like Friendster and Myspace. Embed a malicous Flash swf movie , is one of the most used technique to hack friendster account or hack myspace account as well. In the most dumbest way , you could embed a malicious Flash swf movie script into your friend’s testimonial box , and make it to be redirected to a fake login page , and let them entry their login data , it’s only one of many dumb way to hijack friendster account or to hijack myspace account.

According to the condition specified above, a useful tool called SWFintruder has been developed , and known as the first tool for testing security in Flash movies. The major features of this tool are :1. Basic predefined attack patterns

2. Highly customizable attacks

3. Highly customizable undefined variables

4. Semi automated Xss check

5. User configurable internal parameters

6. Log Window for debugging and tracking

7. History of latest 5 tested SWF files

8. ActionScript Objects runtime explorer in tree view

9. Persistent Configuration and Layout

Here are some short tutorial on SWFintruder :

- Download the SWFintruder source code from GoogleCode.

- Extract the source code into the root of your webserver.

- Browse to your http://yourfuckinhost/swfintruderdir

- Download some flawed swf files , and put it on your webserver too.

- Fill the “Flash Movie” with your desired flawed swf movie , and then click “Load”.

- If some XSS was found, it will be listed in the Xss area click on it to get the result on a new browser window.

The other video tutorial on SWFintruder can be downloaded here. Other previews about this application can be read on : Ngoprekweb.com , ProfessionalSecurityTesters.org , Ajaxian.com .

Screen shots :

For more information about download links , you might visit this page.

Other related reviews : Yamwool’s , (IT)gossips’s , derossi’s .

Malzilla is a simple software with its purpose to detect any Malware Websites that contain exploit / malicious code inside of it. Those kind of websites which has malicious VB Scripts inside the source code , could affect the visitor’s PC system as well. Malzilla also allows you to choose your own user agent and referrer, and has the ability to use proxies. Malzilla will show you the full source of webpages and all the HTTP headers.

More tutorials can be read on their official site.

More reviews can be read here.

Download link : softpedia .

SniffIM , a Yahoo and MSN Messenger Chat sniffer , is developed by the same developer of YSniff (the previous version of YM sniffer) . SniffIM is quite better than its older version , because inspite of being able to sniff Yahoo Messenger Conversation , it’s able to sniff MSN conversation too. It tries to record all the Yahoo and MSN messenger Conversation going on in a network (LAN , WLAN , etc) . SniffIM will also allow you to save the recorded / sniffed conversations into RTF files format such that you can even search for important information in those conversations.

Download : SniffIM 0.7

more reviews can be found here and here .

USB Switchblade is a handy tool developed by some dudes from Hak5 (an online hacking video podcasting media) . USB Switchblade is a tool which is installed in your usb thumbdrive which acts as a Portable Data Thief. It’s purpose is to silently recover (or steal actually?) sensitive data from target Windows 2000 , or the higher ones. Type of data which is stolen / recovered and what is does :

• password hashes
• LSA secrets
• ip informations
• Dump SAM
• Internet Explorer Password Grabber
• Windows Update Lister
• Netstat
• Messenger password Dumper
• FireFox Password Stealer
• Silent VNC installer (with external IP send)
• Username adder

How to use ?

• 1. Plug your U3 Drive in any computer with XP/2000/2003 (Requires Administrator account).
• 2. Wait about 20-45 seconds.
• 3. Eject U3 Drive.
• 4. Go home and go to “Run” in the start menu. Type in “X:\Documents\logfiles”(X = Flash Drive Letter). Press enter.
• 5. Open the text file with the computer name you got into.
• 6. That’s it.

The official Installation Guide can be read here. Other reviews can also be viewed on DragoLungu.com .