YEHG .Inc | Security Hacking Tools

For those dedicated stuffs like Joomla!, we write targeted tools. For others, we add new/improve plugins in w3af (Web Application Audit and Attack Framework) for generic web application bugs. We've become a part of w3af team. Submit ideas/tool requests based on your findings/experience via the contact form.

• W3af Plugins
  1. /plugins/discovery/phpinfo.py
     We improved it by adding phpinfo() configuration audit checks feature from our greasemonkey phpinfosechecker.
     
     
  2. /plugins/discovery/fingerprint_WAF.py
     We contributed four signatures - F5 Traffic Shield, NetContinuum, TEROS, BinarySec
     
     
  3. /plugins/discovery/findBackdoor.py
     We added a dozen of new shell file names to database.
     
     
  4. /plugins/grep/findComments.py
     We added 'secret','@', 'email','security','captcha' to self._interestingWords
     
     
• Joomla! Security/Vulnerability Scanner
  Description: A regularly-updated scanner that can detect file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site.

  Requirements: Perl

  Start-Date: Dec 2008

  
  
• Web Firewall Stress Tester
  Description: A tool to be used for newly created OSS web firewall/proxy/servers 'coz I found vulnerability in this way. Submit (GET/POST/HEAD) user-defined packets to web firewall to test its security strength. Tell you at which packet length a firewall will crash. Good for Heap/buffer overflow hunting.
  [REQUEST] <----> | Web Firewall | <----> [WebServer]

  Requirements: Perl

  Date: Nov 2008

  
  
• Web Firewall Detector
  Description: Typical Web Firewalls use a mechanism to classify anomaly traffics. This tool submits an old-school malicious (not dangerous) request, and tells you the type of firewall a particular web site use (if any). Mainly useful for blackbox security assessment. Coded years ago. Ref: Web Hacking Exposed 2nd Edition, ISBN:9780072262995
  [REQUEST] <----> | Web Firewall | <----> [WebServer]

  Requirements: Perl

  Date: Nov 2008

  No longer updated. We've contributed this wafd's signatures to w3af finger_WAF.py plugin.

  
  
• WFuzzFE
  Description: WFuzz FrontEnd (WFuzz UI) is what we just wrap GUI to the all-time famous wfuzz.py by Carlos del ojo & Christian Martorella (Edge-security.com). WFuzz is known as a Web Brute Forcer. It's a tool that got its fame thanks to its multithreading and flexibility to show only desired results based on HTTP Response Code, No. of Lines/Words. When fuzzing is done, firefox will open and show the result.

  Requirements: Python, JRE 1.5 >=

  Date: Oct 2008

  
  
• NiktoFE
  Description: Nikto FrontEnd (Nikto UI) is what we just wrap GUI to the all-time famous nikto.pl by Sullo (CIRT Inc).It usually takes several minutes(even hours) for a complete scan. When it's done, firefox will open and show the result.

  Requirements: Perl, JRE 1.5 >=

  Date: Oct 2008

  
  
• Ultimate Hackerfox Addons
  Description: We've found it impossible to run Portable Firefox with several security addons thanks to our contributing testers (Ko Soe Min, http://soemin.net & Ko Phyo, http://myanmaritpros.com). To work around this problem, we zip-bundle hacking addons with runnable invokers (run.exe in Windows, run.pl in Linux). You must have firefox installed in your system. Make sure you already close any Firefox beforehand. Our Greasemonkey scripts Included .

  Download:  version-1-light MD5: 80AED846164A1AECEB5AFE0759473DF2
                  version-2 MD5: 68C581305E2C16E9D51E41C7D75ED501

  Requirement: Firefox Browser

  Date: Auguest 2008

  
  
• GreaseMonkey:: Web Security Toolkit
  Description: A collection of our Greasemonkey scripts that aim to provide security for yourself and your site. We love to write Greasemonkey scripts than Browser Addons because Greasemonkey is more flexible. Any one can view and edit source codes with ease. They will forever be compatible with any versions of Gecko browsers while most security addons are no longer compatible with new versions unless their authors take pains to modify codes for compatibility.
  Requirement: Gecko (Firefox, Flock, Netscape) Browser, GreaseMonkey Addon
  Last added Scripts Date: July 18 2008
  
  
• JHijackv.02 beta
  Description: A simple Java Fuzzer mainly used for numeric session hijacking and parameter enumeration.
  Requirement: JRE/JDK 1.4 or above
  Demonstrations:    Session Hijacking      BlindSQLInjection      HTTP Form Brute Forcing
  Documentation: aldeid.com

  Date: April 2008

  
  
• HackerFirefox
  Description: Portable Firefox With Web Hacking Tools Bundled
  Started: Dec 2007
  Featured @ at OWASP
  
  
• GoogleHacker
  Description: A lightweight Windows HTA Application useful as your regular google hacking tool on Windows platform.A comprehensive search form bundled with sensitive keywords. It's capable of saving searches on disk and directly modifying keyword files.
  Started: Sept 2007