PenTBox is an open source security suite that houses many security and stability testing oriented tools for networks and systems. It is written in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS, and every other system where Ruby works (Ruby executable file is provided inside the application).
It contains the following tools:
- Cryptography Tools
- Base64 Encoder & Decoder - It allows you to encode or decode Base64 strings.
- Multi-Digest - This tool can convert a text to MD5, SHA1, SHA256, SHA384, SHA512, and RIPEMD-160 strings.
- Hash Password Cracker - This tool allows you to crack MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160 hashes. It offers 3 different cracking methods: Numbers Bruteforce, Dictionary attack, and Dictionary-Bruteforce hybrid attack.
- Secure Password Generator - It can create highly secure complex passwords from a word or a short phrase.
- Network Tools
- Net DoS Tester - It allows you to perform DoS (Denial of Service) attacks. This tool supports Spoofed SYN Flood Native, Spoofed SYN Flood hping3, and TCP Flood attacks. It also offers the following exploits for DoS:
- [other/http] 3Com SuperStack Switch DoS
- [other/http] 3Com OfficeConnect Routers DoS
- [windows/ftp] Windows 7 IIS7.5 FTPSVC UNAUTH'D DoS
- [windows/ftp] Solar FTP Server 2.1 DoS
- [windows/pptp] MS02-063 PPTP Malformed Control Data Kernel DoS
- [windows/smb] Windows Vista/7 SMB2.0 Negotiate Protocol Request DoS BSOD.
- TCP Port Scanner - It is a simple scanner that you can use to discover open ports.
- Honeypot - It allows you to create a Honeypot. If you don't know what a Honeypot is, let me tell you, "Honeypot is a mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked. This is similar to the police baiting a criminal, conducting undercover surveillance, and finally punishing the criminal. -- Wikipedia." Remember: In order to create a Honeypot, you must run the PentBox with root privileges.
- Fuzzer - This tool allows you to test an application for buffer overflows.
- DNS and Host Gathering - It allows you to find host and DNS information.
- MAC Address Geolocation - It allows you to find *accurate* GPS coordinates of a user sitting behind a web browser via router XSS.
- Web
- HTTP directory Bruteforce - This program allows you to discover and bruteforce directories that exist in web servers.
- HTTP common files Bruteforce - This program Allows you to discover and bruteforce common files that exist in web servers.
PenTBox - An Open Source Security Suite 2018
Reviewed by AC10 Tech
on
Tuesday, April 24, 2018
Rating:
No comments: