Dear visitors! Today we present to your attention overviews of a software (programs and tools) for hacking, security analysis and penetration testing: Portable Reverse Engineering Framework, UPnP Pentest Toolkit, OLE/COM viewer and inspector, and Pinpoint tool.
PREF – Portable Reverse Engineering Framework
Author: Antonio Davide
PREF – a framework for reverse engineering, does not require installation. The basic philosophy of this tool – all in one for the analysis of binary data and file formats, as well as disassembling for any of the platforms, where run Km and Lua. Using Lua you can describe data formats, and the script automatically parses the input file according to the description. Also looks very useful functionality to compare two files, which displays the offset and the number of modified bytes. Disassembler is still mostly in its infancy, more precisely, until the loader and the processor need to describe yourself – exists only for MIPS-platform.
• availability of SDK;
• programmable parser of file formats;
• programmable disassembler;
• signature scanner;
• a visual representation of a binary file;
• string scaner;
• display of histograms;
• entropy calculator;
• highlighting the data in a binary file.
The tool has a sufficiently large number of graphic schemes and approaches for displaying binary data.
UPnP Pentest Toolkit
Author: David Middlehurst
Universal Plug and Play (UPnP) – a set of network protocols built upon open, Internet-standards and published by a consortium of multimedia and network technology. The main function of UPnP – is Universal automatic configuration of the network devices.
At the heart of it all – the well-known standards and network technologies, such as TCP / IP, HTTP and XML. This system provides automatic connection of these devices to each other and work together in a networked environment, resulting in a network (eg, home) becomes easy to configure for a larger number of users. Naturally, this is another potential attack vector in the network. And, like any goal, it requires the necessary tools. Tool UPnP Pentest Toolkit aims to bring a wide range of functions for the safety assessment UPnP, with little effort and at a high speed.
The tool is designed to help security experts in the study of UPnP-devices.
OLE/COM viewer and inspector
Author: James Forshaw
The tool from the author of a series of IE11SandboxEscapes. OleVievDotnet designed for viewing and checking OLE / COM-components. OleViewDotNet – it’s .NET 4 application, which is a tool that combines a two classic SDK tool: OleView and Test Container in one application. This allows you to find COM-objects through different ways of viewing (eg, CLSID, ProgID, and server executable), to list the interfaces of the object, and then create their copies and call their methods. It is also a base container for attacks on the ActiveX-objects – you can see data and manipulate them.
This tool was used to search for different ways to exit the sandbox of Internet Explorer 11.
To learn more about ways out of the sandbox recommend contacting the presentation: «Legacy Sandboxing – Escaping IE11 Enhanced Protected Mode» – goo.gl/xQCeJT.
Author: Kahu Security
Pinpoint – is a tool that is primarily intended for people who often colliding in their work with the drive-by download attacks.
• sending a HTTP-request in compressed or usual form;
• calculation of entropy;
• definition of secure sites;
• the ability to ignore external CSS.
See on infographic below: Software for hacking, penetration testing and security analysis.