Atelier Web Firewall Tester

AWFT tries different techniques for gaining access to the outside World without being stopped by your Personal Firewall. Many firewalls fail all tests in the default configuration. In the unlikely event your Personal Firewall passes all tests, please congratulate yourself.

AWFT 32-bit is for 32-bit editions of Windows XP and later (as of the AWFT release date). Tests 1,2 and 6 will run as well on a 64-bit Operating System due to the WoW64 facilities. Tests 3, 4 and 5 can not be performed on 64-bit Operating System by AWFT 32-bit.
AWFT 64-bit is for 64-bit editions of Windows XP and later (as of the AWFT release date),

No personal firewall passes every test without some tweaking. Some, require lots of tweaking to pass just a few tests…

Download AWFT 5.1 (32-bit)

Download AWFT 5.1 (64-bit)

BeEF - The Browser Exploitation Framework

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

Download Here :: BeEF 0.4.4.7

Source :: http://beefproject.com/

Wifite v2 (WiFi Cracking and Wireless Security Auditor)

Wifite is a one of good wireless security auditor. Wifite is a linux tool to attack multiple WEP, WPA, and WPS encrypted networks in a row. This tool is customizable to be automated with only a few arguments. Wifite aims to be the "set it and forget it" wireless auditing tool. Designed and tested on Linux; works with Backtrack 5, BlackBuntu, BackBox, and Pentoo! Linux only; no windows or OSX support. sorts targets by signal strength (in dB) cracks closest access points first. automatically de-authenticates clients of hidden networks to reveal SSIDs. all captured WPA handshakes are backed up to wifite.py's current directory.  

In Wifite v2 some new features was added as follows :- 

• support for cracking WPS-encrypted networks (via reaver)
• 2 new WEP attacks
• more accurate WPA handshake capture
• various bug fixes 

Download Here :: Wifite v2  
Source :: http://code.google.com/p/wifite/  

WAIDPS (Wireless Auditing and IDS/IPS)

WAIDPS (Wireless Auditing, Intrusion Detection and Prevention System) is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.

WAIDPS may be useful to penetration testers, wireless trainers, law enforcement agencies and those who is interested to know more about wireless auditing and protection. The primarily purpose for this script is to detect intrusion. Once wireless detect is found, it display on screen and also log to file on the attack. Additional features are added to current script where previous WIDS does not have are :

·         automatically save the attack packets into a file

·         interactive mode where users are allow to perform many functions

·         allow user to analyse captured packets

·         load previously saved pcap file or any other pcap file to be examine

·         customizing filters

·         customize detection threshold (sensitivity of IDS in detection)

At present, WAIDPS is able to detect the following wireless attacks and will subsequently add other detection found in the previous WIDS.

·         Association / Authentication flooding

·         Detect mass deauthentication which may indicate a possible WPA attack for handshake

·         Detect possible WEP attack using the ARP request replay method

·         Detect possible WEP attack using chopchop method

·         Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.

·         Detection of Evil-Twin

·         Detection of Rogue Access Point

The whole structure of the Wireless Auditing, Intrusion Detection & Prevention System will comprise of

Harvesting WiFi Information         [Done]

Intrusion Detection                         [Done]

Intrusion Prevention                       [Done]

Auditing (Testing network)            [Done]

Other additional item include analyzing of packets, display of captured dump, display network barchart and much more.

Requirements

No special equipment is required to use this script as long as you have the following :

   1. Root access (admin)

   2. Wireless interface which is capable of monitoring and injection

   3. Python 2.7 installed

   4. Aircrack-NG suiteinstalled

   5. TShark installed

   6 TCPDump installed

   7 Mergecap installed (for joining pcap files)

   8 xterm  installed

Structure of WAIDS’ Display ::

Before starting with the detail description of the whole application, WAIDPS display structures are separated in several parts. For better understanding, the structures are as below.

WiFi-Harvesting Module

- Collecting/Storing of Access Points/Stations details and the relationship with each other. [Access Points / Wireless Clients Listing]

- Displaying of unassociated station information and its probe 

[Unassociated Stations]

- Allowing user to enter MAC addresses / Names to be monitored 

[Monitoring Panel]

- Association of stations to access point, station switch from one access point to another, station acting as both a wireless client and access point, etc 

[Association/Connection Alert]

Intrusion Detection

- Capture/Analyzing of packets

- Displaying of Station/Access Point MAC addresses and detected suspicious data count [Suspicious Activity Listing]

- Displaying of analysed WEP/WPA/WPS attack pattern and its detail [Attack Detected]

Tutorials ::

Screenshots ::  Click Here
Text & Image Tutorial :: Click Here
Installation Tutorial::

https://www.youtube.com/watch?x-yt-ts=1421914688&v=aGTQAWoeujA&x-yt-cl=84503534

More Video Tutorials:  Click Here

Download ::

Linux :: WAIDPS (.py)

Source :: https://github.com/SYWorks/waidps

- See more at: http://www.toolwar.com/2014/01/wireless-ids-tools.html#sthash.VPAHMQE7.dpuf

BoNeSi (DDoS Botnet Simulator

BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks. BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly configurable and rates, data volume, source IP addresses, URLs and other parameters can be configured. There are plenty of other tools out there to spoof IP addresses with UDP and ICMP, but for TCP spoofing, there is no solution. BoNeSi is the first tool to simulate HTTP-GET floods from large-scale bot networks. BoNeSi also tries to avoid to generate packets with easy identifiable patterns (which can be filtered out easily). We highly recommend to run BoNeSi in a closed testbed environment. However, UDP and ICMP attacks could be run in the internet as well, but you should be carefull. HTTP-Flooding attacks can not be simulated in the internet, because answers from the webserver must be routed back to the host running BoNeSi. BoNeSi sniffs for TCP packets on the network interface and responds to all packets in order to establish TCP connections. For this feature, it is necessary, that all traffic from the target webserver is routed back to the host running BoNeSi 

Download Here :: BoNeSi 0.2.0.tar.gz

Source :: http://code.google.com/p/bonesi/

Golden Eye Dos

                                                 GoldenEye (DoS Testing) :: Tools

GoldenEye is a HTTP DoS test tool. This software is distributed under the GNU General Public License version 3 (GPLv3). GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

This project started by the influence of Barry Shteiman who created HULK, a Proof-of-concept tool that I decided to improve which later became GoldenEye. Kudos for you Barry! This software is written in purely Python https://www.python.org/ftp/python/3.4.2/python-3.4.2.msi.

Tutorial ::

Usages :: 

 USAGE: ./goldeneye.py <url> [OPTIONS]

 OPTIONS:
     Flag           Description                     Default
     -t, --threads      Number of concurrent threads                (default: 500)
     -m, --method       HTTP Method to use 'get' or 'post'  or 'random'         (default: get)
     -d, --debug        Enable Debug Mode [more verbose output]         (default: False)
     -h, --help         Shows this help

Download ::

Python :: GoldenEye (.py)
Source Website ::  https://github.com/jseidl/GoldenEye 

https://github.com/jseidl/GoldenEye/archive/master.zip