backfuzz v0.3 released

Hey guys, just announcing that v0.3 came out, new changes are:

(*) Added the ability to use different type of patterns while fuzzing (Cyclic | CyclicExtended | Single | Format-String).
(*) Removed a lot of un-useful parameters and use global variables instead.
(*) Minor Help Screen improvements.

Help Screen:



Example with CyclicExtended:



Download:

https://github.com/localh0t/backfuzz

Port Tester v0.1, firewall port testing tool

Let us suppose that during a pentest we got command execution on a remote server, but when we want to do a reverse connection to our server the connection is not established for some reason (Firewall / IPS / etc); or maybe you just want to test which ports you can access remotely from that particular server.
In that case comes into play this simple script, which allows us to know, given a range of ports, which ports can be accessed from inside the server. We use a server that has the 65k open ports (open.zorinaq.com), and determine what ports we can access and what ports we cannot.

Screenshot:

Download:

Pastebin: http://pastebin.com/C2kkKk9J
Mediafire: http://www.mediafire.com/?s33tuy08tto8vps

Rainer v0.1 [Simple Buffer Overflow Tool]

Buenas gente, en esta ocasión les traigo un muy sencillo script escrito en Perl, sirve básicamente para testear buffer overflows pasados por argumento, seteando la shellcode, la dirección de retorno, y la cantidad de NOP's a utilizar. Útil para la gente que esta comenzando en el mundo del exploiting (me incluyo).


Screenshot:

Código del ejemplo (ExploitMe.c - Thanks Vivek):

http://paste2.org/p/1481203

Código del script (rainer.pl):

http://www.paste2.org/p/1481196