Friday, November 26, 2010

Pentbox - cool ruby tool for pentesting

Pentbox is a Security Tool Suite that packs security and stability testing oriented tools for networks and systems. It is programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works. It is free, licensed under GNU/GPLv3. It can be used for port scanning, hash password cracker, implementing dos attack. 
These are the tools covered in Pentbox:-

- Cryptography tools
Base64 Encoder & Decoder
Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
Secure Password Generator

- Network tools
Net DoS Tester
TCP port scanner
Honeypot
Fuzzer
DNS and host gathering
- Extra
L33t Sp3@k Converter


Salient features of Version 1.4 [excerpts from developers site]
—————
- Code adapted to work with ruby1.9.x and jruby (more performance, native threads …).
- Optimized TCP port scanner, and ping check before scan.
- Optimized hash_cracker.rb
- Renewed interface with colors (only unix-like) and improvements.
- Included RIPEMD-160 to Hash Password Cracker and Multi-Digest.
- Added native mode in SYN DoS that uses Raw Sockets.
- Added a new mode in the fuzzer -> HTTP headers client fuzzing.
- Added protected mode -> Only root can use DoS tools, excellent for installations in servers.
- Added a simple configuration in pentbox.rb for interface colors and protected mode.
- Unified syn_dos.rb and tcp_dos.rb in one, net_dos.rb
- Included pentbox-wlist.txt, that can be used with hash_cracker.rb
- New libraries bit-struct, net/dns.rb and racket.
- dns_search.rb included -> DNS and host gathering with NS, MX, SHODAN, A bruteforce and PTR IP range.
- tcp_dos_auto.rb excluded – To prevent from evil script-kiddies.
- fileencr.rb excluded – Crypto libraries was difficult to adapt, and the module was very slow. You can use openssl that is so much better and faster.
- sec_im.rb excluded – It wasn’t used and not pentesting related.
————

You can download the new version from the download area.
Reference: http://www.pentbox.net/
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)